Hands typing on laptop.

Your privacy rights

The University of Ottawa collects, uses, and discloses personal information in accordance with Ontario’s Freedom of Information and Protection of Privacy Act (FIPPA).

About your privacy rights at uOttawa

The University of Ottawa must protect all personal information it holds. You have the right to the following:

  • Your personal information will only be collected for legitimate, limited, and specific purposes.
  • The collection of your personal information will be limited to only what is necessary for the specified purpose.
  • Your personal information will only be used and disclosed for specified purposes.

If you know or suspect that a privacy breach has occurred, you must immediately contact the Chief Privacy Officer. A privacy breach can occur:

  • When personal information is incorrectly disposed of, such as when a mobile device is lost or stolen.
  • When personal information is inadvertently disclosed, such as when an email containing personal information is sent to the wrong address.

To learn more about the University’s privacy breach response protocol, see the University’s Procedure 20-8 – Privacy Breach Response Protocol.

To learn more about how the University uses personal information, see the University’s Notice of Collection.

Tabaret Hall

Website privacy statement

The University of Ottawa is committed to maintaining and protecting the integrity of personal and confidential information.
To learn more about the University’s standard for website visitor data, see the University’s Website Privacy Statement.
Read the university’s website privacy statement

Your right to make a privacy complaint

How to file a privacy complaint

Step 1

Complete the Privacy Complaint Form or write a letter that clearly outlines the following:

  • The nature and extent of the circumstances of your complaint;
  • The faculty, administrative office, or service in which the problem occurred;
  • The name(s) of person(s) involved;
  • The date or time period when the alleged violation occurred;
  • What you wish the resolution of the complaint to be.

Step 2

If you are being represented by a third party, complete our Authorization for Representation Form.

Step 3

Send the Privacy Complaint Form and Authorization for Representation Form (if applicable) to the Chief Privacy Officer

What happens after you file a privacy complaint

Privacy complaints are handled in a confidential manner that is respectful to both the complainant and the respondent. The University makes every reasonable effort to maintain the confidentiality of the complaint and limits disclosure of information about individuals to those within the University who need to know for the purposes of, or purposes consistent with, addressing the situation, investigating, or taking corrective action.

Depending on the nature, circumstances and complexity of the complaint, the steps and time taken to process the privacy complaint may vary. However, they include the following:

Step 1

The Chief Privacy Officer (CPO) sends you an acknowledgment of receipt of the complaint.

Step 2

The CPO may contact you to clarify the complaint or gather additional information.

Step 3

The CPO contacts the faculty, administrative office, or service and the person(s) identified in the complaint or who may have knowledge of the circumstances.

Step 4

The CPO consults other appropriate authorities within the University (for example, Legal Counsel, Protection Services, Information Technology, Office of the Chief Risk Officer, Office Communications and Government Relations).

Step 5

The CPO contacts you to review the matter and informs you of any steps taken to address the complaint and resolve any outstanding concerns.

Step 6

The CPO follows up with the faculty, administrative office or service and the person(s) involved to ensure that a plan is in place to implement corrective or remedial measures, if any.

To learn more about how the University responds to a privacy complaint, see the University’s Procedure 20-7 – Handling Privacy Complaints.

Your right to access your personal information

In most circumstances, you have a right to see any personal information about you that is held by the University. To learn more about the process for requesting your personal information, see our access rights webpage.

Before filling out the Access Request Form, check the personal information banks to see what types of information the University holds. 

Your right to correct your personal information

Under FIPPA, any individual who gains access to their personal information through the access request process has the right to request a correction of this information. There are three factors to be considered when processing a correction request:

  • The information must be personal information.
  • The information must be inaccurate, incomplete, or ambiguous.
  • The information must not be opinion material provided by another individual.

Opinion material provided by someone other than the individual requesting the correction is not usually subject to correction. Such material can only be changed when it can be shown that it was inaccurately recorded.

Wood drawers with gold label plates.

Retention of your personal information

The University may no longer have a copy of the personal information you are seeking because it may have been disposed of in accordance with the University’s records and retention schedule.
To learn more about the University’s retention policy, see the University’s Record Classification and Retention Schedule.
Learn more about the University’s Record Classification and Retention Schedule