The website platform www.clsa-elcv.ca is managed by The Canadian Longitudinal Study on Aging (CLSA), of which the National Coordinating Centre is based at McMaster University. McMaster University is the custodian of all data collected for the CLSA .

  • For the CLSA Privacy Policy: Section for research participants, click here.
  • For the CLSA Privacy Policy: Section for users of the website and other CLSA online platforms, continue reading below.

Purpose

The overall goal of the CLSA Privacy Policy is to provide transparency and accountability concerning the practices of how the CLSA manages and protects personal information.

The specific objectives of this section of the Privacy Policy are to inform users of the CLSA website and other CLSA online platforms (hereafter referred to collectively as “users”) of the following:

  1. What and how personal information from users is collected;
  2. How and for what purposes this collected information is used;
  3. Who has access to this information;
  4. How this information is stored and kept secure; and,
  5. What resources are available for users to know their relevant rights and to get assistance if they have questions or concerns.

This Privacy Policy applies in addition to the terms and conditions of the CLSA website.

The CLSA recognizes the compliance requirements under Law 25, as it pertains to participants and users who reside in the Province of Quebec.

Consent

By using the CLSA website and other CLSA online platforms, users agree that they consent to:

  1. The conditions set out in the CLSA Privacy Policy; and
  2. The collection, use, disclosure, and retention of the information listed in the CLSA Privacy Policy: Section for users of the website and other online platforms.

1. What and how personal as well as other kinds of information are collected by the CLSA

A.   Website

The types of personal information collected based on users accessing, navigating, or otherwise making use of the CLSA website can include:

  • Internet provider (IP) address;
  • Type of device used to access the website;
  • Traffic to the website (i.e., how users are referred to the website);
  • Web browser type (e.g., Edge, Chrome, Firefox, etc.) and language of the browser;
  • Number of individual users, sessions, and events (e.g., an event could be viewing a page, downloading a PDF, or clicking a link);
  • Duration of website visit;
  • Most viewed pages; and,
  • Search terms used.
How is this information collected automatically through the website? —Explaining cookies

A cookie is a small file from a website, downloaded onto and stored on a user’s computer or other device. Cookies are used to track, personalize, and gather the kinds of information listed above about users and how they use the website.

When users visit the CLSA website for the first time or any time after they have cleared their browser’s cache, they will be presented with a pop-up menu giving them several options to choose from regarding how they do or do not want cookies to be used. Users can choose to disable cookies entirely in their internet browser, but this may decrease the quality of the user’s experience of the website. This is because cookies can personalize how the website’s content is presented to the user based on their past patterns of using the site. For example, cookies allow the website to retain user preferences for text size, and language (French or English).

Third-party cookies are created by a website other than the CLSA website. The CLSA may use third-party cookies or information collected by and obtained from third parties or their cookies (e.g., Google Analytics, YouTube).

B.   Social media

The CLSA uses social media as an extension of its website presence. These accounts are public and not hosted (stored) on the CLSA servers. If users choose to interact with the CLSA on social media platforms (e.g., X (formerly known as Twitter), Facebook, LinkedIn, Instagram, YouTube, etc.), it is important to recognize that the information they share may be available publicly and can be read by people outside of the CLSA.

The types of information tracked on the CLSA’s social media profiles can include:

  • Number of CLSA followers, viewers, or subscribers;
  • The posts that users found most engaging;
  • Top viewed videos; and,
  • Top links that have received the most clicks.
C.   Email

If email users have consented to receive emails from the CLSA, the types of information collected about these CLSA communications can include:

  • Number of times an email user opened a message;
  • Links that were clicked and opened by an email user;
  • If the email user unsubscribed from the mailing list; and,
  • IP address to determine locations with the most opened messages (by city and country).
How is this information based on users’ use of the CLSA website, social media, or email platforms collected and reported? —Explaining aggregate data

Various tracking functions are built into the CLSA website, social media, and email platforms. Personal as well as various kinds of technical data are collected from users as they interact with these platforms. The CLSA then uses web analytics tools to process the collected data to profile in an aggregate form who is using these platforms and how they are making use of them. More specifically, aggregate data are generated from inputs gathered from individuals that are then averaged by geographic area, time frame, or other variables. Importantly, aggregate data are expressed in summary form, and never at a personal level.

D.   Web forms

Most of the information collected in the above is done automatically but occasionally web users may be asked to fill out a form and submit information to the CLSA. For example:

  • Zoom and Eventbrite are web-based platforms used to host CLSA events. The registration process on these platforms requires participants to provide some personal information, including their name, email address, country, and city of residence. For those who do not wish to give this information, they still have the option to watch the session once it is recorded, in which case registration is not required.
  • Webinar and Event feedback surveys are sent to users following CLSA events. These surveys are always optional, and the responses are collected anonymously, meaning that IP and email addresses are not tracked.
How is user information sent to the CLSA by email and web form submissions processed?

Personal information submitted to the CLSA is also protected according to the CLSA organization’s privacy protocols. If email users choose to send the CLSA an email, or web users complete an online form on the CLSA website, the CLSA may use the personal information received to respond to these persons.

Normally, for web forms, any submission would result in an email being automatically generated and sent to the relevant CLSA team member. As soon as the email is sent, the information is deleted automatically from the website server. The CLSA keeps a record of these communications for administrative purposes on its administrative servers, which are protected by the same security procedures used for its research data.

Users should know that they may always choose to decline to submit this information through the web portal or via email and are welcome, instead, to telephone the CLSA and speak directly with a CLSA representative.

E. Video and audio recordings of CLSA webinars and public events, etc

Whenever online events or sessions are recorded by the CLSA, a notice of recording is posted at the start of the event or at the point when the user logs onto the session. Participants are informed of this and it is explained that the session will be posted publicly afterwards.

2. How and for what purposes this collected personal information is used

Personal information about users, collected through the CLSA website or its other online platforms will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of the CLSA website.

The data collected automatically, which then is summarized in aggregate form (see above), are used for the following purposes:

  • To evaluate the effectiveness of the CLSA website design, communication strategies, and campaigns;
  • To provide granting agencies and other funders with information on the reach and utility of the CLSA website and web presence; and,
  • To demonstrate the impact of the CLSA to stakeholders such as the general public, researchers, healthcare professionals, and policy- and decision-makers.

3. Who has access to this collected personal information from users

The personal information from users is disclosed only to those working for or on behalf of the CLSA who reasonably need access to user information to achieve the purposes set out in this Privacy Policy. Summary reports are generated for CLSA leadership, granting agencies, and funding organizations using aggregate data, which does not include any individual or identifying information.

Note that the CLSA is a publicly funded research platform. As such it is reasonable to expect that reports and recordings can be made publicly accessible, for example, by posting them to the CLSA website.

Other Disclosures

The CLSA will not share personal information with other third parties, except in the following cases:

  • If the law requires it.
  • If it is required for any legal proceeding.
  • To prove or protect the CLSA’s legal rights.

Occasionally the CLSA will contract third parties for services required, which can include using, storing, and processing data on behalf of the CLSA. As such, the CLSA may disclose certain personal data to these third parties to perform these services. Before the disclosure of any personal data to these third parties, the CLSA will ensure these companies have appropriate security standards in place to be sure that the personal data is protected as imposed by a binding, written contract. Examples of these third-party service providers could include website developers, sub-contracted IT systems maintenance, data storage and backup service providers, and web-hosting/server providers.

4. How this collected personal information from users is stored and kept secure

The CLSA is committed to protecting the security of all the information that it obtains either automatically (e.g., see cookies procedures outlined above) or non-automatically (e.g., user submission of web forms) from those who provide it to the CLSA. Some of the information obtained directly from users is stored on the CLSA servers and is protected under the strict protocols of McMaster University’s privacy policies which conform to the requirements set by the Freedom of Information and Protection of Privacy Act (FIPPA). Other information about users may be obtained from third parties (e.g., Google, Mailchimp, Eventbrite) and is stored on these third-party providers’ servers. Privacy protections in these instances would follow the policies of the host company, not the CLSA.

While the CLSA takes all reasonable precautions to ensure that users’ personal information is secure and that users are protected, there always remains the risk of harm. The Internet can be insecure at times and therefore the CLSA is unable to guarantee the security of users’ personal information beyond what is reasonably practical.

In the event of a privacy breach, the CLSA follows the Privacy Breach Protocol of McMaster University.

5. What resources are available for users to know their relevant rights and to get assistance if they have questions or concerns

The CLSA supports your rights of access to, and correction of, any personal information in its custody and/or control. If you have any concerns regarding what personal information is being collected, how your personal information may be used, if and to whom the CLSA may have disclosed your personal information, and what your rights to privacy include as a user of the CLSA website or other CLSA online platforms, please contact info@clsa-elcv.ca. You can also learn more about your privacy rights by consulting the Information and Privacy Commissioner of Ontario.

Disclaimers

If you follow hyperlinks from the CLSA website or a CLSA email to another website, please note that the CLSA is not responsible for and has no control over other websites’ privacy policies and practices.

At times, the CLSA website may include links to not just third-party websites, but also plug-ins and applications. Note that clicking on those links or enabling those connections may allow these third parties to collect and share personal data from the user. Again, the CLSA does not have control over third-party websites, plug-ins or applications, nor is it responsible for the privacy policies of these third parties.

The CLSA encourages users to read the privacy policy statements of every website they interact with.

Modifications

This CLSA Privacy Policy may be amended from time to time to maintain compliance with the law and to reflect any changes to the CLSA information collection process. When the CLSA amends this Section it will update the “Effective Date” at the bottom of this document. The CLSA recommends that users periodically review this policy statement to ensure that they are made aware of any updates.

Contact Information

If you have any questions, concerns, or complaints, you can contact the CLSA by telephone at 1-866-999-8303 or by email at info@clsa-elcv.ca.

To learn about privacy management at McMaster University, click here.

Effective date: September 1, 2024.