We are dedicated to respecting and protecting the privacy and confidentiality of the information you have entrusted to us. This Privacy Notice outlines our privacy principles and practices.
WHAT IS PERSONAL INFORMATION?
Personal information refers to information that identifies you. The word “information” means personal, financial and other details about you that you, or someone you authorize, provide to us or we obtain from others within or outside the Company.
WHAT DOES IT APPLY TO?
This Privacy Notice applies to the operations of Assante Capital Management Ltd., Assante Financial Management Ltd. and Assante Estate and Insurance Services Ltd. in Canada. It applies regardless of how you choose to do business with us – over the phone, in person, through the internet, through your mobile device or through email.
WHO DOES IT APPLY TO?
The Notice applies to all individuals whose personal information we collect, including clients who are individuals, individuals carrying on business alone or in partnership with other individuals, signing officers of our business clients, and beneficiaries of clients to the extent that we collect, use or disclose their personal information.
CHANGES TO THE NOTICE
We may amend this Notice from time to time and will post the revised Privacy Notice on our website https://www.cifinancial.com/ci-assante/ca/en/privacy-notice.
OUR PRIVACY PRINCIPLES
The Privacy Notice outlines our privacy principles and informs you of the practices we have in place to manage personal information. We aim to respect and protect your privacy by following the key privacy principles below.
We are accountable for the personal information under our control by establishing, training our staff in, and enforcing our privacy policies and procedures to promote compliance with these privacy principles.
We have designated a privacy officer who is accountable for personal information under our control and responsible for compliance with this Privacy Notice. Please see Our Privacy Office for information on how to reach the privacy officer.
We have strict policies and procedures governing how we deal with your personal information. Every employee is responsible for respecting and protecting the personal information to which the employee has access.
We inform you about the purposes for which we collect, use, and disclose your personal information and we collect, use, and disclose your personal information only for those purposes.
We collect, use and disclose personal information responsibly and only for the purposes for which it was collected. When we collect personal information, we may use it to:
- Provide and manage products and services you have requested, including;
- Open and operate your account,
- Verify your identity,
- Execute your transactions
- Recording account information and report account status back to you
- Respond to any request or questions you may have
- Provide you with quality personalized client service and support
- Understand our customers and to develop and tailor our products and services
- Determine suitability of products and services for you
- Determine your eligibility for certain of our products and services, or products or services of others
- Communicate with you about products and services that may be of interest
- Market and advertise to clients and prospective clients
- Perform data analytics
- Legal and Regulatory Obligations
- Provide all required tax reporting
- Comply with legal, regulatory, and contractual requirements, or as otherwise permitted or required by law
- Fulfill obligations under federal anti-money laundering and suppression of terrorism legislation
- Protect our interests, including recovering any debts you may owe us
- Protect against fraud and other crime and to manage risk, including conducting investigations and proactive crime prevention measures
Your personal information may also be used for purposes named in your respective application forms and account agreements.
If a new purpose for using your personal information develops, we will inform you of that purpose.
We obtain your consent to collect, use, or disclose personal information and you may at any time revoke that consent, subject to legal and regulatory requirements. In some cases, we may not be able to provide certain services to you if you do not consent to our collection, use or disclosure of the required information to perform those services.
Depending on the type and sensitivity of the personal information and the way you choose to interact with us (in person, internet, phone, email, etc.), we may obtain your consent in different ways.
- We may obtain your express consent verbally, online, or in writing. For instance, when we collect your information via our account application form, you will formally indicate your consent for us to collect and use the information when you sign the application.
- We may, however, get your implied consent through your use of a product or service, or when you approach us to obtain information, inquire or apply for products or services from us.
- Also, we may obtain consent directly from you or by your authorized representative, such as your financial advisor or their dealership.
Before we make information available to third parties, other than an agent or service provider who needs it, we will tell you at the time of consent or before we make the information available, who those third parties are, the kind of information we want to share with them, and why.
You may withdraw your consent for the collection, use and disclosure of your personal information at any time by forwarding a written request to the Privacy Officer. Please include your full name, address, telephone number and account number(s) on any correspondence to us.
However there are certain times when you may not withhold or revoke your consent including certain legal, regulatory, or contractual requirements.
We must receive reasonable notice of your request in order to honour your consent withdrawal.
Your decision to withhold or revoke your consent may limit the products and services that we may provide to you and may require you to close your accounts with us.
We limit collection of your personal information to that which we determine is necessary for the purposes we identify for you.
We only collect the personal information we determine we need for our identified purposes.
For instance, we may collect:
- Contact Information, including name, address, telephone number, and email address
- Date of birth to help us identify and authenticate you
- Social Insurance Number (SIN), as required to comply with Canada Revenue Agency’s reporting requirements and is also used to keep your information separate from that of other clients with a similar name
- Financial Information to ensure that products, services, and advice we provide are appropriate for you and the investments you make are suitable for you
- Device Information such as information about your browser, operating system, software applications, IP address, geolocation, security status, and other device information to improve your experience, to protect against fraud, and to manage risk
- Employment Information to open accounts and in order to comply with anti-money laundering and other regulations
- Audio Recordings, when we monitor or record incoming or outgoing telephone calls with you to ensure accuracy, security, service quality, for training purposes, and to establish a record. If you do not wish to have your call recorded, you have other options to conduct business with us, such as in person, online, or by communicating with us in writing
- Video Recordings or Photographs, as we may use video or photo surveillance in and around our offices for the safety of our clients and employees, and to protect against theft, property damage, and fraud
- Social Media, when communicating with us through social media, we may monitor or record our discussions for mutual protection, to enhance client service, and to confirm our discussions with you.
- Email Information, when you send us an email or ask us to respond to you by email, we learn your exact email address and any information included in the email. We use your email address to reply to you and we will store your communication and our reply in case we correspond further. IMPORTANT: We will not ask you to provide personal information or login information, such as username, passwords, PINs, security question and answers or account numbers, through unsolicited email. If you receive an email claiming to be from us that you believe to be fraudulent, do not respond and do not open or click any links or open attachments contained in the email. Please notify us immediately and then delete the email.
We do not use or disclose your personal information for purposes other than those for which it was collected, except with your consent or as required by law.
We only use or disclose your information for the purpose(s) it was collected and as otherwise identified in this Notice.
Access to personal information is restricted to those staff members who need the information to carry out their job duties. Those employees maintain the information in the strictest of confidence and do not provide access to the information to anyone who is not authorized.
We may provide your information to third parties, including:
- To third party service providers for servicing purposes – We disclose to them only such personal information as they need to perform the services. We do not authorize them to use or disclose the personal information for their own marketing or other purposes. We have contracts in place holding these companies to the same standards of confidentiality by which we are governed. They may be located in Canada or other jurisdiction or countries and may disclose information in response to valid demands or requests from governments, regulators, courts and law enforcement authorities in those jurisdictions or countries in accordance with the applicable law in that jurisdiction or country.
- To your Assante financial advisor
- To your legal representatives
- To your financial institutions, securities dealers and mutual fund companies
- To CI Financial company affiliates, We may share personal information among any of the subsidiaries and affiliated companies that comprise CI Financial Corp. who perform administrative services for us and/or to better understand your financial needs and to provide products and services we believe may interest you.
- To governments, government agencies, regulators, including self-regulators, when required or permitted to do so by law, including in response to a search warrant, court order, or other demand or inquiry which we believe to be valid
- To protect our interests, we may disclose information to any person or organization, including an investigative body, in order to prevent, detect or suppress, financial abuse, fraud, criminal activity, protect our assets and interests, or manage or settle any actual or potential loss or in the case of a breach of agreement or contravention of law. We may also disclose information to help us collect a debt owed to us
- In the event of a transfer of a business, we may buy or sell a business (or evaluate those transactions) which would result in certain personal information forming business assets that would be purchased or sold as part of a transfer. We may also transfer personal information as part of a corporate reorganization or other change in corporate control
- In other situations where we have your consent, for instance, sharing your information with a joint account holder
We do not sell or rent client lists or personal information to third parties.
We have policies in place that govern the retention of your personal information, so we keep it only for as long as reasonably necessary to fulfill its intended purpose or to satisfy legal requirements. When we no longer retain your personal information, we have procedures to destroy, delete, erase, or convert it to an anonymous form, in a manner that keeps it safe in the process.
Where your information is kept
Your personal information is kept:
- In electronic or paper format in our offices
- In secure off-site storage facilities, or
- In the offices of our service providers
We may store your personal information via third party entities that reside in foreign jurisdictions. Information may be transferred to, accessed and/or retained by these third parties. We have contracts in place holding these companies to the same standards of confidentiality by which we are governed. We and/or a third party may be compelled, by law or otherwise, to provide information to a third party, subject to applicable privacy law. We must abide by applicable privacy law in the jurisdiction(s) in which we operate.
We have policies in place that govern the retention of your personal information so we keep it only for as long as reasonably necessary to fulfill its intended purpose or to satisfy legal requirements. The length of time we keep your information will depend upon the product or service and the nature of the information.
When we no longer retain your personal information, we have procedures to destroy, delete, erase or convert it to an anonymous form, in a manner that keeps it safe in the process.
We maintain your personal information in as accurate, complete, and up-to-date form as is needed for its use.
We are committed to maintaining the accuracy of your personal information and take reasonable efforts to keep your information complete and up-to-date. We maintain your personal information in as accurate, complete, and up-to-date form as is needed for its use.
If you discover inaccuracies in our records, or your personal information changes, please notify your financial advisor or contact our Client Services Department directly [Note this is a link to contact information for Client Services] so that we can make the necessary changes. Failure to notify us of changes to your personal information may negatively impact the way we communicate or provide services to you. Where appropriate, we will advise others of any material amendments to your personal information that we may have released to them.
We maintain appropriate security safeguards to protect against unauthorized access, disclosure, copying, use or modification, theft, misuse, or loss of your personal information in our custody or control. These safeguards are appropriate to the sensitivity of the information.
We maintain appropriate physical, electronic, technological, procedural, and organizational safeguards to protect against unauthorized access, disclosure, copying, use or modification, theft, misuse, or loss of your personal information in our custody or control. These safeguards are appropriate to the sensitivity of the information.
We have agreements in place with third party service providers requiring that any information we provide to them must be safeguarded and used only for the purpose of providing the service we have requested the provider to perform.
We make readily available to our clients, employees and agents information about our policies and procedures relating to our management of personal information.
Please see Our Privacy Office to answer any question you may have about our Privacy Notice.
Upon request, we will inform you of the existence, use and disclosure of your personal information and will give you access to that information, with few exceptions.
Individuals do not always need to use their right under the law to access or correct their personal information with us. Clients are encouraged to contact our Client Services department to correct or access their information. However, you do have the right, subject to certain limitations, to formally request to review or verify your personal information, or to find out to whom we have disclosed it. To make a formal request for access, send a written request addressed to the Privacy Officer in Contact Us below. Please include your full name, address, telephone number, and account number(s) on all correspondence to us and provide enough detail to allow us to identify the information you want.
Upon request, we will provide you with access to your personal information we have on record at the time of the request. Please note that we may not be able to provide you with this information in certain circumstances, for example without limitation, where such information:
- Contains references to other persons
- Contains proprietary information confidential to us or your financial advisor
- Has been destroyed
- Is too costly to retrieve
- Is subject to legal or some other form of privilege
- Cannot be disclosed for legal reasons
- Relates to an investigation
If we are unable to provide some of the personal information, we hold about you, we will tell you why where permitted by law.
We will advise you in advance if a minimal charge will be required for conducting the search and we will respond to your request within 30 days.
Each time you use our online, mobile, and electronic services, you are indicating your acknowledgement and consent to the collection, use and disclosure of your personal information as identified in this policy, which we may revise periodically without notice. We will let you know of any changes by posting the revised policy with a new effective date. If you do not accept the terms outlined in this policy, please do not use our online, mobile and electronic services.
WHAT PERSONAL INFORMATION DO WE COLLECT
We may collect personal information when you use our websites, online, mobile, and other electronic services (collectively, digital channels), including:
- Personal information you provide like account and contact information, including your name, email address, user ID, password, and service preferences. Refer to your specific app for additional, applicable information.
- Financial information – that you provide to us at the time of account creation of an account through our online or mobile account creation process
- Transactional data about your use of our products and services
- Mobile phone number
- Device-related information like:
- Internet Protocol (IP) address - An IP address is a unique set of numbers assigned by Internet Service Providers (ISP) to all devices used to access the internet. While CI is not able to identify an individual using the IP address alone, in certain circumstances, it could be used to identify an individual using the site.
- Mobile country code which is a three-digit number that indicates the country in which your mobile device is registered (for example, 302 is the mobile country code for Canada)
- Geolocation (if enabled on your device) provides the approximate physical location of your device
- Device ID which is a unique number that identifies your device
- Make and model of your device
- Operating system of your device
- Information about screen size of your device
- Date and time of your use of our app
- Browser data
- Software applications data
- Mobile device identification number (IMEI)
- Mobile Marketing ID (if enabled) such as AAID and IDFA
- Statistical information about how users interact with our digital channels, such as average time spent on a specific mobile or web page.
- Website use information, such as browsing behaviour on our websites and links, location you click, form data and downloads, as well as other data gathered from the use of web tools (for example, Cookies, Web Beacons, Tagging)
- Other information, such as any feedback you may provide us
FOR WHAT PURPOSES DO WE USE AND DISCLOSE YOUR PERSONAL INFORMATION
We may use or disclose this information collected online to:
- Verify your identity and authenticate you during online sessions
- Provide and manage the online products and services
- Provide you with services and offers compatible with your device and relevant to your region
- Determine eligibility of your device
- Protect against fraud, security threats, and otherwise manage risks
- Communicate with you regarding products and services that may be of interest, including displaying targeted and relevant advertising, and offering you special promotions
- Evaluate and improve our websites, online apps, mobile apps, and other electronic offerings
- Tailor our services and otherwise enhance the online customer experience to better meet your needs through digital channels
- Perform analytics and measure the effectiveness of our digital channels and services, including obtaining insight into how to improve the design, content and navigation of our digital channels
- Satisfy legal or regulatory requirements
USE OF WEB TOOLS
- When you first visit our website, you will be presented with a banner which allows you to review the various category of cookies that are on our website and select which category of cookies you would like to accept. Additionally, you can refer to your browser’s online help for further instruction and information on setting Cookie preferences.
- If you do not accept any category of Cookies, you may continue to browse our websites; however, please be aware that certain features of our website may not function properly without Cookies. You should note that if you would like certain services, you will be required to accept the Cookies to maintain session integrity and enhanced security. Additional resources that may assist you in managing Cookies used for advertising include the Digital Advertising Alliance (DAA): https://youradchoices.ca.
- If you refuse a cookie when using the Services, or if you delete cookies, you may experience some inconvenience in your use of the Services. For example, you may not be able to sign in and access your account, or Assante may not be able to recognize you, your device, or your online preferences.
- Online Authentication Process: Upon registration for Assante Investor Online, you will be asked to provide certain personal information and establish security questions. This information is used solely to verify your identity and will be cross-referenced against the information you provided to Assante when you opened your account. If you choose to utilize a biometric solution provided by your device for authentication with Assante’s mobile app the biometrics utilized in the authentication process will not be received by Assante and will remain within your device.
- Email Communications: Upon establishing an Assante Investor Online account you will be asked to choose your electronic document preferences. If you elect to receive electronic documents, you will be sent notification e-mails when documents are added to your Assante Investor Online account. We will also send you e-mail when you make changes Assante Investor Online profile.
- Voluntary Participation: You may choose to enter your information to participate in online surveys, feedback, contests, or other activities we sponsor. We use this information for a number of purposes, such as assessing the performance of the website, or improving products and services, or identifying products and services that might interest you. This information will be used for the purposes outlined in the Privacy Notice. If you do not want your information used for the disclosed purposes, do not participate in these voluntary activities.
- Educational webinars: You may choose to enter your information to participate in online meetings, educational events that we sponsor. We use this information for a number of purposes, such as assessing the performance of the website, or improving products and services, or issuing continuing education credits. This information will be used for the purposes outlined in the Privacy Notice. The information you enter may be transmitted through or to our 3rd party providers of webinars. If you do not want your information used for the disclosed purposes, do not participate in these voluntary activities.
OUR SECURITY MEASURES
We take our responsibility to safeguard customer information very seriously. To protect certain communications between your computer and our servers, we use a technology solution called “Secure Sockets Layer” (SSL). SSL ensures that the information transmitted is encrypted. In addition, we use the concept of “defense in depth”, in our cybersecurity program that has many layers, from employee awareness to having firewalls at the very edge of our network.
YOUR SECURITY MEASURES
You are responsible for ensuring the security of your unique web login ID and password. You must avoid selecting an obvious password, such as a street address, date of birth, or telephone number and to change your password on a regular basis, in order to reduce the potential for unauthorized use. Any web login ID, password, or any other piece of information chosen by you or provided to you as part of CI’s security procedures, must be treated as confidential and personal to you, and you must not disclose it to any other person or entity.
Do not respond to text messages, pop-ups, emails, or other internet requests that ask you to reveal personal information about yourself or your account when using the Services. CI will never send you unsolicited messages or emails asking for your password, credit card, account numbers, etc. CI will never ask you to validate or restore your account or access to the Services through unsolicited messages or emails.
THIRD PARTY LINKS
OUR PRIVACY OFFICE
If you have any questions or concerns about our privacy practices, the privacy of your personal information, or you want to change your privacy preferences, please let us know. We are committed to helping resolve your questions or concerns.
STEP 1: VOICE YOUR QUESTION OR CONCERN
The best way to address the concern or question is to raise it with your Assante Advisor as soon as it comes up. For your own security and safety, never send your account numbers, user names, passwords, or any other personal information by email. If you are not satisfied with the answer or resolution provided in Step 1, please proceed to Step 2.
STEP 2: ESCALATE YOUR CONCERN TO CLIENT SERVICES DEPARTMENT
You can escalate your concern in the following ways:
- Ask the individual you are dealing with in Step 1 to escalate on your behalf.
- Escalate the concern directly with Client Services department, using the following contact information:
Assante Service Centre
Hours of operation: Monday to Friday, 8 a.m. to 6 p.m. ET. Phone: 1-800-268-3200
If you are not satisfied with the answer or resolution provided in Step 2, please proceed to Step 3.
STEP 3: ESCALATE YOUR CONCERN TO THE PRIVACY OFFICE
You can escalate your concern in the following ways:
- Ask the individual you are dealing with in Step 2 to escalate on your behalf.
- Escalate the concern directly with the Privacy Office, using the following contact information:
CI Assante Wealth Management
Privacy Office: 15 York Street, 7th Floor
STEP 4: FURTHER ESCALATION
If after contacting us you do not feel that your concern has been adequately addressed, you may wish to contact:
The Office of the Privacy Commissioner of Canada