Confidentiality and Protection of Personal Information
The Industrial Alliance Group is composed of Industrial Alliance Insurance and Financial Services Inc. and its subsidiaries (“we/us”). Together, we are committed to protecting our clients’, employees’ and representatives’ (“you/your”) privacy, and to ensuring the confidentiality of the personal information provided to us in the course of our business.
1. Personal Information
Personal Information is any information about an individual that identifies him or her, such as financial, lifestyle or health information, but not their name, title or business address, telephone or email.
Personal information has to be protected regardless of its characteristics or its form, whether written, graphic, audio, visual, computerized or any other form.
2. Purpose of Information Collection
Collecting information about you is necessary in order for us to provide you with high quality services. The nature and sensitivity of the information we collect about you varies according to the services we provide you and to legal requirements imposed on us (such as your social insurance number, where investment income is generated by a chosen product).
The purposes for which we collect personal information about you are identified at or before the time of collection. For example, information may be collected while submitting an application, opening an account, or submitting a claim.
Purposes for collecting information generally include providing products or services requested, confirming your identity, protecting against fraud, or dealing with matters concerning the relationship between us.
Any questions and concerns you may have regarding the purposes for collecting information may be directed to us at the address provided below.
When we collect personal information from you, we obtain your consent to use the information for the purposes collected. We will obtain your consent for any additional use or collection, or if the purpose of using the information is changed.
We generally seek your express written consent in order to collect, use or disclose personal information. Where appropriate, for less sensitive information, we may accept your verbal consent. Occasionally, we may imply consent where we can infer consent from your action or inaction.
Consent must be given by you or your authorized representative such as a legal guardian or a person having power of attorney.
You may withdraw your consent at any time, subject to legal or contractual restrictions (for example, your right to withdraw consent is necessarily limited where we need information to extend a loan against the value of a policy issued by us). We will inform you of the consequences of such withdrawal, including the possibility that we may not be able to provide a product or process a request. If you choose not to consent, we will record the decision in our file.
In limited circumstances, we have the right (or obligation) to collect, use or disclose personal information without your knowledge and consent. This occurs when legal, medical, or security reasons may make it impossible or impractical to seek consent. When information is being collected for the investigation of a potential breach of contract, the prevention or detection of fraud, or for law enforcement purposes, seeking consent might defeat the purpose of the information collection. Similarly, seeking consent may be impossible or inappropriate when you are a minor, seriously ill or otherwise incapacitated.
4. Limits to Collection, Use and Disclosure
We limit the collection of your personal information to what we need in relation to the purposes identified to you.
We collect the information directly from you unless you allow us to collect information from a third party or in accordance with the law.
We limit the use of your personal information to the purposes we have identified to you. This means that we cannot use your personal information for other purposes without your consent, except as required by law.
Your personal information is only accessible to authorized persons, and only to the extent necessary to perform their duties.
You have the right to know, on request, to whom the information was disclosed. Only in rare instances are we prevented by law from making such disclosure. We maintain accurate records, recording to whom we disclose personal information and in what circumstances it was disclosed.
We will occasionally share your personal information with service providers or agents to ensure the proper administration of products, or to provide you with the services you require. These service providers or agents must agree to comply with privacy legislation before receiving any personal information.
We only retain your personal information as long as needed for the purpose it was collected. We must destroy this information in accordance with the law and our file retention guidelines. When we destroy your personal information, we make sure that confidentiality is secured and that no authorized person can access the information during the destruction process.
6. Client list
We do not sell client lists to third party.
We make every possible effort to ensure that your personal information is as accurate and complete as necessary for the purposes it is collected, used, or disclosed.
We are responsible for your personal information in our possession or control, including information that may be transferred by us to third parties for processing. We require such third parties to keep personal information under strict standards of privacy and protection.
Our staff is trained on these processes and procedures and is provided with information about privacy laws.
We have implemented and continue to implement rigorous safeguards so that your personal information remains strictly confidential and is protected against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
Protection methods include organizational measures such as requiring security clearances and limiting access to a “need-to-know” basis, physical measures (e.g. building access cards for employees, visitor registration and identification cards, off-site backups and archiving), and technological measures such as the use of password and encryption (e.g. the use of routinely changing passwords, firewalls and segmented operator access).
10. Request for access to information and amendments
You have the right to be informed whether we hold personal information about you and to see that information. You also have the right to enquire as to how we collected your information, how we used it and to whom it may have been disclosed.
This information will be provided to you within a reasonable time from the date we receive your written request. We may charge a reasonable fee for processing your request.
In certain limited and specific circumstances, we may refuse to provide to you the requested information. Exceptions to your access right can include information that is prohibitively costly to provide, information that contains references to other individuals, information that cannot be disclosed for legal, security or commercial proprietary reasons, information that has been obtained in the course of an investigation of a potential breach of contract or fraud, and information that is subject to solicitor‐client or litigation privilege.
In cases where we hold medical information about you, we may refuse to provide you with direct access to this information and may instead request that a health care professional be designated to provide the information to you.
You may challenge the accuracy and completeness of your personal information. We will respond to an amendment request within a reasonable time.
Any request for access to information or request for amendment must be sent to the following address:
11. Complaints and concerns
Our employees and representatives are trained to respond to your questions or concerns about personal information. Should you be unsatisfied with our employee's or representative’s response, you may contact the Privacy Officer at the address mentioned above.
A complaint concerning the protection of personal information should be addressed to the Privacy Officer at the address provided above.