Last updated: June 1st, 2023
At GFSC Life Inc. (“we”, “our” or “us”), we value you as a customer and we know how much privacy means to you. We are committed to protecting your privacy. We are proud to demonstrate our commitment to your privacy by complying with applicable privacy laws in Canada, including the Personal Information Protection and Electronic Documents Act.
Collection of Personal Information: We collect Personal Information directly from individuals and from third parties. For more information about the types of Personal Information we collect, refer to the below.
Use of Personal Information: We use Personal Information to provide quotes or information about our products and services, process applications for insurance, underwrite insurance policies, process claims, register and administer user accounts, personalize user experiences, make recommendations, and provide individual client service, among other purposes. For more information about how we use Personal Information, refer to the below.
Sharing of Personal Information: We transfer Personal Information to third party service providers who assist us in providing our products and services. Some of the third parties that we share Personal Information with may be located in jurisdictions outside of Canada. We also disclose Personal Information to the third party companies that underwrite our insurance policies, the reinsurance companies that insure those companies, and MIB. There are rare cases in which we may disclose Personal Information without consent, such as when we are ordered to do so by a court. For more information about how we transfer and disclose Personal Information, refer to the below.
Retention of Personal Information: We retain your Personal Information only for as long as is necessary to fulfil the purposes for which it was collected. For more information, refer to the below.
Security safeguards: We employ reasonable measures to secure your Personal Information from misuse, interference, loss, and unauthorized access, modification or disclosure. For more information, refer to the below.
Consumer Rights: You may have certain privacy rights in relation to the Personal Information that we collect, use and disclose about you. You may exercise those rights by contacting our Privacy Officer using the contact information provided in this Policy. For more information, see Consumer Rights, How to access your Personal Information, and How to request correction of your Personal Information, below.
Greenstone Privacy Officer
2 Sheppard Avenue East, 16th Floor
North York, Ontario
What Personal Information do we collect about you?
“Personal Information” is any information that is about an identifiable individual or that may be reasonably linked to an identifiable individual.
We collect Personal Information from you directly, for example, when you interact with our website, contact us, fill out our forms, or interact with our social media pages, and indirectly from third parties, such as health professionals, from the life and health insurance underwriting tool MIB and any MIB member insurers, and from the ministry responsible for transportation in your jurisdiction, or online comparison platforms.
The types of Personal Information that we collect depends on your use of our products and services, and how you interact with us. This may include information such as:
- Your name, date of birth, gender, contact information including your work or home phone number, work or home email address, residential address and postal code, marital status, health information and health history, including information about your past health insurance claims and your family health history, employment status, and financial information, such as bank account details.
- The Personal Information of your beneficiaries, including their name, residential address, date of birth, relationship to you, work or home phone number and work or home email address.
- Information that we generate about you, such as a unique customer identification number, policy number, and information about your transactions with us.
- Registration information, such as your username, password, password hints, and security information that is used for authentication purposes.
- Cookies and tracking information, such as Internet Protocol (“IP”) address and other technical data that may uniquely identify your device, system or browser, as described in more detail below.
- Any other Personal Information for which we may obtain your consent from time to time.
If you apply for employment with GFSC Life Inc., we will collect educational information, areas of interest, specialized knowledge, work history and any information on your resume. If you choose to import data for a social networking site, or if you provide us with a link to your profile page, we may also collect additional Personal Information from your publicly available social media profile, such as your LinkedIn profile and/or your personal website.
We will always collect your Personal Information by fair and lawful means.
How do we use Personal Information?
We use Personal Information for the following purposes (the “Purposes”):
- processing requests for information or quotes;
- processing applications for insurance;
- underwriting a policy;
- administering a policy;
- verifying the accuracy of information provided during the application, underwriting and claims processes, by cross-referencing it with information from other available sources, for example MIB; making brief reports of your personal health information to MIB, if required;
- processing a payment;
- processing a claim;
- registering or administering a member account;
- developing and maintaining a relationship with you and communicating with you;
- with your consent, communicating with you about new programs, services and promotions offered by GFSC Life Inc., and any of its subsidiaries, parent company or affiliate companies, that may be of interest to you;
- responding to requests, concerns, questions or complaints;
- collecting opinions and comments in regard to our operations, products, and services;
- offering more secure access to your account;
- enhancing website security and determining the effectiveness of our website;
- identifying patterns of behaviour to offer relevant suggestions and provide a personalized online experience, including through the delivery of targeted advertising and marketing services;
- detecting, preventing, or suppressing fraud or other prohibited or illegal activities;
- meeting our legal and regulatory requirements;
- other purposes for which we may obtain consent from time to time;
- otherwise as disclosed to you at the time of collection; and
- such other uses as may be permitted or required by law.
How do we share your Personal Information?
We may share Personal Information with GFSC Life Inc.’s subsidiaries, parent company, affiliates, and third party service providers for processing purposes. We use third party service providers to help us operate our business, including our website, and to achieve the Purposes identified above, such as customer service, payment processing, web analytics, sending emails, and security services. We may transfer Personal Information to these third party service providers, which are acting on our behalf. In doing so, we only share what is reasonably necessary for the Purpose intended and we employ reasonable contractual and other means to ensure those third parties provide a comparable level of protection to the Personal Information. The third parties are prohibited from using your Personal Information for unrelated purposes. Accountability for any Personal Information that is transferred to third party services providers remains with us. Some of our third party service providers are located in jurisdictions outside of Canada, such that your personal information may be subject to the laws of foreign jurisdictions and accessible to the governments, national security, courts or law enforcement, or regulatory agencies in those jurisdictions. Specifically, GFSC Life Inc. uses third party service providers in jurisdictions including Australia, New Zealand, India, and the United States.
We may also share your Personal Information with third parties as permitted or required by law. For example, we and our third party service providers may disclose your Personal Information to law enforcement, government bodies or other organizations in response to a warrant, subpoena, or other court order. Such disclosures may also be made for the purposes of investigating a breach of an agreement or contravention of law, for detecting, suppressing or preventing fraud, or as otherwise may be required or permitted by applicable law.
We may disclose Personal Information in the event that we sell or transfer all or a portion of our business assets, including during the negotiations of such a transaction, where it is necessary to do so and in accordance with applicable law.
How long will we retain your Personal Information?
We will only retain your Personal Information for as long as is necessary to fulfill the purposes for which that information was collected, or as may be permitted or required by law. After that time, the Personal Information will be destroyed or rendered non-identifying.
How do we secure and safeguard your Personal Information?
We take reasonable precautions to keep your Personal Information secure, and require third party service providers to do the same.
We have implemented appropriate physical, organizational, contractual and technological safeguards to protect your Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. The ways we do this include:
- GFSC Life Inc. employees and service providers are contractually obligated to maintain the confidentiality of that information.
Depending on where you reside, you may have various rights relating to the Personal Information that we collect, use and disclose about you. Some of these rights may be subject to specific requirements or limitations under applicable law. To exercise any your rights, contact our Privacy Officer using the information provided below.
The rights available to you may include:
- Right to opt-out or withdraw consent: You may “opt-out” or withdraw your consent for the collection, use and/or disclosure of your Personal Information at any time, subject to legal and contractual obligations and reasonable notice. If you seek to do so, we may inform you of the consequences of withholding or withdrawing your consent before processing your request.
- Right of access: You may have a right of access to the Personal Information that we have about you, as described in more detail below.
- Right of correction: You may request the correction of any inaccurate, outdated or incomplete Personal Information related to you, as described in more detail below.
- Right to opt-out of marketing communications: You can opt-out of receiving our marketing communications. Note that you will still receive transactional messages from us, including information about your account, information about any claims, and responses to your inquiries. To opt-out of our marketing communications, you can contact our Privacy Officer or use the “unsubscribe” mechanism included in the communication.
How to access your Personal Information
If you have questions about the Personal Information that we collect, use, and disclose about you, or if you wish to request access to the Personal Information we hold about you, please send a written request to our Privacy Officer using the contact information provided below. In your request, please provide sufficient detail to enable us to identify any records in our custody or control that contain the information that you wish to access.
We will make such Personal Information available to you to the extent required by law. This information will be provided in a form that is generally understandable, and will include an explanation of any abbreviations or codes.
We will strive to respond to all access requests within thirty (30) days. We will advise you in writing if we cannot respond to your request within this time limit, and will provide a new date by which we will respond.
Prior to fulfilling an access request, we may require certain additional information from you for the purpose of verifying your identity.
In certain circumstances, we may charge a fee for fulfilling an access request. In such cases, we will provide you with a fee estimate prior to processing a request, and may require that you pay a deposit before we proceed. Upon receipt of the fee estimate, you are able to withdraw your request, if you wish.
How to request correction of your personal information
You may challenge the accuracy or completeness of your Personal Information in our custody or control at any time. To do so, please contact our Privacy Officer at the contact information provided below.
If you demonstrate that the Personal Information we hold about you is inaccurate or incomplete, we will amend the Personal Information as required. Where appropriate or required by law, we will transmit the amended information to third parties having access to your Personal Information.
We will strive to respond to all correction requests within thirty (30) days. We will advise you in writing if we cannot respond to your request within this time limit, and will provide a new date by which we will respond.
Prior to fulfilling a correction request, we may require certain additional information from you for the purpose of verifying your identity.
If we determine that a correction is not warranted or required, we will annotate the Personal Information to indicate the amendment that was requested but not made.
In addition to any Personal Information that you submit through our website, we may use a variety of tracking technologies, including cookies, to collect limited information about you to make our website more useful.
“Cookies” are data files that a website sends to your computer while you are viewing the website. These data files include information that allow a website to remember information that will make your use of the website more efficient and useful to you. Cookies do not harm your computer system or files, and only the website that transferred a particular cookie to you can read that cookie.
Our websites use encrypted and non-encrypted cookies for a variety of purposes. We may use cookie technology and IP addresses to obtain information from our online visitors and also to provide registered visitors with a personalized online experience.
- For users who have a secure online account with us, our member log-in processes may use session cookies. Session cookies enable the website to recognize your log-on credentials, and enhance your browsing experience. Session cookies are stored in your computer’s temporary memory and are deleted when you close your browser.
Third party websites
Greenstone Privacy Officer
2 Sheppard Avenue East, 16th Floor
North York, Ontario