Members in Canada? Know the latest Compliance Guidelines

PIPEDA compliance

Consent is the bedrock of any relationship and applies to all form of communication. In Canada, meaningful consent collection is managed under the regulation of Personal Information Protection and Electronic Documents Act (PIPEDA).

Many restaurants that operate digitally will be familiar with the obligations under the Canadian Anti-Spam Legislation (CASL), the law that regulates all forms of digital communication.  However, if you have locations in Canada, paying attention to the regulations just became more important. On December 21st, the office of the Privacy Commissioner or Canada announced that it will begin applying more robust guidelines for obtaining meaningful consent for collecting, using and sharing personal information effective January 1st 2019.

What are Your Obligations?

Under the new PIPEDA guidelines, businesses are obliged to clearly explain why they are asking for personal information, how they’re going to use it, who they will be sharing it with, and any potential harms that may arise from sharing their information, among other things.  So in communicating with eclub members in Canada, restaurants will need to follow this protocol. The new guidelines clarify requirements for obtaining meaningful consent under PIPEDA by setting out more specific expectations on how the law should be interpreted and applied.

As we have seen with other global (GDPR etc.) privacy requirements, there is a clear direction within the compliance world to be as transparent as you can with the personal information of your members and the impact those transactions have with their overall experience with your brand.

Your brand’s legal counsel will be able to provide unique guidance as it pertains to your restaurant, eclub and other interactions, but as always, Fishbowl continues to be committed to following all compliance guidelines and guiding its clients towards optimum compliance.

This blog was written by Dave Fowler, Fishbowl’s VP of Strategic Services & Data Protection Officer