OCPSA Respects Your Right to Privacy and Data Security

This document is a condensed privacy and security policy related to e-commerce processes to ensure that personal information provided to OCPSA by donors is kept safe and secure throughout the transaction process and otherwise while in our custody or under our control. For OCPSA’s full Privacy Policy, please visit the Administration and Governance section of OCPSA’s website.

Your privacy and security are important to us. OCPSA respects your right to privacy and is committed to protecting and safeguarding the personal information provided to us by our donors in compliance with the Personal Information Protection and Electronic Documents Act (Canada) (PIPEDA). We use the information collected through our website or mobile site at www.ocpsa.com to: a) facilitate the collection and processing of donations, b) to provide income tax receipts, and c) to communicate relevant news and updates.

OCPSA does not trade, license, rent or sell your personal information in any manner. However, by making a donation or requesting information on our website or mobile site, you are giving OCPSA permission to collect some of your personal information and to contact you by way of the information provided for the purposes outlined in this E-Commerce Privacy Policy. This Policy explains what information we collect and why we collect it, how we use that information, how the confidentiality of this information is protected, and how you can find out what personal information is recorded.

General Privacy and Security Practices

OCPSA observes the following privacy and security practices:

  • OCPSA collects information only for specified purposes.
  • We only require that you provide the necessary amount of personal information to provide any service, as required by law or by the Canada Revenue Agency (CRA).
  • We may ask you for more information about yourself to help us provide you with more personalized information and services, but in such cases, you are not obligated to provide such information.
  • Personal information gathered by OCPSA is held in the strictest confidence and is protected by industry standard best practices.

What is personal information?

Personal information is data that can be used to uniquely recognize, identify or contact a specific individual, whether it concerns an email address, where an individual lives, or which interests, causes and organizations he or she supports. Personal information does not include most business contact information such as the name, title, business address, or business telephone or fax number or business email address of an employee of an organization, and certain publicly available information.

What information do we collect?

Personal information we collect may include your name, phone number, mailing address, e-mail address and payment information, such as credit card number and expiration date. When you submit donation payment information to us via our website or mobile site, you consent to providing your donation payment information to us and to our service provider processing the donation. OCPSA uses Canada’s leading processor of debit and credit card transactions: Moneris Solutions (a joint venture of RBC and BMO Bank of Montreal).

When OCPSA collects payment information from you, it is transmitted automatically to Moneris Solutions for processing. Moneris Solutions is contractually and legally bound to protect your personal information. For detailed information on their data security standards and compliance, please click here: https://www.moneris.com/en/Privacy-Policy. OCPSA does not store payment information (i.e. debit account number, credit card number or expiry date) within OCPSA electronically or otherwise.


OCPSA uses Secure Socket Layer (SSL) and Transport Layer Security (TLS) technology to ensure the safety and security of online donations. SSL is the industry standard tool for protecting and maintaining the security of transmissions over the internet. TLS technology enables 128 bit encryption (scrambling) of sensitive information, including passwords and credit card numbers, during your online transactions. OCPSA also has thorough security standards to protect our systems and personal information against unauthorized access and use. This includes the security protections required by Payment Card Industry (PCI) compliance as well as specific procedures to keep donation information secure, private and in Canada.

Links to Third Party Sites

OCPSA’s website or mobile site may offer links to other third party websites. You should be aware that operators of linked websites may collect your personal information (including information generated through the use of cookies) when you link to their websites. OCPSA is not responsible for the privacy practices of such third parties. We encourage our users to be aware when they leave OCPSA’s site and to read the privacy statements of each website that collects, uses or discloses your personally identifiable information. This E-Commerce Privacy Policy applies solely to information collected by OCPSA.

Cookie-based Information:

As is the case with most websites, when a viewer accesses OCPSA’s website or mobile site, a small text file called a “cookie” is sent from our web server to their web browser and is stored on their computer. However, cookies expire when the browser window is closed so there is no need to worry about files being stored and/or tracked on the user’s computer. Furthermore, cookies are not linked to any personally identifiable information.

Cookies are strictly used to perform the function that the user intended, such as remaining on donation web pages while processing the donation transaction in its entirety in a secure fashion. These “cookie sessions” allow OCPSA to properly verify a donor’s identity as they move from one donation page to the next. Some browsers can be set to reject all cookies. If you choose to modify your browser in this manner, some pages may not function properly.

Canada’s Anti Spam Legislation (CASL)

Where CASL applies to OCPSA’s communications with donors and/or other users of OCPSA’s website or mobile site, OCPSA is committed to complying with CASL and in particular the provisions setting out the requirements for sending commercial electronic messages.