Why We Collect Personal Information
We use personal information for a number of reasons:
- to make underwriting and business decisions;
- to verify your identity and eligibility;
- to investigate and pay benefits and claims;
- to locate you if we do not have current contact details;
- to address complaints that you may have about our services;
- to implement risk management programs and procedures to protect against fraud, errors or misrepresentations;
- to report to regulatory or industry entities in accordance with statutory and prudent insurance industry practices; and
- to comply with all applicable laws, including tax requirements.
We will explain to you why we require personal information and will restrict our use of this information to the purposes identified.
Kinds of Information We May Collect
Personal information that we collect may include name, address, birth date, sex, social insurance number, banking information, marital status, occupation, work history and contact information. We may also collect information about your spouse, including name, sex and birth date. We will limit the personal information we collect to that necessary for us to provide products and services to our customers and make informed underwriting and business decisions.
How We Collect Personal Information
We will collect personal information by lawful and fair means: directly from you in writing, electronically or verbally, from the employer who sponsored your pension plan, from insurance brokers or from other legitimate sources such as other insurers, administrators, banks, credit bureaus and consumer reporting agencies.
Consent to the Collection and Use of Personal Information
Your knowledge and consent are required for our collection, use or disclosure of your personal information. We normally collect your personal information from your employer, former employer, pension plan sponsor or the administrators who provide pension plan recordkeeping and payroll services to one of those entities. Relevant privacy law gives you the option to “opt-out” and withdraw your permission for us to collect, use and disclose your personal information. However, Brookfield Annuity will be unable to pay benefits to which you are entitled if you do withdraw your permission for our use of your personal information.
Disclosure of Personal Information
From time to time in the normal course of business, it is necessary for us to provide an individual’s personal information to a third party such as, but not limited to, a bank, broker, reinsurer, legal counsel, regulator, administrator, data storage provider, search firm, printer or mail distributor. We advise each third party to whom we provide personal information that we expect the party to comply with applicable privacy laws and to also take steps to protect that information.
In some cases, your personal information is transferred outside Canada. Brookfield Annuity uses service providers in Canada and the United States to process and store your personal information. Further, some of the third parties to whom we may disclose your personal data (listed above) are outside Canada and may use service providers of their own who are outside Canada; these are primarily in the United States, the United Kingdom and the European Union. Information processed or stored outside Canada may be accessible to the governments, courts, law enforcement or regulatory agencies of those countries through their local laws. For individuals who are resident in Quebec, please note that information that Brookfield Annuity holds in Canada is held outside Quebec.
Protection of Personal Information
Access to your personal information is restricted to those of our employees, agents and authorized service providers who require it in their work. Employees who have access to personal information are made aware of the responsibility they have to protect that information.
We use a number of controls to protect personal information against loss, theft, unauthorized disclosure, copying, and unauthorized use or modification. These controls include restricted access to our premises, user authentication, encryption, firewall technology and the use of detection software.
In the event that we transfer your personal information to a third party in Canada or across borders for processing, we contractually require such third party to protect your personal information in a manner consistent with our privacy safeguarding measures, subject to the law in the third party jurisdiction.
Retention of Personal Information
We will retain an individual’s personal information for as long as is necessary to fulfill the purposes for which it was collected or as required by law. Disposal of any personal information no longer required will be done in a safe and complete manner.
Access to Your Personal Information
You can request access to your personal information, subject to any legal restrictions. For example, if to allow access would reveal any personal information about a third party then access may be limited or denied. If there are reasons why access is denied, we will advise you of those reasons in writing.
If you believe any of the information we have collected about you is incorrect or incomplete, you have the right to ask us to change it, or you may contact us to update your personal information in our records. If you show that your personal information is inaccurate or incomplete, we will make the necessary changes as appropriate.
If You Have Questions or Concerns
Requests for further information, access to personal information or complaints about our handling of personal information should be directed to our Chief Privacy Officer, as follows:
Susie Taing, Chief Privacy Officer
333 Bay Street, Suite 1200
Toronto, Ontario M5H 2R2