Privacy Agreement
Equitable1 is committed to protecting all Personal Information obtained in the course of conducting our business. We encourage you to read this Privacy Agreement so that you can understand how we collect, use, share and protect your Personal Information. This Privacy Agreement will continue to apply for as long as Equitable holds your Personal Information, including after the termination of any of your product or service agreements with us. By providing us with Personal Information, you are consenting to the collection, use and sharing of your information as set out in this Privacy Agreement. This Agreement can also be in our offices and on our websites at www.equitablebank.ca or www.eqbank.ca.
To help you understand our Privacy Agreement, here are some important terms you should know.
In this Privacy Agreement, ‘we’, ‘our’, and ‘us’ refer to Equitable, and ‘you’ and ‘your’ refer to each customer or prospective customer, guarantor or power of attorney, as applicable. The term ‘Personal Information’ refers to information in any form about an identifiable individual (e.g., contact information, account numbers, or details such as age, marital status, business, and financial information). Equitable is accountable for all Personal Information in our possession. To help us meet this commitment, we have designated a Chief Privacy Officer to oversee our privacy program and practices.
This Agreement has been designed to comply with the Personal Information Protection and Electronic Documents Act ('PIPEDA') and explains:
- the types of Personal Information we collect;
- how your Personal Information is used;
- how your Personal Information may be shared;
- the steps we take to ensure your Personal Information is handled in a safe and secure manner;
- how you can access the Personal information we retain and how to keep it accurate; and
- how to contact us with any privacy concerns.
This Agreement does not apply to the Personal Information of Equitable’s employees.
Collecting Your Personal Information
Personal Information may be collected from you directly, from your interactions with us, and from other sources outside our organization, including from government agencies and registries, law enforcement authorities, public records, credit reporting agencies, other financial institutions, service providers, partners or third parties, agents and other organizations with whom you have arrangements or in accordance with their respective terms and conditions and/or privacy policies, or any other source, with your consent or as permitted or required by law. This information may be obtained by telephone, in writing or electronically. For legal entities such as businesses, partnerships, trusts, estates or other organizations, we may collect information from each authorized person, partner, trustee and executor, as appropriate.
You authorize the collection of Personal Information from these sources, and where applicable, you authorize these sources to provide us your Personal Information. When you apply for, provide a guarantee in respect of, or use any product or service, including when you register or use any of our online or mobile banking platforms, and while you are our current, prospective or former customer, or act on behalf of one, we may collect and maintain Personal Information about you such as:
- information establishing your identity (such as your name, address, email address, mobile telephone number, occupation, date of birth and other identification documents, or images of such, required by law);
- information to authenticate your identity such as knowledge-based information (i.e. username, password and account information), biometric information (i.e. signature, fingerprint and voiceprint), device information (i.e. device model, browser type and activity, IP address, security cookie (see About Cookies section below) and approximate physical location of device) and images recorded by video surveillance at one of our locations;
- information about your financial status including your employment information and history, references, annual income, assets, liabilities and credit history;
- business name, business address, business telephone number, business email address, name(s) of owner(s), officer(s) and director(s); industry type and financial status (for business clients);
- information reflecting your business dealings with us;
- information about your balances and transactions, including bank/investment/mortgage account activity and payment history;
- information about your U.S. Person status (to comply with regulatory requirements for deposit-related products);
- information we request, or that you provide, about beneficial owners, insured spouses, common law partners or dependents under an insurance product or a registered plan, an authorized user of your account, or intermediaries and other parties which is required by law. If you provide us with information about another individual, we will assume you have the authority to provide this information and have obtained their consent to its collection, use and sharing for the purposes set out in this Agreement;
- information related to the administration of an estate or that is required to provide to our trust services;
- other information that we may need in order to provide you, either directly or through a service provider, partner or third party, with a specific product or service (e.g., personal health information for insurance-related products that may be offered to you);
- other information with your consent, or as permitted or required by law; and
- additional information may be requested to help us determine your eligibility for products and services that we offer.
Using Your Personal Information
We may use this Personal Information for the purposes communicated to you at the time of collection or in your agreement(s) with us, including to:
- verify your identity and to authenticate you when you contact us or we contact you;
- evaluate your current and ongoing creditworthiness, including by obtaining credit reports;
- evaluate and process your application, account, transaction and reports
- set up your accounts and provide ongoing service;
- provide you with products and services you have requested;
- communicate with you, including to respond to your inquiries;
- understand your product and service requirements;
- market a product or service, either directly or through a service provider, partner or third party;
- determine your eligibility for some of our products and services and offer them to you;
- help manage and assess our risks, operations and relationship with you;
- prevent, detect or investigate fraud or criminal activity;
- collect amounts owing to us;
- maintain the accuracy and integrity of information held by a credit reporting agency; and
- comply with legal, regulatory, governmental and contractual requirements.
We may also use Personal Information we collect when you register or use of our online banking or mobile banking platforms to:
- assist and guide you through the onboarding/ sign up process through timely messages and contextual pop-ups; to understand your onboarding/ sign up journey and source;
- understand who you are, your needs, and how you use products and features, including the monitoring of your current product portfolio, balances, funding levels, and activity;
- target or personalize your banking experience and predict, generate and deliver tailored messaging, promotions, insights, recommendations, and walkthroughs based on information that we have collected, including information we have collected through your digital activities on Equitable digital channels;
- determine your eligibility for incentives, such as bonus interest, fee waivers and discounts to try new products and services or encourage continued use of your existing products and services;
- inform you about relevant new and existing products and features via pop-up messaging;
- identify friction points in your navigation journey and deliver immediate support and guidance;
- aggregate data across web and mobile to optimize your overall banking experience;
- track the specific Equitable ad that you selected, the site activity associated with each marketing ad, and the response rate to help us plan future online marketing campaigns. If you enter a third-party site which has an Equitable ad, we may use cookies to help us identify the site you accessed, but we do not track and create a profile of a user’s behaviour on that site;
- use de-identified transactional data to help personalize ads and offers on third party websites or Equitable digital channels; and
- promote and market products and services offered by Equitable and, our program partners or other third parties we have carefully selected.
We may create statistical and anonymized reports, analysis and predictive models, rules and insights using information (including from credit bureaus (please see the Credit Consent section in this Agreement)) about you and other current or prospective customers. Aggregated reports provide insights into sales performance, identify customer demographics or behavioural insights, and may also be shared with other Equitable businesses, affiliates, or subsidiaries. The information in these reports is not personal and cannot be used to identify you and it is only retained until its intended purpose is fulfilled.
If for any reason your information is required to fulfill a different purpose then that of your original intent, we will ask for your consent before we proceed. We may use your Personal Information for other purposes with your consent or as permitted or required by law.
Sharing Your Personal Information
We may share your Personal Information:
- with Equitable businesses, affiliates, and associated companies in which we have significant shareholdings;
- with our employees, agents, service providers and any other entities that perform services on our behalf (collectively, 'service providers'). You acknowledge that some of our service providers may be located outside of Canada and as such your Personal Information may be accessible to governmental, national security and regulatory authorities in accordance with the laws of these jurisdictions;
- with other organizations or agents with whom you have arrangements and to whom you have provided consent directly;
- with other financial institutions to process payments or to verify information such as your identity and income;
- with payment card networks in order to operate or administer the payment card system that supports the products, services or accounts you may have with us;
- in response to a judicial or administrative orders, subpoena, warrant or other demand or request we believe to be valid from governments, regulators, courts and law enforcement authorities in Canada or other jurisdictions or countries;
- to meet requests for information from regulators;
- to satisfy legal, audit, insurance, self-regulatory and regulatory requirements applicable to us;
- in any negotiations for the sale or assignment or proposed sale or assignment of all or part of our business or assets (including the sale of mortgages) and to our successors and assigns who may use the information for similar purposes as those described in this Agreement;
- to other parties connected with your account, as applicable (e.g. guarantors, powers of attorney and other people named on the application);
- to a joint account holder, including limited information about the account prior to it becoming a joint account;
- to help us collect a debt or enforce an obligation owed to us by you;
- with any person or organization, including an investigative body, to prevent, detect or suppress financial abuse, fraud, money laundering, cyber threats, criminal activity, protect our assets and interests, assist us with any internal or external investigation into potentially illegal or suspicious activity or manage, defend or settle any actual or potential loss;
- with your consent or knowledge (e.g., with another individual on a joint account, a power of attorney or an estate representative);
- where permitted or required by law; and
- where you might be a victim of fraud, financial abuse or other illegal activity, or where we have reasonable grounds to believe your interests can best be served by taking action, we may share information with the appropriate legal or governmental authorities, your next of kin or any other appropriate person (e.g., notification of our concerns regarding potential financial abuse may be provided to a public guardian or trustee’s office). In these circumstances, we will only share information we believe is reasonably necessary to protect your interests.
We do not sell the names or other Personal Information of our customers. We do not disclose the names or other Personal Information of our customers to other companies outside of Equitable without consent, unless required or permitted by law. Over time, we may buy new businesses or sell some of our businesses. Accordingly, Personal Information associated with any accounts, products or services of the business being purchased or sold will be transferred as a business asset to the new business owner.
We may use affiliates or other companies to provide services on our behalf such as data processing, account administration, analytics and marketing. Such companies will be given only the Personal Information needed to perform those services and we do not authorize them to use or disclose Personal Information for their own marketing or other purposes. We have or will have contracts in place holding these companies to the same standards of confidentiality by which we are governed.
Joint accounts, representatives and beneficiaries
- Where you hold a product or service jointly with another person, like a joint account, or where someone is authorized to use or access your product or service, or where liability is shared with others such as someone providing a guarantee or indemnity for your obligations, we may share your information with them (or their representative, which includes their estate representative), as necessary, in connection with that other person’s use of the product or service.
- Where someone is acting as a representative or we reasonably believe is acting with proper authorization, such as a legal guardian, person having power of attorney, estate representative, lawyer, or accountant, we may share information with and take instructions from them including sharing information as instructed by either representative where representatives are jointly appointed.
- Following death, we may also share your information with your beneficiaries or estate representatives where reasonably necessary to help in the administration of your registered plans or insurance products or your estate’s financial affairs. If you are the surviving joint account holder, we may also share information about your account created or collected before a deceased joint account holder’s death with the representative of the deceased joint account holder.
Anonymous Information
We may collect anonymous information. Anonymous information is information that cannot be associated with or traced back to a specific individual or business entity. For example, our web servers collect some anonymous/non-personal information automatically by web servers when you visit Equitable digital channels (i.e. our public websites, online or mobile banking and other secure portals). Gathered electronically, this information may include the pages you visited, the type of web browser you are using, the level of encryption your browser supports and your Internet Protocol address. The anonymous/non-personal information collected may be used or shared for research and analytical purposes. To help us better understand our markets, we may also gather information for analytical purposes by conducting anonymous customer surveys, by extracting demographic information from existing files and from Statistics Canada.
How We Obtain Your Consent
It is important to understand the different ways that we may obtain your consent to collect, use and share your personal information. Depending on the situation, we may obtain your consent in different ways. Express consent may be obtained verbally, electronically or in writing. Implied consent may be obtained through your use of a product, or when you approach us to obtain information, inquire about or apply for products, or services from us.
We will not make your consent a condition of obtaining a product or service, unless it is reasonably or legally required, and we will clearly indicate when this is the case.
Additional Collection, Use and Sharing of Your Personal Information
Verification of Information: We may verify your Personal Information with credit bureaus, credit insurers, third party verification services, registries, financial service industry databases, investigative bodies, your employer, personal references and other lenders.
Credit Consent: If you have a line of credit, loan, mortgage, guarantee or any other credit facility with us, we may use, obtain, verify, share and exchange credit and other information about you with others (including credit bureaus, mortgage insurers, creditor insurers, registries and other persons with whom you may have financial dealings, as well as any other person as may be permitted or required by law) at the time of your application, at any time during the application process and on an ongoing basis while you are a customer and, for a reasonable time afterwards. We may obtain information and reports about you and your credit profile from Equifax Canada Inc., Trans Union of Canada, Inc., or any other credit reporting agency. The credit and other information we collect from credit bureaus may include information about your current and past credit accounts such as type, amount, payment history, collections actions, legal proceedings, or other information that the credit bureaus have collected from your other lenders. We may also collect information not specific to a credit account, but that is part of your overall credit profile. We may collect, use, and share this information to assess your application for credit, verify your creditworthiness, assess, and manage our credit risks and improve products and services, establish credit and hold limits, qualify you for other products and services, inform the Bank’s renewal behaviours and detect and prevent fraud. We may also periodically share credit, financial and other information about you with credit bureaus to help maintain the accuracy and integrity of the credit reporting system. This may include, but not be limited to, failure by you to meet any of your obligations under the applicable terms and conditions of those products.
Insured Credit Products: If you have an insured credit product (e.g., a mortgage or line of credit) with us, we may share Personal Information about you, including credit information, to mortgage default insurers for any purpose related to mortgage insurance. Information retained by Canada Mortgage Housing Corporation will be subject to federal access to information and privacy legislation.
Defaults: If the credit facility you have with us or you have guaranteed is in default or if you have an unauthorized overdraft in a bank account with us, we may release your Personal Information to collection agencies, the originating broker or any subsequent mortgagee, or other third parties, where applicable and as necessary for the purposes of assisting in collecting the debt. We will limit the amount and type of Personal Information disclosed to that which is necessary to facilitate the collection of the arrears.
Personal Health Information: From time to time, you may provide us with your personal health information (e.g., medical history) in connection with insurance products and services associated with credit products, or any other products or services you may have with us. We may collect or share your personal health information with any health-care professional, medically-related facility, insurance company, organization that manages public information data banks or insurance information bureaus. We will not share your personal health information within Equitable or use it in a manner other than that of the original intent disclosed to you.
We will not refuse you any of our products or services on the basis of any personal health information you have provided to us, a service provider, partner or third party.
Communications: We may collect information by monitoring and/or recording any communications between you and our representatives (e.g., telephone discussions, email conversations, online chats) for accuracy, service quality, training and security purposes, our mutual protection to prevent or detect fraud, and to enhance our customer service.
We may communicate with you through various channels including telephone, computer, mail or mobile applications or by other electronic means, using the contact information you have provided.
Service Providers and Third Parties outside of Canada: Information may be stored and processed in any country where we have affiliates or service providers. By using our products or services, you consent to the transfer of information to countries outside of Canada, including the United States, which may be governed by different data protection rules. Equitable, and its service providers and other third parties, including Equitable affiliates, with whom we share information under this Agreement, may perform activities outside of Canada. As a result, your information may be securely used, stored or accessed in other countries and be subject to the laws of those countries. For example, information may be shared in response to valid demands or requests from government authorities, courts and law enforcement officials in those countries.
Interest-based advertising: We may use information collected from your browsing behaviour to help predict your preferences and provide you with Equitable-related advertisements that will be more relevant to you on our digital channels and third-party websites.
If you opt out of interest-based advertising, you may still get Equitable online advertising, but it will not be tailored to your preferences. You can manage your preferences for interest-based Google advertising, as follows:
To opt out of interest-based Google advertisements, set your preferences using Google’s Ad Settings. You can also opt out of Google Analytics with Google’s opt-out browser add-on.
The ability to access certain personal information is managed through your device settings. For example, you may allow your device to share your camera, contacts and photos. However, some services may not operate effectively without this access. Your device support will have instructions for how to manage these permissions.
If you have installed our mobile app and wish to stop receiving push notifications, set your preferences within the mobile app. You may also manage push notifications at the device level.
Many browsers and devices allow you to store passwords and login ID so you are not required to re-enter this information each time you access a site. To prevent unauthorized access to your information, we strongly recommend you do not use this functionality when accessing Equitable digital channels.
You can block or disable third-party cookies in your browser settings so that your browser accepts only first party cookies, which are those cookies belonging to the site you are currently browsing (e.g., cookies from Equitable when you are on Equitable's websites).
The ability to share your location information is managed through your device settings. Equitable cannot collect or use certain types of location information from your mobile device if the location services (e.g., GPS, geolocation, or proximity technologies) are disabled.
About Cookies
What is a Cookie?
A cookie is a small text file containing a unique identification number that a Web site sends to your computer's web browser. While you visit a particular site, a cookie may be used to track the activities of your browser as well as provide you with a consistent, more efficient experience. There are two common types of cookies: persistent and non-persistent.
Persistent cookies are stored on your computer’s hard drive where they remain resident until they are either deleted or they reach a predetermined expiration date. Persistent cookies are most commonly used to provide visitors with a customized experience by recording preferences such as how a visitor prefers to have his/her web pages displayed. Additionally, cookies are commonly used to gather statistical information such as the average time spent on a particular page. This kind of information is valuable for several reasons, including providing insight on how to improve the design, content, and navigation of a website.
Non-persistent cookies do not permanently record data and they are not stored on your computer’s hard drive. Rather, non-persistent cookies are stored in memory and are only available during an active session. Once a session ends, the cookie disappears. Non-persistent cookies are used primarily for technical reasons such as providing seamless navigation. For example, secure Equitable websites such as Online Banking use non-persistent cookies to permit visitors to navigate through the pages without requiring them to log on to each additional page they wish to visit.
What are your choices in relation to cookies?
If you would like to browse our websites, you may do so without accepting cookies. However, you should understand that if you choose not to accept cookies, some of our websites may not function properly or optimally and you will not be permitted to access certain secured sites. For example, if you would like to use a service such as Online Banking, you will be required to accept the cookies that have been engineered to sustain session integrity and enhanced security before proceeding.
Cookies are widely used, and most web browsers are configured initially to accept cookies automatically. If you prefer not to accept cookies, you may adjust your browser settings to alert you when a cookie is about to be sent, or you may configure your browser to refuse cookies automatically. If you would like to learn more about how to set your cookie options, please refer to your browser's documentation or online help for instructions.
Protecting Your Personal Information
We have implemented administrative, technological, and physical safeguards to protect the security of your Personal Information under our control, regardless of the format in which it is held, against unauthorized access, disclosure, use or modification.
We train our staff on the importance of protecting the confidentiality of your information, and regularly confirm this expectation in writing. We authorize staff to have access to your personal information only on a need-to-know basis to perform their job functions.
To the extent that a service provider requires access to your personal information for an authorized purpose, we require the service provider to implement similar safeguards to protect the security of your Personal Information.
We audit our procedures and security measures regularly to help ensure that they are being properly administered and that they remain effective and appropriate to the sensitivity of the information.
Retaining Your Personal Information
We will retain your Personal Information only as long as it is required for the reasons it was collected. This may include customer service, legal or regulatory needs that require us to keep your Personal Information beyond the end of your relationship with us.
When your Personal Information is no longer required, we will securely destroy it or convert it to an anonymous form.
Accessing and Updating Your Personal Information
You are responsible for advising Equitable of any inaccuracies or changes to your Personal Information (such as a change of address, telephone numbers, current address, marital status, etc.). If any of your Personal Information changes or you discover inaccuracies in our data, you are required to advise us so we can update our records. Please be prepared to verify your identity when updating or changing your Personal Information.
Subject to contractual and legal restrictions as well as reasonable notice, you may request access to, correction or deletion of the Personal Information we hold about you at any time by submitting a written request to the Chief Privacy Officer. Please be prepared to verify your identity upon making such a request. We will respond to your request within 30 days of receiving all necessary information, or advise you if we require additional time.
Please note that we may not be able to provide you access to your Personal Information in certain situations (e.g., if disclosing the information would reveal confidential commercial information or information about a third party). If this is the case, we will inform you of the reasons that we were unable to provide you access.
Respecting Your Privacy Preference
Subject to legal, regulatory and contractual requirements, you can refuse or withdraw your consent to our collection, use or disclosure of your Personal Information at any time by giving us reasonable notice. In certain circumstances, your consent cannot be withdrawn. For example, you may not withdraw your consent where our collection, use and sharing are permitted or required by law, is required to ensure we have correct and up-to-date information about you, such as current address or is necessary to manage our business including the sharing of information when we assign our rights to others for business transactions.
If you have, or have provided a guarantee for, a credit product with us (such as a mortgage or line of credit), you may not, during the term of the facility, withdraw your consent to our ongoing collection, use or disclosure of your Personal Information in connection with such product. We can continue to disclose your Personal Information to credit bureaus even after the credit facility has matured and been paid out and you may not withdraw your consent to our doing so. We do this to help maintain the accuracy, completeness and integrity of the credit reporting system.
We will act on your instructions as quickly as possible but it may take some time for our records to reflect your choice as many records can only be changed during regular file updates.
There are several privacy preferences available to you, subject to legal, regulatory, business or contractual requirements.
Social Insurance Number ('SIN'): We will collect, use, and share your Social Insurance Number (SIN) for income tax reporting purposes, as required by law. We require your SIN for products that earn interest or dividend income to comply with the Canada Revenue Agency’s reporting requirements. If we ask you for your SIN for other products or services, your choice to provide it is optional. When you provide us with your SIN, we may use it to verify and report credit information to credit reporting agencies as well as to confirm your identity. This allows us to keep your Personal Information separate from that of other customers, which helps to maintain the integrity and accuracy of your Personal Information. You may choose not to have us use your SIN as an aid to identify you with credit reporting agencies; however, you may not refuse or withdraw your consent for purposes required by law.
Marketing offers: From time to time, we may send you information which may be of interest to you on other products and services that we offer and of partnerships with other entities we select, by mail, email, telephone, or other electronic means. You may opt out of receiving promotional messages, but please note that we may still send you transactional or business messages (such as those about your account or our ongoing business relations).
Participation in customer research and surveys: From time to time, we may ask you to participate in customer research or surveys that help us to improve our offer and better understand your needs. You may opt out of participating.
Contacting Us
To request access to, or correction of, your Personal Information, to ask questions about our privacy policies or to refuse or withdraw your consent to our use of your Personal Information for purposes outlined in this Agreement, you may send in a written request or contact us at (please note that requests for access must be in writing):
Equitable Bank/Equitable Trust/Concentra Bank/Concentra Trust (as applicable)
30 St. Clair Avenue West, Suite 700
Toronto, Ontario M4V 3A1
If you have any complaints or concerns about this Privacy Agreement or our privacy practices, please refer to the Customer Complaint Handling Procedures provided to you when you opened your account, which can also be found in our offices and on our websites at www.equitablebank.ca or www.eqbank.ca. If you choose to send us an email, do not include sensitive information.
Language
For Québec residents only: You acknowledge and agree that you have first been presented with and have examined the French version of this Agreement, and that you then have expressly requested that this Agreement, and all related documents including notices, be drawn up in the English language and that you wish to and agree to be bound by the English version of this Agreement. Vous reconnaissez et convenez que la version française de la présente entente vous a d'abord été présentée et que vous l'avez examinée, et que vous avez ensuite expressément demandé que la présente entente et tous les documents connexes, y compris les avis, soient rédigés en anglais et que vous souhaitez être lié par la version anglaise des présentes et que vous acceptez de l'être.
Further Information
We are committed to providing you with understandable and easily available information about how we manage your Personal Information.
For further information about how we collect, use and disclose your personal information, please refer to our Code of Privacy Principles available at any of our offices and on our website at www.equitablebank.ca or call us at 416-515-7000 or toll free: 1-866-407-0004.
Changing this Agreement
We may amend this Agreement and our other privacy-related documents from time to time to take into consideration changes in legislation or other issues that may arise at our sole discretion. Any changes we make to this Agreement will be effective when we post the revised Agreement on our websites. If we intend to use or disclose your Personal Information for purposes materially different from what is described in this Agreement, we will take reasonable steps to notify you. We encourage you to review the Privacy Agreement whenever you interact with us to stay informed about our information practices, as your continued use of our services or provision of Personal Information after changes have been made to this Agreement constitutes your acceptance of those changes. It is your responsibility to ensure that you read, understand, and accept the latest version of the policy. The date at the end of this policy indicates when it was last revised.
Equitable Privacy Agreement – June 2023