Xalgorithms Foundation and its directors, officers, members, agents, contractors, interns, suppliers and employees are committed to maintaining the accuracy, confidentiality, and security of your personally identifiable information (“Personal Information”) as this is defined in Canada’s Privacy Act, according to the “fair information principles” included in the Personal Information Protection and Electronic Documents Act (PIPEDA), which is Canada’s private-sector privacy law. All other Parties are expected to abide by equivalent principles according to their respective jurisdictional and cultural contexts.
Principle 1 – Accountability: An organization is responsible for personal information under its control and shall designate an individual or individuals who are accountable for the organization’s compliance with the following principles.
Principle 2 – Identifying Purposes: The purposes for which personal information is collected shall be identified by the organization at or before the time the information is collected.
Xalgorithms Foundation collects, uses and discloses Structured Personal Information to the extent required to receive payment for memberships, to manage membership demographics and profiles, and to cultivate participation in its events and free/libre/open source software development projects. The purposes for collecting Personal Information are either explicit when collected, or directly implied such as when name, email and payment information are required as part of paying for membership registration.
By default, all discussions in any media between Xalgorithms Foundation and other Parties are considered public in character, even when not actively opened or shared with others. Discussions taking place in any media between Xalgorithms Foundation and other Parties can be considered restricted only in the context of non-disclosure clauses or agreements. Therefore if Unstructured Personal Information is provided to Xalgorithms Foundation through discussions in any media rather than through structured data collection, while Xalgorithms Foundation intends to be tactful, it is entirely the originating discussant’s responsibility to communicate any restrictions on the appropriate uses of the information they provide.
Principle 3 – Consent: The knowledge and consent of the individual are required for the collection, use, or disclosure of personal information, except where inappropriate.
Xalgorithms Foundation requires Structured Personal Information to receive payment for memberships as required and permitted by law, and to manage membership demographics and profiles, such as a member’s preference to opt out of participation in events and free/libre/open source software development projects. Knowledge and consent are required for the collection, use or disclosure of Structured Personal Information except where required or permitted by law. A member’s decision not to provide certain Structured Personal Information may constrain Xalgorithms Foundation’s ability to know and therefore to abide by that member’s preferences.
Principle 4 – Limiting Collection: The collection of personal information shall be limited to that which is necessary for the purposes identified by the organization. Information shall be collected by fair and lawful means.
Xalgorithms Foundation collection, use and disclosure of Structured Personal Information is limited to that which helps to optimize the creation of functional free/libre/open source components for an Internet of Rules, involving the Xalgorithms Federated Registry (like DNS for rules) and Lichen (like a browser for rules) in support of very diverse use cases, and the effective and efficient functioning of its global membership community. Structured Personal Information is collected via Xalgorithms Foundation’s electronic media and/or services.
Principle 5 – Limiting Use, Disclosure, and Retention: Personal information shall not be used or disclosed for purposes other than those for which it was collected, except with the consent of the individual or as required by law. Personal information shall be retained only as long as necessary for the fulfillment of those purposes.
Xalgorithms Foundation restricts its usage and disclosure of Structured Personal Information to the purposes for which it was collected, as well as for any other purposes that the providers have explicitly consented to, in addition to meeting legal requirements. Structured Personal Information will be retained to support financial and performance audits, and to manage membership demographics and profiles, and to cultivate participation in events and free/libre/open source software development. Structured Personal Information about each member shall be retained for seven years after expiry or termination of the membership. Unstructured Personal Information acquired through discussions on Xalgorithms media and services may be retained for between two and seven years.
Principle 6 – Accuracy: Personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
Xalgorithms Foundation maintains Structured Personal Information in conformance with ISO 19845 Standard for business objects and their associated semantics expressed as reusable data components. It takes internal steps and also provides occasional gentle reminders to members to ensure their data is accurate, complete and current so that it can fulfill the purposes for which it is to be used.
Principle 7 – Safeguards: Personal information shall be protected by security safeguards appropriate to the sensitivity of the information.
Information technology security refers to a system’s degree of assurance, integrity (i.e. free from tampering), privacy, confidentiality, auditability, reliability (i.e. free from ‘bugs’ in code, design and architecture), trustworthiness, authorization controls and availability, data/metadata ownership/access/holding/persistence, as well as the efficiency and effectiveness of the system supplier’s issue response methodology and performance. Xalgorithms Foundation employs information technology security measures for Structured Personal Information that are equivalent to or better than employed by Canadian government agencies such as Canada Revenue Agency.
An “HTTP cookie” is a small amount of structure data sent from a website and stored in a user’s web browser while the user is accessing the website. These are used to improve a website’s functionality and in some cases, to provide visitors with customized online experiences. Most web browsers are configured initially to accept HTTP cookies automatically, but you may change your browser settings to prevent it from accepting cookies or to notify you when you receive a cookie so that you may decline its acceptance.
Principle 8 – Openness: An organization shall make readily available to individuals specific information about its policies and practices relating to the management of personal information.
Xalgorithms Foundation’s policies and practices for the managmenet of Structured Personal Information are public documents, readily available via its electronic media and/or services
Principle 9 – Individual Access: Upon request, an individual shall be informed of the existence, use, and disclosure of his or her personal information and shall be given access to that information. An individual shall be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
Xalgorithms Foundation commits to respond promptly to requests for both Structured and Unstructure Personal Information. Upon validation that a requester’s identity is the same as the person who is the subject of the information, they will be provided access to it, to verify its accuracy and completeness, and to request that it be amended. Amendments will be implemented if appropriate. However access shall be limited when a person’s Structured or Unstructure Personal Information directly includes the Personal Information of others, or includes Confidential Information subject to other legal, security or contractual restrictions.
Principle 10 – Challenging Compliance: An individual shall be able to address a challenge concerning compliance with the above principles to the designated individual or individuals accountable for the organization’s compliance.