Privacy Policy Resources, Template Generators, and PIPEDA

Did you know that, as a business, you may be required to abide by both provincial and federal privacy laws? Many provinces, such as Alberta, British Columbia, and Quebec have already introduced their own legislation for the collection, use, and disclosure of personal information that occurs while doing business in those provinces. For the rest of us, the Personal Information Protection and Electronic Documents Act (PIPEDA), probably applies.

PIPEDA applies to private-sector organizations across Canada that collect, use, or disclose personal information in the course of doing business. This information might include personally identifiable information (PII), such as names, telephone numbers, ethnicity, blood type, employee records, loan records, and even opinions, evaluations, and comments.

Is a Privacy Policy Important?

A privacy policy is a very important document if your website interacts with its visitors in any way shape or form. This includes not just contact forms, but also more indirect forms of interaction such as website analytics tracking.

As mentioned, a privacy policy is a simple document that is available on your website that outlines your organisation’s policies and procedures as they relate to the collection, use, storage and disclosure of personal information. A privacy policy is intended to advise the users of your website of the steps that your organisation takes in order to meet provincial or federal privacy regulations and outlines several key principles:

Although PIPEDA doesn’t include many details on what it considers, “against policy”, the Office of the Privacy Commissioner of Canada (OPC) has outlined several examples of what would be considered generally innappropriate.

  • Collecting, using or disclosing personal information in ways that are otherwise unlawful;
  • Profiling or categorizing individuals in a way that leads to unfair, unethical or discriminatory treatment contrary to human rights law;
  • Collecting, using or disclosing personal information for purposes that are known or likely to cause significant harm to the individual;
  • Publishing personal information with the intent of charging people for its removal;
  • Requiring passwords to social media accounts for the purpose of employee screening; and
  • Conducting surveillance on an individual using their own device’s audio or video functions.


PIPEDA Resources

The OPC website is probably the single best resource as it relates to PIPEDA. We’ve included some of the more relevant links here.

Privacy Policy Generators

Without further ado, let’s take a look at how we can quickly and easily get a privacy policy setup for your website.

These tools were designed to take basic inputs and generate a complete privacy policy for your website. I’ve only include links to tools that offer a free tier or are completely free.