PRIVACY POLICY


Introduction

We at Westmount Guarantee Insurance Group Inc. (“Westmount”, “we”, “us”, “our”) recognize the importance of privacy and the sensitivity of personal information.  We are committed to protecting the confidentiality of personal information provided to us and ensuring that all personal information we hold is collected, used and disclosed in compliance with all applicable federal and provincial privacy requirements.  This Privacy Policy outlines how we manage your personal information and safeguard your privacy.

Your Privacy Rights

From January 1, 2004, organizations engaged in commercial activities in Canada must comply with the Personal Information Protection and Electronic Documents Act (the “Act”). 

The Act governs the way we collect, use, maintain and disclose personal information and sets out 10 fair information principles outlining our obligation as a private organization.

Certain provinces also have provincial privacy legislation applicable to private sector companies as well:

•      British Columbia’s Personal Information Protection Act;

•      Alberta’s Personal Information Protection Act;

•      Québec’s An Act Respecting the Protection of Personal Information in the Private Sector.

Private sector companies that are subject to the provincial privacy legislation listed above are exempt from the Act with respect to the collection, use or disclosure of personal information by them that occurs within the applicable province. However, the Act continues to apply to the collection, use or disclosure of personal information by those organizations beyond provincial borders.

To ensure this accountability, we have developed this Privacy Policy and trained our staff about our policies and practices.

Scope of This Privacy Policy

In this Privacy Policy, “customer”, “you” or “your” includes any individual who has requested, applied for or been supplied with products or services by Westmount including any other individual for whom the customer has acted as agent, guardian or representative.

This Privacy Policy applies to personal information about individuals only and does not apply to the information collected, used or disclosed with respect to corporate or commercial entities.

What is Personal Information?

As used in this Policy, “personal information” means information about an identifiable individual. Personal information that we may collect from you to fulfil the purposes described in this Privacy Policy includes: your name, address, phone number, email address, date of birth, marital status, claims history, policy number, development details, and agreement of purchase and sale.

“Business contact information” is a category of personal information under the Act that is defined as “any information that is used for the purpose of communicating or facilitating communication with an individual in relation to their employment, business or profession such as the individual’s name, position name or title, work address, work telephone number, work fax number or work electronic address”.  While the Act permits organizations to collect, use and disclose business contact information without consent, that permission is limited to collection, use and disclosure solely for the purpose of communicating or facilitating communication with the individual in relation to his/her employment, business or profession.

Additionally, certain types of publicly available information may be collected, used and disclosed without consent, but only for those purposes as listed in the regulations to the Act.  Publicly available information, as specified in the regulations enacted under the Act, and the purposes for which such information may be collected, used or disclosed without consent, are as follows:

a.     personal information consisting of the name, address and telephone number of a subscriber that appears in a telephone directory that is available to the public, where the subscriber can refuse to have the personal information appear in the directory;

b.     personal information including the name, title, address and telephone number of an individual that appears in a professional or business directory, listing or notice, that is available to the public, where the collection, use and disclosure of the personal information relates directly to the purpose for which the information appears in the directory, listing or notice;

c.      personal information that appears in a registry collected under a statutory authority and to which a right of public access is authorized by law, where the collection, use and disclosure of the personal information relates directly to the purpose for which the information appears in the registry;

d.     personal information that appears in a record or document of a judicial or quasi-judicial body, that is available to the public, where the collection, use and disclosure of the personal information relate directly to the purpose for which the information appears in the record or document; and

e.     personal information that appears in a publication, including a magazine, book or newspaper, in printed or electronic form, that is available to the public, where the individual has provided the information.

Our Privacy Commitment: The 10 Fair Information Principles

Westmount complies with the 10 fair information principles of the Act in the manner described below in this Privacy Policy.

Principle One: Accountability

Westmount has appointed a Privacy Officer who is responsible for our compliance with this Privacy Policy and who can address any queries about our privacy practices and standards. Our Privacy Officer’s contact information is:

Westmount Guarantee Insurance Group Inc.
600 Cochrane Drive, Suite 205
Markham, Ontario L3R 5K3
privacyofficer@westmountguarantee.com
Attn: Privacy Officer

Principle Two: Identifying Purposes

When Westmount collects personal information, we will state and explain the purpose of such collection.

We collect personal information from you directly or through other sources such as insurers to:

  • Respond to requests and queries you submit to us;
  • Allow you to register for Westmount products and services, including creation of user accounts where applicable;
  • Communicate and assist you about your coverage and claims;
  • Communicate tailored insurance related products and services to you offered by other insurance companies based on these preferences, if you have opted-in to receive such communications;
  • Prevent, detect and suppress fraud, unauthorized or illegal activities;
  • Conduct analyses and evaluations to understand consumer trends and usage related to our products in order to improve our products, services and marketing communications;
  • Train our employees and monitor quality assurance;
  • Comply with applicable laws.

Unless required by law, we shall not use or disclose personal information for any purpose, other than the purpose for which it was originally collected, without first identifying and documenting the new purpose and obtaining the appropriate consent.

Principle Three: Consent

We obtain consent to collect, use, or disclose their personal information either explicitly from you or implicitly through your conduct with us.  Normally, we ask for your consent in writing, but in some circumstances, we may accept your verbal consent.  Express consent can be given by an action such as by clicking “accept” on a computer screen. Implied consent can be given when you interact with us such as submitting us a query through our website or registering for our products and services.

Consent may be given by you as the individual or by your authorized representative (e.g. power of attorney, legal guardian). In such cases, we will verify the authorization of these representatives.

You can withdraw your consent to the collection, use and disclosure of your personal information at any time. However, if you choose to withdraw your consent, we may not be able to provide you with the products and services you request, and in some cases could mean that we cannot provide you with insurance coverage.

There are certain situations where consent is not required for the collection, use and disclosure of personal information in accordance with the Act, such as:

  • if the collection and use are clearly in the interests of the individual and consent cannot be obtained in a timely manner;
  •  if the collection and use with consent would compromise the availability or the accuracy of the information and the collection is reasonable for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province;
  • if disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records;
  • if the disclosure is made to another organization and is reasonable for the purposes of investigating a breach of an agreement or a contravention of the laws of Canada or a province that has been, is being or is about to be committed and it is reasonable to expect that disclosure with the knowledge or consent of the individual would compromise the investigation;
  • if the disclosure is made to another organization and is reasonable for the purposes of detecting or suppressing fraud or of preventing fraud that is likely to be committed and it is reasonable to expect that the disclosure with the knowledge or consent of the individual would compromise the ability to prevent, detect or suppress the fraud;
  • if required by law.

Principle Four: Limiting Collection

We never collect information indiscriminately and will limit collection of information to that which is reasonable and necessary for the purposes of such collection, as described above or at the point of collection.

We collect information from you in a variety of ways when you use our products and services. Where possible, we collect personal information directly from you.  We also collect information from third parties as permitted by law in order to verify and provide information about the products and services you may request.  When we do so, we do it with your consent, or otherwise confirm the third party lawfully collected the information and can share it with us.

We may also use passive tracking technologies and third-party analytics tools to collect information from you if you access our website. These tools may automatically monitor and track information relation to activities on our website, including the Internet Protocol (IP) address of your computer, the IP address of your Internet Service provider, the date and time you access the website, the Internet address of the website from which you linked directly to the website, the operating system you are using, the pages of the website you visit, the website pages you read and the images viewed, and the content you download from our website.

We might also use Cookies to understand your usage and to improve website content. A “Cookie” is a text file that websites send to a visitor’s computer or other Internet-connected devices to uniquely identify the visitor’s browser or to store information or settings in the browser. Cookies make it more convenient as you use our website. For example, the information provided through Cookies is used to recognize you as a previous user of the website to offer personalized web page content and information for your use and to otherwise facilitate your experience. A Cookie may remain on your computer, phone or browser after the session finishes. You may choose to decline cookies if your browser permits, but doing so may affect your use of the website and your ability to access certain features of the website or engage in transactions through the website.

Principle Five: Limiting Use, Disclosure and Retention

Westmount only uses or discloses your personal information for the purpose for which it was collected, unless you consent to it otherwise.

We may share personal information about you with you, affiliated companies, and with underwriters for our products to help meet your product and service needs and only as necessary to fulfill the purposes for which we collected such information. For example, if you register for our Westmount Protect deposit protection product, we will collect, use and disclose your personal information as described in this Privacy Policy and we will share your information with our current underwriter.

We also share information about you with companies that perform marketing and other services for us (collectively, “Service Providers”). Our Service Providers are not authorized by us to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. If you do not wish us to provide your personal information to those Service Providers, we may be unable to provide you with the services you request or adequately respond to your query.

There are also certain situations where we will disclose your personal information, such as:

  • When we are required or authorized by law to do so (e.g., if a court issues a subpoena);
  • When you have consented to the disclosure;
  • When the product and services we are providing to you require us to give your information to a Service Provider;
  • To protect ourselves against fraud;
  • When it is necessary to establish or collect amounts owed to us.

Disclosure Outside Canada

Occasionally, we may use Service Providers located outside of Canada to process and/or store personal information for us. Please note that personal information in the custody of these Service Providers may be subject to access by the law enforcement authorities of those jurisdictions in which the Service Providers are located. Our Privacy Officer can provide further information about our policies and practices regarding Service Providers located outside of Canada and how these Service Providers, collect, use, disclose or store personal information on our behalf.

Disclosure in the Event of Business Change

In the event our business undergoes a fundamental change such as, for example, a sale or financing, merger, transfer of all or a portion of our business or assets (“Business Change”), we may disclose your personal information to the counterparties to the transaction and their professional advisors as necessary for them to conduct due diligence and to complete the transaction, provided that the counterparties and their professional advisors are required to maintain the personal information as confidential and provided that any successor to our business may only use and disclose your personal information for those purposes for which you have provided consent to us. Following such Business Change, you may contact the entity to which we disclosed your personal information with an inquiry concerning the processing of that information.

Retention

We keep your information as long as reasonably required to complete our dealings with you, or as required by law, whichever is longer. You can also request that we remove your information from our records by contacting our Privacy Officer. Subject to our requirements for continued retention of your information (i.e., audit purposes) or to fulfill our legal obligations, we will make every reasonable effort to honour your request.

Principle Six: Accuracy

Westmount will make reasonable efforts to ensure that the personal information we possess and control is accurate and complete. In some cases, depending on the services we offer, you may be able to update and correct the information we hold about you through your user account or profile.

Principle Seven: Safeguards

Westmount has policies and procedures to ensure reasonable physical, technical and organizational measures are in place to protect the personal information we hold about you safe from loss, unauthorized access, modification or disclosure. However, we cannot take responsibility for theft, misuse, unauthorized disclosure, loss, alteration or destruction of data by a third party (such as a hacker). Among the measures we take to protect your information are:

  • Premises security;
  • Restricted file access;
  • Technological safeguards such as firewalls; and
  •  Internal password and security policies.

Principle Eight: Openness

Upon request to our Privacy Officer, Westmount will provide an explanation of our privacy policies and practices and how we handle your personal information.

Principle Nine: Individual Access

You have a right to review any of the information that we hold about you and learn about how we have used it or to whom we have disclosed it by contacting our Privacy Officer. We may require additional information from you in order to verify your identity prior to providing you access.

In some cases, we may charge a reasonable administrative fee to obtain the information you request from us. We will advise you of this fee at the time of your request.

Subject to any exceptions prescribed by law, you can access and correct your personal information and challenge the accuracy and completeness of the information we have about you. We may deny access when required or authorized by law. For example, we may deny access when granting access would have an unreasonable impact on other people’s privacy or when necessary to protect our confidential commercial information and the requested information cannot be severed from the balance of the record in which it is contained. If we deny your request for access to, or refuse a request to correct information, we shall explain why.

Principle Ten: Challenging Compliance

Your privacy is important to us. If you have a complaint regarding our compliance with this Privacy Policy, please contact our Privacy Officer. Our Privacy Officer will review all complaints received and respond to you in a timely manner. If a complaint is justified, Westmount will work towards resolving it and follow up with you where appropriate.

If we are unable to resolve the complaint or you are dissatisfied by our response, you can voice your concerns to the Office of the Privacy Commissioner of Canada or your applicable provincial privacy commissioner. Our Privacy Officer would be happy to provide their contact details upon request.

Personal Information of Minors

We do not knowingly solicit information of any kind from individuals under the age of majority in their jurisdiction of residence (“Minors”) without the required consent from parents/guardians. If we become aware of any information we possess that may belong to a Minor, we will immediately obtain parental consent to delete this information from our servers. If you are a parent/guardian and you suspect that your child may have submitted personal information to us, please contact our Privacy Officer.

Updates to This Privacy Policy

To accommodate changes in Westmount and legal developments, this Privacy Policy may be changed from time to time at our discretion and without any prior notice or liability to any other person. Westmount’s collection, use and disclosure of personal information will be governed by the version of this Privacy Policy in effect at the time of collection of personal information.