Personal information should not be confused with financial or society records. For more information about recordkeeping, review our recordkeeping modules.

Valid reasons are related to the operation of your non-profit. These reasons include: communicating with members, sending newsletters and invitations, service phone calls and emails, audit purposes, soliciting donations, and issuing tax receipts.

Invalid reasons are those that are not related to the operation of your non-profit. These reasons might include using the information for personal gain such as selling products to members.

Your non-profit should not collect information to use for invalid reasons. 

A non-profit’s purpose or mission is the reason it exists. This purpose or mission can be found in the non-profit’s constitution.

Training means teaching people about the rules. From a privacy perspective, training means ensuring people are aware and understand their obligations under the policy.

Disclosed means making personal information available to another person or organization. Non-profits should only disclose personal information for the purpose it was collected or for a purpose reasonably related to the primary purpose. Non-profits should always consider the purpose prior to disclosing personal information.

Purpose means the reason(s) for collecting personal information and how it might be used. Non-profits should only use personal information for the reasons they collected it.