At Tofino Co-op, we are committed to providing our retail members, customers, and employees with exceptional service.  As providing this service involves the collection, use and disclosure of some personal information about our members, customers and employees, protecting their personal information is one of our highest priorities.

We will inform our members, customers, and employees of why and how we collect, use and disclose their personal information, obtain their consent where required, and only handle their personal information in a manner that a reasonable person would consider appropriate in the circumstances.

This Privacy Policy, in compliance with PIPA, outlines the principles and practices we will follow in protecting members’, customers’, and employees’ personal information.  Our privacy commitment includes ensuring the accuracy, confidentiality, and security of our members’, customers’, employees’ personal information and allowing our members’, customers’, employees to request access to, and correction of, their personal information


Privacy – The freedom from intrusion into and exposure from personal affairs.

Personal Information – means information about an identifiable individual

  • name, address, telephone number
  • date of birth, social insurance number, financial status
  • race, national or ethnic origin, colour, or religious or political beliefs or associations
  • age, sex, marital status or family status
  • an identifying number such as member number, employee number, or student number
  • fingerprints, blood type, photograph
  • health information
  • educational, financial, criminal or employment status or history
  • personal views or opinions
  • job evaluation

Summary of Principals

Principle 1 – Accountability

Co-op is responsible for personal information under its control and has designated a person who has overall accountability for compliance with the following principles. However, each employee of Co-op is responsible for following Co-op Privacy Code and assisting Co-op in complying with applicable laws.

Principle 2 – Identifying Purposes for Collection of Personal Information

Co-op identifies the purposes for which personal information is collected at or before the time the information is collected. Co-op employees who collect personal information on behalf of Co-op must be prepared to explain the purposes for collection.

Principle 3 – Obtaining Consent for Collection, Use or Disclosure of Personal Information

Meaningful, express consent (or, where reasonable, meaningful implied consent) of a customer or employee is required for the collection, use or disclosure of personal information, unless a legal exception applies.

Principle 4 – Limiting Collection of Personal Information

Personal information is collected only if it is necessary to achieve the purposes identified to the individual.

Principle 5 – Limiting Use, Disclosure and Retention of Personal Information

The fact that Co-op has personal information of a customer does not mean that the personal information can be used for any purpose, disclosed for any purpose or retained indefinitely. When employees use personal information, they should consider whether the use was one that was identified to the person from whom the information was collected. Personal information should not be disclosed without consent unless required by law. Personal information should not be retained for longer than is necessary to fulfill the purpose and to comply with regulatory requirements or to protect Co-op’s legal rights.

Principle 6 – Accuracy of Personal Information

Co-op employees should take care to keep personal information that they are responsible for maintaining as accurate, complete and up-to-date as is necessary for the purposes for which it is to be used.

Principle 7 – Security Safeguards

Co-op uses administrative procedures, technical controls and physical security safeguards to protect personal information. Co-op employees must never circumvent or attempt to circumvent these safeguards. If a Co-op employee believes that there is a security breach or the safeguards are not being complied with, that employee must report the issue to his or her supervisor or, if necessary, to the General Manager.

Principle 8 – Openness Concerning Policies and Practices

The Co-op makes available to customers and employees specific information about its policies and practices relating to the management of personal information.

Principle 9 – Customer and Employee Access to Personal Information

Upon request, Co-op will inform a customer or employee of the existence, use and disclosure of his or her personal information and shall give the individual access to that information. A Co-op customer or employee shall be able to challenge the accuracy and completeness of the information and to have it amended as appropriate.

Principle 10 – Challenging Compliance

Co-op employees should be able to direct any person who wishes to challenge Co-op’s compliance with this Privacy Policy to the General Manager.

Mike Tomilin, General Manager
Business: 250-725-3226
Cell: 250-266-1587


BC Personal Information Protection Act

Personal Information Protection and Electronic Documents Act

Privacy Breach Checklist