Privacy Notice

For employees and retirees of iA Financial Group

Your personal information is precious

We, at iA Financial Group and our affiliates, do everything we can to protect the confidentiality of the personal information you entrust to us. That is why we are committed to continually reassessing and updating our practices to meet the highest standards with regard to managing and protecting your personal information.

To learn more about iA Financial Group and its affiliates, visit the iA Financial Group page.

What we are doing to protect your personal information

First and foremost, what constitutes personal information? It is information that concerns you and can be used to identify you, directly or indirectly.

The following principles govern how we ensure your privacy:

  • Ensure secure management. We put proper management and protection practices in place to keep your personal information secure and oversee its use.
  • Respect your rights.You have certain rights with regard to the personal information we hold about you. You may exercise these rights at any time.
  • Be transparent. We provide you with all relevant information regarding our privacy practices.
  • Act responsibly. Our employees, suppliers and representatives (including our financial services advisors) must comply with our privacy practices. Our Chief Privacy Officer ensures that they do, and that our practices are always up to date.

From whom do we collect your personal information?

We collect your personal information primarily from you. We may also collect it from others, depending on the circumstances. For example:

  • Credit bureaus and reporting agencies
  • Employee benefits administration partners, such as the share purchase plan administrator, travel agencies and fleet management agencies
  • Managers of insurance products, group savings products and employee pension plans
  • Tax authorities
  • Psychometric assessment firms
  • Charitable organizations
  • External training platform providers
  • Providers of IT services and solutions such as collaboration tools, communication services, hosting services and IT request management

How do we collect your personal information?

We may collect your personal information in various ways, including:

  • Through our paper and online forms
  • Through network management and monitoring tools
  • Through platforms and applications
  • By phone
  • By email
  • In person
  • Through cookies

What personal information do we collect?

We only collect the personal information necessary to fulfill the purposes outlined in this notice.

Here are some examples of personal information we may collect:

Category Examples
Identification information Name, date of birth, mailing address, email, phone number, preferred language, marital status, sex at birth, government identifiers (passport number, driver’s licence number, work permit, etc.), employee identifiers (employee number, IP address, login ID), social insurance number, citizenship, country of birth, photo
Financial and employee benefits information Salary, income, banking information/account number, credit history and score, contributions, information about your insurance plan or your retirement or retirement savings plan, participation in the share purchase plan
Health information Information about your state of health that is relevant to your employment with us
Employment information Employment status, former employers, training (education, degrees or diplomas, certifications, etc.), licences, previous work experience, conflicts of interest, criminal record or disciplinary sanctions if applicable, psychometric test results, start and end dates, employee survey data, performance appraisals, data on the use of resources provided to you by iA Financial Group

We may also create or infer information based on the personal information we collect. For example, we may create an employee profile or an ID for you. This is considered personal information. We manage and protect it in accordance with the same practices we use for the rest of your personal information.

We collect, use, disclose and retain your personal information only for the purposes outlined in this notice. We will inform you of the intended purposes at or prior to the time we collect your personal information.

The following purposes may be essential to our relationship with you:

Category Specific purposes
Knowing who you are
  • Verifying your identity
  • Keeping your contact information up to date
  • Making sure your personal information is accurate
Managing the employment relationship
  • Hiring and onboarding you
  • Processing your pay, contributions, allowances, reimbursement of employment expenses, vacation payout
  • Producing tax slips and employment records
  • Managing your employment status
  • Managing the total compensation process, for instance by ensuring that your pay positioning and employee benefits are competitive
  • Keeping you informed about your employment benefits
  • Managing your enrolment in and withdrawal from employee benefit programs
  • Administering your employee benefits with different providers
  • Preparing for and managing your retirement
  • Tracking your performance, including performance appraisal, investigation, disciplinary action and involuntary termination, where applicable
  • Handling your wellness requests, for instance when an incident occurs or for ergonomic consultations or workplace accommodations
  • Handling your international telework requests
  • Supporting an immigration or work permit process, where applicable
  • Transmitting personal data to another company as part of a reorganization, where applicable
  • Managing access and use of the company’s applications and technology tools
  • Managing physical access to work premises, including parking
  • Managing security incidents and issues
  • Handling your assistance and service requests
  • Sending you your equipment
  • Creating and following up on your IT requests, for example:

    – Assistance and service requests
    – Equipment delivery requests
Growing within the company
  • Supporting you in your professional development
  • Training you
  • Getting financing for your training
  • Analyzing your application as part of an internal mobility initiative
Providing a good employee experience
  • Producing statistics, dashboards, reports and trends to monitor employee performance, retention, wellness, recruitment and professional development
  • Training and supporting managers in their role
  • Offering you services from our wellness partners, for instance online appointments with a physician
Complying with rules and laws and managing risk
  • Ensuring that policies, directives and other company guidelines are followed
  • Protecting the organization’s premises and assets, for instance by controlling building access
  • Protecting the organization’s confidential data by monitoring the use of applications and other tools at your disposal
  • Detecting, preventing and containing fraud and unauthorized or illegal activities such as money laundering and cyber threats, for example by checking your criminal record and credit score
  • Respecting our legal obligations and the requirements of courts, government bodies, regulatory authorities or self-regulatory bodies, as well as internal or external auditors

Some purposes are optional. We must obtain your separate consent to collect, use, disclose and retain your personal information for the following purposes:

Category Specific purposes
Enhancing the employee experience
  • Consulting you (through surveys, for example) to learn more about your wellness, your level of engagement or inclusion and your development so we can better direct our initiatives
  • Using information that you agree to share with us when you leave to identify opportunities for improvement
Improving equity, diversity and inclusion
  • Analyzing and producing statistics regarding minorities that we can use, for example, to:
    – Obtain an overall profile of our organization
    – Identify inequities and combat them in concrete, measurable and sustainable ways through the adjustment and implementation of policies and practices
    – Ensure that everyone has fair access to career opportunities
    – Develop programs, initiatives, services or products that meet your current and future needs
    – Encourage sincere dialogue, listening, open-mindedness and humility within teams to foster a sense of inclusion throughout the organization

With whom may we share your personal information?

In order to fulfill the purposes outlined in this notice, we sometimes need to share your personal information with other individuals or organizations.

For example, we may share it with the following third parties: 

  • Other iA Financial Group entities and their representatives, including the entity responsible for group insurance and savings
  • Credit bureaus and reporting agencies, such as Equifax or TransUnion
  • Benefits administration partners such as those responsible for disability management, payroll processing, management of iA’s share purchase plan, and travel or fleet management agencies
  • Providers of preventive medical check-ups
  • Provider of telemedicine service and employee and family assistance program
  • Providers of collaboration tools, communication services, hosting services and IT request management, for example
  • Public and government bodies, including tax authorities, courts, regulatory authorities or self-regulatory bodies
  • Fraud prevention and management organizations
  • Charitable organizations

We may disclose your personal information outside of Canada

We may disclose your personal information outside Canada if, for example, we are doing business with a supplier based in another country. In this case, we contractually ensure that our supplier meets our expectations in terms of managing and protecting your personal information. Before transferring your personal information outside Canada, we ensure that it will be adequately protected.

We may also disclose your personal information to another Canadian province or territory.

When do we obtain your consent?

We obtain your consent before we collect, use or disclose your personal information. We may obtain consent directly from you. It may also be obtained from someone else, such as service providers or credit bureaus and reporting agencies.

We will request your consent again if we wish to use or disclose your personal information for a purpose to which you have not consented.

When do we not request your consent?

In some cases, the law permits us to collect, use or disclose your personal information without your consent.

Here are a few examples:

  • Disclosing your personal information to suppliers for a purpose outlined in this notice
  • Conducting statistical studies using de-identified personal information, where permitted by law
  • Take appropriate action if we detect potential fraud
  • In Quebec only, using your personal information if it is clearly to your benefit or for purposes related to those you have already agreed to
  • Outside Quebec, using or disclosing your personal information if it is clearly to your benefit and we are unable to obtain your consent

We may also be required by law to disclose personal information, for example if ordered by a court or requested by a regulatory authority or self-regulatory body.

Our employees, representatives and other stakeholders play a role in protecting your personal information. Our in-house procedures clearly define each person’s roles and responsibilities in managing personal information.

We limit access to and use of your personal information

We keep access to your personal information to a minimum. Access to your personal information is restricted to individuals who need it to do their jobs.

Here are some of the measures in place to control access to and use of your personal information:

  • We train our employees, representatives and consultants to handle your personal information with care and according to best management practices. Our suppliers must do the same.
  • Our employees, representatives and suppliers may access and use the personal information we collect only if we have obtained consent for this purpose or if permitted by law.
  • We regularly review the access rights of employees, representatives and suppliers based on their roles and responsibilities.

We protect our facilities and IT systems

We have security measures in place to protect our platforms, facilities and IT systems. Your personal information is protected at all times by a multidisciplinary team, monitoring tools and state-of-the-art technology environments.

Here are a few of the security measures in place:

Technological measures
  • Multi-factor authentication
  • Data encryption
  • Digital certificates
  • Firewall
Physical or administrative measures
  • Authorization required to access our IT systems and the buildings where your personal information is stored
  • Constant monitoring of our facilities

We communicate with you securely

We have measures in place to ensure the security of our communications with you, including when we collect your personal information.

Here are some examples of these security measures:

  • We always verify your identity, whether online, over the phone or in person. Other than to authenticate you, we avoid collecting certain personal information over the phone, such as your date of birth or your social insurance number.
  • We will never ask for your password or your personal identification number (PIN).
  • We will not contact you for the sole purpose of obtaining your personal information.

We retain your personal information only as long as necessary to:

  • Fulfill the purposes for which we collected it, and
  • Meet our legal obligations

When necessary to the post-employment relationship and in accordance with the law, the use of certain personal information will continue after you retire or leave the company, as the case may be, for the management of your employee benefit plans, for example.

We have implemented a retention schedule, which guides us on how long we should keep each type of personal information, depending on the context. We destroy the information once the retention period has elapsed. This period depends, among other things, on our legal and regulatory obligations and on the time needed to protect our rights in the event of legal recourse.

We may anonymize certain personal information before destroying it and retain a copy. Once the information is anonymized, it can no longer be used to identify you and is therefore no longer considered personal information. We use it, among other things, to identify trends and establish performance indicators.

Managing your consent preferences

You may consult and update your consent preferences for the collection, use and disclosure of your personal information at any time. However, please be aware that if you withdraw your consent for a purpose that is essential to our relationship with you (refer to the We collect your personal information for specific purposes section for more details), we will no longer be able to assess your application.

For optional purposes, you may withdraw your consent at any time without adversely affecting our relationship with you.our relationship with you.

You may contact us to withdraw your consent for the following two purposes:

  • Improving the employee experience
  • Improving equity, diversity and inclusion

Withdrawing your consent may take up to 30 days to be processed and applied.

Accessing, rectifying or deleting your personal information

You have a number of rights with regard to the personal information we hold about you. You may exercise these rights at any time.

Knowing if we hold personal information about you

You can ask us:

  • If we hold personal information about you
  • How your personal information was collected, used and disclosed
  • If another individual or organization holds your personal information for us
Accessing your personal information

You may ask to access the personal information we hold about you. You may also obtain a copy, but you may have to pay a reasonable fee for it.

In some cases, we are unable to provide you with the requested information. For example:

  • We cannot give you information that would reveal information about another person.
Rectifying your personal information

You can request that we rectify your personal information if it is incomplete or inaccurate.

You can also update it if it has changed.

Deleting your personal information

You can request that we delete your personal information. Our response will depend on the situation.

If we have fulfilled the purposes for which the personal information was collected, we will delete it. However, we may retain it in order to meet our legal and regulatory obligations and protect our rights in the event of legal recourse.

If we have not yet fulfilled the purposes for which the personal information was collected, we will delete the information that is out of date, inaccurate, incomplete or no longer required. If you request that we delete the rest of your personal information, we will not be able to continue our employment relationship.

You may submit a written request to exercise any of your rights in relation to your personal information. You will receive our written response within 30 days. If we deny your request in whole or in part, we will provide you with several pieces of information:

  • Reasons for the denial
  • References to the laws and regulations that justify this denial
  • Your right to challenge this denial before the privacy regulatory authority in your province or territory
  • Timeframe for appealing the denial

Filing a complaint

You may file a complaint if you feel that we have mishandled your personal information.

Please contact us first if you wish to file a complaint. We will take the time to analyze your complaint and work with you to resolve the situation.

You can also file a complaint with the privacy regulatory authority in your province or territory.

To submit a request to access, rectify or delete your personal information, or to request assistance, send us a comment or ask a question related to your privacy, you can contact us in writing at the address below:

By email: ecc@ia.ca

To file a complaint about the handling of your personal information, you can contact us in writing at the addresses below:

By email:

privacyofficer@ia.ca

By mail:

Office of iA Financial Group Chief Privacy Officer
1080 Grande Allée West
PO Box 1907, Station Terminus
Quebec City, Quebec G1K 7M3

Make sure you provide us with all the information we need to follow up on your request.

Updates to this notice

We regularly update our practices to enhance them and ensure that they reflect changing privacy laws, regulations and standards. We will notify you on our website of any material changes to this notice.