Respecting Your Privacy
Since 1872, our customers have trusted The Guarantee Company of North America (The Guarantee) GCNA with their insurance needs. To retain their trust, it is important to us to maintain a high degree of integrity in handling the information we gather about our customers. We are committed to protecting the privacy of the personal information of our customers.
As of January 1, 2004 the federal Personal Information Protection and Electronic Documents Act ("PIPEDA") applies to the operations of insurance companies. PIPEDA, which sets out the rights of the consumer and duties of the company to protect personal information, puts into law the privacy practices that we must follow. Our commitment is to safeguard the privacy rights defined in PIPEDA and all other relevant laws.
Our commitment to protecting your privacy
Collecting personal information about you is essential to our ability to offer you high-quality insurance products and appropriate insurance coverages as well as to provide you with on-going service relating to your insurance needs. We take great care to keep your personal information that we collect accurate, confidential and secure.
The price for a surety bond is calculated as a fee for a prequalification service and is related to the type and dollar value of the contract being guaranteed, whereas insurance policy premiums are based on the insurance company's statistical data which show that it will incur a certain number of claims for losses during the term of the policies.
- How we collect, use and disclose personal information
- We will protect your personal information
- Your right to access your personal information
- Privacy principles
- For more information
We ask you for only the information we need
- We collect only the information we need for the purposes we have identified to you.
- Our files are kept for the purpose of providing and servicing insurance products and services that we believe are right for you.
- We will not sell your personal information.
Why we need the information
Generally, we need to collect personal information for the following purposes, to:
- communicate with our customers;
- underwrite risks on a prudent basis;
- investigate and pay claims;
- detect and prevent fraud;
- offer and provide products and services to meet customer needs;
- compile statistics; and
- comply with the law.
We will make sure you understand why we need the information by using clear, understandable language when we identify the purpose.
We will obtain your permission
- We collect, use or disclose your personal information with your permission.
- Your permission may be expressed in writing or be implied and you may give it to us verbally, electronically, or through your authorized representative.
- You may withdraw your permission to collect, use and disclose your personal information at any time, subject to legal and contractual restrictions and reasonable notice.
- Where medical information about you is collected or released, we will obtain your consent to do so.
- Before we make information available to third parties, other than an agent or service provider who needs it, we will tell you at the time we obtain your consent or before we make the information available, who those persons or organizations are, the kind of information we want to share with them and why.
We will limit how long we keep information
- We will keep your personal information as long as it is necessary, including updating the product or service or as required by law.
- When we destroy personal information, we will use safeguards to prevent unauthorized parties from gaining access to the information during the process.
We are responsible for your information
- We are responsible for all personal information in our possession, including information transferred to a third party service provider or agent, so that we can provide you with a product or service.
- All employees, agents and authorized service providers are required to protect the confidentiality of your personal information.
How we protect information
- Access to your personal information is restricted to those employees, agents and authorized service providers who need it to do their jobs.
- We have developed security procedures to safeguard and protect personal information against loss, theft, unauthorized disclosure, copying, and unauthorized use or modification. We will maintain appropriate safeguards and security procedures that reflect the types of documents, including electronic or paper records, organizational measures including security clearances and limiting access on a "need-to-know" basis, and technological measures such as the use of passwords and encryption. While we endeavour to protect all information, the most sensitive information, such as medical information, receives the highest level of protection.
- You have the right to ask whether we hold any personal information about you and to see that information, as provided by law. Where we have obtained medical information about you from a third party, we will release this information only through your physician.
- You also have the right to know:
- how we collected your personal information,
- how we are using it, and
- to whom it may have been disclosed.
How to request an update or correction
- If you believe any of the information we have collected about you is incorrect or incomplete, you have the right to ask us to change it.
- If you show that your personal information is inaccurate or incomplete, we will make the necessary changes.
- If you feel we have not dealt with your request to your satisfaction, you can follow our complaint resolution procedures.
How to register complaints
- You may register a privacy-related complaint by contacting our Privacy Officer. We will explain our complaint procedure to you and investigate all complaints. If a complaint is justified, we will take all appropriate steps to set the situation right, including changing our policies and practices if necessary. We will also let you know what other complaint procedures may be available to you.
For more information, please contact our Privacy Officer at 4950 Yonge Street Suite 1400, Toronto, Ontario M2N 6K1, or by e-mail at email@example.com.
Each company, employee or agent is responsible for personal information under his or her control and shall designate an individual or individuals to be accountable for compliance with this Code.Principle 2 - Identifying Purposes
The purposes for which personal information is collected shall be identified before or at the time the information is collected.Principle 3 - Consent
The prior knowledge and permission of the individual are required for the collection, use or disclosure of personal information, except for legal or security reasons.Principle 4 - Limiting Collection
The collection of personal information shall be limited to that which is necessary for the purposes identified. Personal information shall be collected by fair and lawful means.Principle 5 - Limiting Use, Disclosure and Retention
Personal information will not be used, disclosed or retained for purposes other than those for which the information was collected, except with the permission of the individual, or as permitted or required by law.Principle 6 - Accuracy
Personal information shall be as accurate, complete and current as is necessary for the identified purposes for which it is to be used.Principle 7 - Safeguarding Information
Personal information will be protected by safeguards appropriate to the sensitivity of the information.Principle 8 - Openness
We will make readily available to our customers specific information about our policies and procedures relating to the management of their personal information.Principle 9 - Individual Access
Upon request, an individual will be informed of the existence, use and disclosure of his or her personal information and shall be given access to it. An individual will be able to challenge the accuracy and completeness of the information and have it amended as appropriate.Principle 10 - Handling Customer Complaints and Suggestions
Individuals can address any complaint regarding compliance with the above principles with our Privacy Officer at firstname.lastname@example.org