At General Bank of Canada (“The Bank”) we respect your privacy and value our relationship with you. As a result, the Bank is committed to protecting your personal, business and financial information.
The Privacy Principles listed below best describe the Bank’s commitment to the protection of your personal information. These principles govern the employees and agents acting on behalf of the Bank when dealing with personal information and provide procedures for your access to and correction of personal information.
It is our commitment to meet the privacy standards of both the federal and provincial governments of Canada as well as the appropriate industry bodies.
General Bank of Canada’s Privacy Principles are as follows:
The Bank is responsible for maintaining and protecting personal information under its control and will designate an individual or individuals who are accountable for compliance with our Privacy Principles.
A Privacy Officer has been designated, and any concerns or questions regarding compliance with these principles should be directed to:
|Address:||#006 LeMarchand Mansion
11523 – 100 Avenue
Edmonton, AB T5K 0J8
General Bank of Canada is responsible for personal information in its possession and is continuously implementing policies and practices to give effect to the principles, including:
- Reviewing and improving procedures to protect personal information;
- Establishing procedures to receive and respond to complaints and inquiries;
- Training staff about General Bank of Canada’s privacy policies and practices; and
- Developing information to explain the Bank’s privacy policies and procedures to its customers and the public.
II. IDENTIFYING PURPOSES
The Bank will identify the purposes for which personal information is collected and provide notice of such at or before the time the information is collected either orally, electronically or in writing.
Personal information is used solely to provide our customers with financial services requested and to offer products and services which could be of interest to you.
The consent of the individual is required for the collection, use or disclosure of personal information, except where inappropriate or when such collection, use or disclosure is exempt from the requirement of consent as permitted by law.
In certain circumstances, personal information can be collected, used, or disclosed without the knowledge and consent of the individual. For example, legal, medical or security reasons may make it impossible or impractical to seek consent. When information is being collected for the detection and prevention of fraud or for law enforcement, seeking the consent of the individual might defeat the purpose of collecting the information. Seeking consent may be impossible or inappropriate when there is an emergency threatening the individual’s life, health or security or where the individual is a minor, seriously ill, or mentally incapacitated. In other instances, information may be publicly available. Moreover, the Bank may provide personal information to its legal counsel or agent to collect a debt, comply with a subpoena, warrant or other court, government institution requesting the information upon lawful authority, or as may be otherwise required by law.
The type of consent sought by the Bank may vary, depending upon the circumstances and the type of information being collected, used or disclosed. In determining the form of consent to use, the Bank will take into account the sensitivity of the information and the reasonable expectations of the individual. For example, when a product is requested over the telephone your consent to the use and disclosure of your information will be obtained
verbally. When application is made over the Internet, consent will be obtained electronically.
IV. LIMITING COLLECTION
The collection of personal information will be limited to that which is necessary for the purposes identified by the Bank. Information will be collected by fair and lawful means.
The Bank may collect personal information from such third parties as credit bureaus, employers, personal references, health professionals, financial institutions, licensing agencies, provincial and federal governments, law enforcement agencies or other third parties to which the individual has consented.
The nature of the individual’s request will determine the personal information collected. Essential information for most financial services includes your:
- Mailing Address
- Date of Birth
- E-mail Address
- Telephone Numbers
- Drivers License Information
- Social Insurance Number (SIN)
- Credit History
- Place of Employment
- Annual Income
- Health Information
- Other government issued identification
Additional information may also be required depending on product and services requested by the customer and offered by the Bank.
V. LIMITING USE, DISCLOSURE, AND RETENTION
Personal information will not be used or disclosed for purposes other than those for which it was collected, except when the individual has otherwise consented or as required by law. Personal information will be retained only as long as necessary for the fulfillment of those purposes.
The Bank may collect, use or disclose personal information without the individual’s knowledge or consent when such collection, use or disclosure is exempt from the requirement of consent as permitted by law.
Employees may be given access to customer and/or employee information in so far as their duties require access for business purposes. Bank employees are prohibited from disclosing or using any confidential or personal information for any purposes other than those that have been consented to by the customer or which are permitted by law.
The Bank will retain personal information for only as long as required to fulfill the identified purpose(s) or as required by law.
Personal information no longer required will be destroyed, erased or made anonymous according to the guidelines and procedures established by the Bank.
Personal information will be as accurate, complete, and up-to-date as necessary for the purposes for which it was obtained. Information that is used on an ongoing basis should generally be accurate and current.
The Bank will not routinely update personal information unless necessary to fulfill the purposes for which the information was first obtained.
Personal information will be protected by security safeguards appropriate to the sensitivity of the information.
The Bank will protect personal information against loss or theft, unauthorized access, disclosure, copying, as well as use or modification. The nature of the safeguards will vary depending on the sensitivity of the information, the amount, distribution and format of the information, and the method of storage. The methods of protection include:
- Physical measures, such as client record containers, locked filing cabinets and restricted access to offices.
- Organized measures, such as security clearances and limiting access on a “need to know” basis.
- Technological measures, such as the use of passwords, encryption and online security.
Bank employees and trainees are made aware of the importance of maintaining the confidentially of personal information and will use care in the disposal or destruction of personal information to prevent unauthorized parties from gaining access to the information. All employees are required to sign a confidentiality agreement as part of their employment conditions.
The Bank will make readily available specific information about its policies and practices relating to the management of personal information and will make its policies and practices comprehensible and accessible.
IX. INDIVIDUAL ACCESS
Upon written request, an individual will be informed of the existence, use, and disclosure of his or her personal information and will be given access to that information. An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.
The Bank will respond to an application for individual access to his or her personal information within a reasonable time, at minimal or no cost to the individual, and upon receipt of written request and proof of identity.
The Bank will not be able to provide an individual access to his or her personal information in the following situations:
- The information requested is prohibitively costly to provide;
- The information contains references to other individuals;
- The information cannot be disclosed for legal, security or commercial proprietary reasons;
- The information is subject to solicitor-client or litigation privilege;
- The information can best be available from another source (for example, through a medical practitioner).
In each case, the Bank will provide reasons for denying any access to personal information.
When an individual demonstrates the inaccuracy or incompleteness of personal information, the Bank will amend the information as required. Depending upon the nature of the information challenged, an amendment may involve the correction, deletion or addition of information. Where appropriate, or necessary, the amended information will be transmitted to third parties having access to the information in question.
When a challenge is not resolved to the satisfaction of the individual, the Bank will record the substance of the unresolved challenge. When appropriate, the existence of the unresolved challenge will be transmitted to third parties having access to the information in question.
X. CHALLENGING COMPLIANCE
Customers may direct questions or enquiries with respect to the Privacy Principles outlined above or about our practices by contacting the delegated persons accountable for privacy at the Bank who may seek external advice where appropriate before providing a final response to individual complaints.
The Bank will review all complaints. If a complaint is found to be justified, the Bank will take appropriate measures, including, if necessary, amending its policies and practices.
To further discuss the Bank’s protection, use and disclosure of your personal information, please contact us via e-mail at firstname.lastname@example.org or call us at 780-443-5626 or toll free at 1-877-443-5620.
The Privacy Commissioner of Canada
The Privacy Commissioner of Canada functions independently from any other part of government with respect to the investigation of complaints or concerns specific to the safeguarding your personal information. If you feel that your privacy has been compromised, by, for example, the unlawful collection, use or sharing of your personal information, the Privacy Commissioner will conduct an investigation of your complaint or concern applying the provisions of the Personal Information Protection and Electronic Documents Act.
For more information or to make a privacy related complaint, please contact:
The Privacy Commissioner of Canada
112 Kent Street
Tel: (613) 995-8210
Fax: (613) 947-6850