Language selection

Search

PIPEDA Fair Information Principle 2 – Identifying Purposes

Your responsibilities

  • Identify and document your purposes for collecting personal information. This will help you determine which specific personal information to collect to fulfill those purposes.
  • Tell your customers why your organization needs their personal information before or at the time of collection. Depending on how the information is collected, this can be done orally or in writing.
  • Obtain their consent again should you identify a new purpose.

How to fulfill these responsibilities

  • Review your personal information holdings to ensure they are all required for a specific purpose.
  • When requesting personal information from a customer, explain these purposes to them, either verbally or in writing.
  • Keep a record of all identified purposes and consents you have obtained.
  • Ensure that the purposes are limited to what a reasonable person would consider appropriate under the circumstances.

Tips

  • Define your purposes for collecting personal information as clearly and narrowly as possible so people understand how their information will be used or disclosed Examples of specific purposes include:
    • opening an account;
    • verifying an individual’s creditworthiness;
    • providing benefits to employees;
    • processing a magazine subscription;
    • sending out association membership information;
    • guaranteeing a travel reservation;
    • identifying customer preferences; and
    • establishing customer eligibility for special offers or discounts.
  • Avoid overly broad purposes
Date modified: