Maintaining the privacy and confidentiality of client information is one of the cornerstones of Easy Links Financial Inc. Since the company is built on trust, our clients expect that when they provide their personal information, it will be properly protected and will only be used for the purpose for which the information was provided, unless the client expressly authorizes otherwise.
SCOPE OF THIS POLICY
This policy applies to all current, future or past clients of Easy Links Financial Inc. and must be followed by all employees.
THE TEN PRINCIPLES OF PIPEDA
1. Accountability: Easy Links Financial Inc. is accountable for the personal information it collects, uses, retains and discloses;
2. Identifying Purposes: Easy Links Financial Inc. staff will explain the purpose for which the information is being used, at or before the time of collection, and this information will only be used for those stated purposes;
3. Consent: a client’s consent will be obtained at the time of collection, use, or disclosure of the individual’s personal information;
4. Limiting Collection: the collection of personal information will be limited to only the amount and type that is reasonably necessary for the identified purposes;
5. Limiting Use, Disclosure and Retention: personal information will be used for only the identified purposes, and will not be disclosed to third parties unless the individual consents to the alternative use or disclosure, and shall only be retained as long as necessary for the fulfillment of those purposes;
6. Accuracy: personal information shall be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used;
7. Safeguards: Easy Links Financial Inc. uses physical, organizational, and technological safeguards to protect personal information from unauthorized access or disclosure;
9. Individual Access: upon request, a client shall be informed of the existence, use, and disclosure of his or her personal information, they shall be given access to that information and shall be able to challenge the accuracy and completeness of the information and have it amended, as appropriate;
10. Provide Recourse: Easy Links Financial Inc. informs its clients and employees of how to bring a request for access, or complaint, to the Privacy Officer, and responds promptly to requests or complaints by the clients.
PERSONAL INFORMATION DEFINITION
Under PIPEDA, personal information includes any factual or subjective information, recorded or not, about an identifiable individual. This includes information in any form, such as age, name, policy numbers, income, ethnic origin, opinions, evaluations, comments, social status, credit records, medical records etc.
PURPOSES OF COLLECTION
Easy Links Financial Inc. collects, uses and discloses a client’s personal information in order to:
• Offer insurance products and services
• Determine insurance premiums
• Assess insurability
• Determine what product best suits the client’s needs
• Verify identity
• Provide assistance and customer service
• Verify the accuracy of private information
• Analyze claims
• Keep records of personal information as accurate and up-to-date as is necessary to fulfill the purposes for which it is used
• Personal information may be used for other purposes that will be disclosed to the client prior to collection, use and disclosure of the information
An individual’s express consent will be obtained prior to or at the time of collection of the personal information. The purposes for the collection, use or disclosure of the personal information will be provided to the individual at the time his or her consent is required. Once consent is obtained to use his or her information for those purposes, Easy Links Financial Inc. has the individual’s implied consent to collect or receive any supplementary information that is necessary to fulfil the same purposes. Express consent will also be obtained if, or when, a new use is identified. Consent may be expressed in writing or it may be given verbally, electronically, or through authorized representative(s), such as a client’s financial services advisor.
An individual may choose to withdraw their consent or refuse to provide some or all of their personal information at any time by contacting the Customer Service Department. In certain circumstances, consent may be required for legal or contractual reasons. In these circumstances, withdrawing or withholding consent may affect Easy Links Financial Inc.’s ability to continue to provide the client with the products and services that have been requested.
LIMITING USE, DISCLOSURE AND RETENTION
No personal information is disclosed to a third party without the client’s consent, unless the disclosure of the personal information is permitted or mandatory under prescribed applicable laws and regulations.
Personal information will be retained in client files as long as the file is active, for as long as it is required to fulfill the identified purposes and for such periods of time as may be prescribed by applicable laws and regulations. Personal information that is no longer required will be destroyed, erased or made anonymous.
Easy Links Financial Inc. endeavours to ensure that any personal information provided by the client in his or her active file(s) is accurate, current and complete as is necessary to fulfill the purposes for which the information has been collected, used, retained and disclosed. Individuals are requested to notify the Customer Service Department of any change in personal or business information.
Organizational Safeguards: Access to personal information will be limited to the Privacy Officer, Administration and / or Management personnel. The individuals granted access to personal information are not permitted to copy or retain any personal information on clients and must return all such information given to them once the purpose for being provided with this information has been fulfilled. All Easy Links Financial Inc. employees are required to sign a confidentiality agreement binding them to maintain the confidentiality of all personal information to which they have access to.
Physical Safeguards: All confidential information is stored in a physically secure manner, is used only for the intended purposes and is not disclosed to any unauthorized third party. Copies of confidential information is only printed as necessary, retrieved from the printer immediately, and stored or destroyed in an appropriate manner, as necessary. Active files are stored in locked filing cabinets when not in use. Access to work areas where active files may be in use is restricted to Easy Links Financial Inc. employees only and authorized third parties. All inactive files or personal information no longer required are shredded prior to disposal to prevent inadvertent disclosure to unauthorized persons.
Technological Safeguards: Personal information contained on Easy Links Financial Inc.’s computers and electronic databases are password protected in accordance with Easy Links Financial Inc.’s Electronic Communication Policy. Access to any of the Easy Links Financial Inc.’s computers is also password protected. Easy Links Financial Inc.’s Internet router or server has firewall protection sufficient to protect personal and confidential business information against virus attacks and “sniffer” software arising from Internet activity.
ACCESS / COMPLAINTS / RECOURSE
A client who would like to review or verify what personal information is held by Easy Links Financial Inc., or to whom the information has been disclosed (as permitted by PIPEDA), may make the request for access, via phone by contacting the Customer Service Department, or in writing to the Easy Links Financial Inc.’s Privacy Officer. Upon verification of the individual’s identity, the Customer Service Department and / or the Privacy Officer will respond accordingly.
If the client finds that the information held by Easy Links Financial Inc. is inaccurate or incomplete, upon the individual providing documentary evidence to verify the correct information, if necessary, Easy Links Financial Inc. will make the required changes to the client’s active file(s) promptly.
It is important that the complaint is filed in writing and that “ATTN: Privacy Officer” is written on the envelope or in the subject of the email.
Last Revised December 2017