Privacy

Would you like to review or modify your consent?

You may review and manage your consent preferences for the collection, use and disclosure of your personal information at any time. Please be aware, however, that we will no longer be able to offer you our products and services if you withdraw your consent for a purpose that is essential to our relationship with you (See the section “We collect your personal information for specific purposes” for further details).

Certain purposes for collecting, using and disclosing your personal information are optional for doing business with us, namely:

Improve our products and services and provide you with a distinctive client experience
Inform you of our promotions, products, services, contests and events that may be of interest to you

You may modify your consent at any time and as many times as you wish. Please note that it may take up to 30 days for your withdrawal of consent to be processed and become effective.

Modify my consent

To inform you about your options, please tell us beforehand about the type of products you have with us.

My products

What we are doing to protect your personal information

First and foremost, what constitutes personal information? It is information that concerns you and can be used to identify you, directly or indirectly.

We operate on the basis of 4 important principles

The following principles govern how we ensure your privacy:

Ensure secure management. We implement good management and safeguard practices to secure your personal information and oversee its use.
Respect your rights. You have rights related to the personal information we hold about you. You may exercise them at any time.
Be transparent. We provide you with all relevant information about our privacy practices.
Act responsibly. Our employees, suppliers and representatives (including our financial services advisors) must comply with our privacy practices. Our Chief Privacy Officer sees to ensure that they do and that our practices are always up to date.

We only collect personal information that is necessary

From whom do we collect your personal information?

We collect your personal information primarily from you. We may also collect it from others, depending on the circumstances and the products or services you have with us. For example:

Your employer
Public bodies
Our representatives
Credit bureaus and reporting agencies
Other insurers, reinsurers or financial institutions
Public and private insurance, fraud and claims databases
Partners who distribute our products and services, such as independent brokers, specialized insurance coverage providers, travel agencies or car dealerships

A person who has or wishes to obtain a product or service with us may also disclose your personal information to us so that you can benefit from that product or service. For example, this person could add you as an insured person.

How do we collect your personal information?

We may collect your personal information in a number of ways, including:

By phone
In person
Via our paper and online forms
Via cookies, when you visit our websites

What personal information do we collect?

We only collect the personal information necessary to fulfill the purposes outlined in this notice.

Here are some examples of personal information we may collect:

Categories	Examples
Identification information	Name, date of birth, postal address, email, phone number, marital status, government identifiers (passport number, driver’s licence number, etc.), social insurance number, citizenship, country of birth
Financial information	Income, salary, financial report, investments, information on financial products you have with us or elsewhere, investor profile, rent, mortgage, bank account, credit history and score
Health information	Medical records, medical information related to your claims, paramedical test results, medical history
Insurance information	Information on insurance policies you have with us or elsewhere, claims history, sex at birth, lifestyle habits, criminal record
Employment information	Employment status, current employer, former employers
Information about your assets	Vehicle, residence, recreational vehicle
Information about your family	Name, age, financial situation and health status of your spouse, children or parents

We may also create or infer information from the personal information we collect. For example, we may create a client profile or identifier for you. This information is considered personal information. We manage and protect it in accordance with the same practices as the rest of your personal information.

We collect your personal information for specific purposes

We collect, use, disclose and retain your personal information solely for the purposes outlined in this notice. We will inform you of the intended purposes at or prior to the time we collect your personal information.

The following purposes may be essential to our relationship with you, depending on the products and services you request:

Categories	Specific purposes
Know who you are	Verify your identity Keep your contact information up to date Recognize you through iA Financial Group Verify that your personal information is accurate
Build a relationship with you	Contact you if you request it and answer your questions Understand your needs and your profile to advise you Analyze your requests for products or services Determine whether you are eligible for a product or service, and if it is right for you Determine the cost of a product or service you request
Maintain our relationship with you	Day-to-day administration of your contracts, for example, amending them or informing you of changes in your investments Process your payments Process your insurance claim, transaction or any other contract-related requests Handle any complaints or dissatisfaction Transfer your contracts to or from another financial institution Transfer your file to another representative, if necessary
Comply with laws and manage risk	Detect, prevent and contain fraud and unauthorized or illegal activities, such as money laundering and cyber threats Monitor business practices to ensure that they are sound Verify transactions Adequately train our employees and representatives Comply with our legal obligations and the requirements of courts, regulatory authorities or self-regulatory organizations Have certain risks insured by another insurer (reinsurance)

Some purposes are optional for doing business with us. You can consent to them to benefit from a distinctive client experience and obtain offers tailored to your needs.

We must obtain your consent to collect, use, disclose and retain your personal information for the following purposes:

Categories	Specific purposes
Improve our products and services and provide a distinctive client experience	Acknowledge your differences and similarities with respect to our other clients Understand how our digital tools and websites are used in order to improve them Consult with you to gain more insight into your experience, reactions and interactions with us Keep up with the various stages of your life to make our products and services even more useful and effective over the course of our relationship with you Allow all our clients to benefit from the lessons gleaned from you as we work to improve our client experience Make it easier for you to enter your information when requesting a product or service (e.g., automatically fill in certain fields)
Keep you informed of our promotions, products, services, contests and events that may be of interest to you	Understand the product and services portfolio you have with iA Financial Group in order to offer you relevant products and services that are adapted to your reality Contact you at the right time, in the right way Offer you benefits or advantageous pricing based on the products or services you have with iA Financial Group Keep you informed of contests or other promotional events that may be of interest to you

We may share your personal information with other individuals or organizations

To whom may we disclose your personal information?

In order to fulfill the purposes outlined in this notice, we may sometimes need to share your personal information with other individuals or organizations.

For example, we may share it with the following third parties:

Your financial services advisor
A person who has a product or service with us from which you are benefitting
Other iA Financial Group companies and their representatives
Credit bureaus and reporting agencies, such as Equifax or TransUnion
Public and private insurance, fraud and claims databases
Public bodies, such as the Société de l’assurance automobile du Québec or health care institutions
Other insurers, reinsurers or financial institutions
Your employer, union or association
Partners who distribute our products and services, such as independent brokers, general agents, specialized insurance coverage providers, travel agencies or car dealerships
Suppliers, for example of document printing, delivery or data storage services
Courts, regulatory authorities or self-regulatory organizations

We may disclose your personal information outside of Canada

We store your personal information primarily in Canada, but we may sometimes disclose it to parties outside of Canada. For example, if we are doing business with a supplier based in another country. In this case, we contractually ensure that our supplier meets our expectations in terms of managing and protecting your personal information. Before we transfer your personal information outside of Canada, we ensure that it is adequately protected.

We may also disclose your personal information to another Canadian province or territory.

We obtain your consent, except in certain cases prescribed by law

When do we obtain your consent?

We obtain your consent before we collect, use or disclose your personal information. We may obtain consent directly from you. It may also be obtained from another person, such as your financial services advisor, employer, car dealer, etc.

We will request your consent again if we wish to use or disclose your personal information for a purpose to which you have not consented.

When do we not request your consent?

In some cases, the law permits us to collect, use or disclose your personal information without your consent.

Here are a few examples:

Disclosing your personal information to suppliers for a purpose outlined in this notice, to provide you with the requested product or service
Conduct statistical studies using de-identified personal information, where permitted by law
Take appropriate action if we detect potential fraud
In Quebec only: Using your personal information if it is clearly for your benefit or for purposes related to those to which you have already agreed
Outside of Quebec: Using or disclosing your personal information if it is clearly for your benefit and we are unable to obtain your consent

We may also be required by law to disclose personal information. For example, if ordered by a court or requested by a regulatory authority or a self-regulatory organization.

We are doing everything we can to protect your personal information

Our employees, representatives and other stakeholders are committed to protecting your personal information. Our internal procedures clearly define the roles and responsibilities of employees, representatives and other stakeholders in the management of personal information

We limit access to and use of your personal information

We keep access to your personal information to a minimum. Access to your personal information is restricted to those who need it to perform their duties.

Here are some of the measures in place to control access to and use of your personal information:

We train our employees, representatives and consultants to handle your personal information with care and in accordance with best management practices. Our suppliers are obligated to do likewise.
Our employees, representatives and suppliers may access and use personal information we collect only if we obtained consent for this purpose or if permitted by law.
We regularly review the access rights of employees, representatives and suppliers, according to their roles and responsibilities.

We protect our facilities and IT systems

We have security measures in place to protect our IT platforms, facilities and systems. Your personal information is protected at all times by a multidisciplinary team, monitoring tools and state-of-the-art technological environments.

Here are some of the security measures in place:

Technological measures	Multi-factor authentication Data encryption Digital certificates Firewalls
Physical or administrative measures	Authorization required to access our IT systems and the buildings where your personal information is stored Constant monitoring of our facilities

We communicate with you in a secure manner

We have measures in place to ensure the security of our communications with you, including when we collect your personal information.

Here are some examples of these security measures:

We always verify your identity, whether online, by phone or in person. Other than to authenticate you, we avoid collecting certain personal information over the phone, such as your date of birth or social insurance number.
We will never ask you for your password or PIN code.
We will not contact you for the sole purpose of obtaining your personal information.

We retain your personal information for a limited time

We retain your personal information only as long as necessary to:

Fulfill the purposes for which we collected it, and
Meet our legal obligations

We have implemented a retention schedule. It guides us as to how long we should keep each type of personal information, depending on the context. We destroy personal information once the retention period has elapsed. The duration of this period depends, among other things, on our legal and regulatory obligations and on the time needed to protect our rights in the event of legal recourse.

We may anonymize certain personal information before destroying it and retain a copy. Once the information is anonymized, it can no longer be used to identify you and is therefore no longer deemed personal. We use it, among other things, to improve our product pricing, identify trends and establish performance indicators.

We respect your privacy rights

Manage your consent preferences

You may review and change your consent preferences for the collection, use and disclosure of your personal information at any time. Please be aware, however, that we will no longer be able to offer you our products and services if you withdraw your consent for a purpose that is essential to our relationship with you (See the section We collect your personal information for specific purposes for further details).

For optional purposes, you may withdraw your consent at any time without adversely affecting our relationship with you.

You can contact us to withdraw your consent for the following purposes:

Improve our products and services and provide a distinctive client experience
Keep you informed of our promotions, products, services, contests and events that may be of interest to you

Withdrawing your consent may take up to 30 days to be processed and applied.

Accessing, rectifying or deleting your personal information

You have several rights regarding the personal information we hold about you. You may exercise them at any time.

Know whether we hold personal information about you	You can ask us: If we hold personal information about you How your personal information was collected, used and disclosed If another person or organization holds your personal information for us
Access your personal information	You may ask to access the personal information we hold about you. You can also obtain a copy, but you may have to pay a reasonable fee for it. In some cases, we are unable to provide you with the requested information. For example: We share certain medical information with your health care professional. This person can then explain it to you correctly. We cannot give you information that would reveal information about another person.
Rectify your personal information	You can request that we rectify your personal information if it is incomplete or inaccurate. You can also update it if it has changed.
Delete your personal information	You can request that we delete your personal information. Our response will depend on the situation. If we have fulfilled the purposes for which the personal information was collected, we will delete it. However, we may retain it in order to meet our legal and regulatory obligations and protect our rights in the event of legal recourse. If we have not yet fulfilled the purposes for which the personal information was collected, we will delete the information that is out of date, inaccurate, incomplete or no longer required. If you request that we delete the rest of your personal information, we will no longer be able to offer you our products and services.

You may submit a written request to exercise any of your rights in relation to your personal information. You will receive our written response within 30 days. If we deny your request in whole or in part, we will provide you with several pieces of information:

Reasons for the denial
The references of the laws and regulations that justify this denial
Your right to challenge this denial before the privacy regulatory authority of your province or territory
Timeframe for appealing the denial

Filing a complaint

You may file a complaint if you feel that we have mishandled your personal information.

We invite you to contact us if you wish to file a complaint. We will take the time to analyze your complaint and work with you to resolve the situation.

You can also file a complaint with the privacy regulatory authority of your province or territory.

Request information about a decision based solely on the automated processing of your personal information

In certain circumstances, we may render a decision based solely on the automated processing of your personal information, without human intervention. For example, in the case of group insurance, this allows us to determine without delay, during your visit to the pharmacy, the portion of the cost of your medication paid by us and the portion you are responsible for paying.

You may, at any time, request an explanation of a decision based on the automated processing of your personal information and make corrections to the personal information that has been used. You may also share your comments with us.

How to contact us regarding your privacy

You can contact us in writing at the addresses below to:

Submit a request to access, rectify or delete your personal information
File a complaint about the handling of your personal information
Request assistance, send us a comment or ask any question related to your privacy

Make sure you provide us with all the information we need to follow up on your request.

By email:

privacyofficer@ia.ca

By post:

Office of iA Financial Group Chief Privacy Officer
1080 Grande Allée West
PO Box 1907, Station Terminus
Quebec City, Quebec G1K 7M3

post_addPrivacy notice

If we update this notice

We regularly update our practices to bolster them and ensure that they reflect changing privacy laws, regulations and standards. We will notify you on our website of any material changes to this notice.

Information Security Advice

Cybercrime: our tips to avoid email fraud

Finding your inbox full of spam is really annoying.

Strategies for detecting phone scams

Fraudsters often try to catch victims by contacting them directly.

Cybercrime: Tips for browsing the web safe from frauds and scams

Internet hackers try to hook victims by all means available to them to steal personal information and money.

See more advice for keeping your information secure

Worried about a message you received from iA Financial Group or from one of its subsidiaries?

Contact us

If you suspect that individuals are acting fraudulently on behalf of iA Financial Group, please report it by writing to us at one of the following addresses:

fraud@ia.ca

For customers of an insurance or group savings product
iainvestigation@ia.ca