Privacy Policy

Introduction

At TruStone Financial Inc. (“TruStone”), we are committed to protecting the privacy of our customers in accordance with the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and any applicable provincial privacy laws. This Privacy Policy outlines how we collect, use, and disclose personal information, as well as the steps we take to safeguard this information. TruStone’s commitment to maintaining trust and confidence amongst Advisors, customers, and employees is reflected in our commitment and approach to protecting personal information.

In order to provide Advisors and their customers with access to insurance products and services, we collect certain personal information about both, generally on behalf of our insurance providers. This Policy applies to our employees, our Associate General Agents (AGAs) and any third-party service providers with which we contract.

PIPEDA’s Fair Information Principles

These principles form the ground rules for the collection, use and disclosure of personal information, as well as for providing access to personal information. In addition to these principles, PIPEDA states that any collection, use or disclosure of personal information must only be for purposes that a reasonable person would consider appropriate in the circumstances.

Accountability

TruStone is responsible for the personal information under its control. In fulfilling this mandate, a Privacy Officer has been designated to ensure adherence and compliance with the privacy principles by developing and implementing a privacy management program, which is regularly reviewed and amended when necessary.

Identifying purposes

TruStone acts as an intermediary between insurance brokers and AGAs and the insurance companies with which they do business, providing administrative and marketing services pursuant to written contracts. Insurers’ privacy policies sometimes identify TruStone as “service providers.” Insurers require MGAs to obtain, use and retain certain essential personal information about Advisors in order to determine their initial and ongoing suitability to act as an Advisor, to obtain contracts for them to distribute products and in order to compensate them. This information includes financial and work history as well as disciplinary, legal and regulatory information.

TruStone obtains customer information from Advisors in order to provide services and access to insurers’ products. Our policies must meet the standards insurers establish. The personal information Advisors collect from customers and provide to TruStone for submission to insurers is essential information that insurers use to provide services and products that customers have requested. This information is used to determine insurance risk, assess eligibility for products, to administer those products once purchased and to fulfill certain regulatory requirements. This can include health information, financial information and history and information about avocations. TruStone retains some of this information in order to be able to administer business, to provide ongoing service to Advisors and insurers and when we are required to do so by law.

Prior to the time of collection, the purpose of collection is identified through the Advisor Disclosure Form and TruStone’s Privacy Statement and Consent. TruStone will not collect, use, or disclose information beyond that required to fulfill the purposes specified at the time of collection.

Consent

TruStone will collect information only with consent, whether express or implied. The customer consent that insurers receive may include consent to provide personal information to us, which allows us to fulfill our contractual obligations to the insurer. Most often, we operate under the customer consent that Advisors receive in order to support their sales activities. We may rely on implied customer consent when an Advisor receives a customer’s consent to collect personal information in connection with a purchase or policy change and when we process customer information requested by an Insurer and collected by an Advisor. We receive express Advisor consent to obtain their personal information in the course of screening and contracting.

When an Advisor or customer requests or uses any of the products or services we make available, TruStone will transfer whatever information is necessary by implied consent. If TruStone receives notice from an insurer that an Advisor or customer has withdrawn consent for the continued use and retention of personal information, TruStone will take whatever steps are necessary to adhere to the Act. This may require termination of our relationship with the Advisor. We will act on instructions we receive from the insurer regarding the customer’s status.

TruStone requires the client’s permission to collect, use, and disclose personal information, with some exceptions. This consent is collected through advisor’s Privacy Statement and Consent. The exceptions are determined by law and can include times where legal, medical, or security reasons make it impossible or impractical to seek consent. Clients may withdraw consent at any time, subject to legal or contractual restrictions. The consequences of such withdrawal could include the possibility that TruStone may not be able to provide a product or process a request.

Limiting collection

TruStone only collects your personal information in fair and legal ways. The information collected is limited to identified purposes. The type of personal information gathered depends on the type of product or service involved.

Wherever possible, TruStone collects customers’ information directly from the Advisor as their authorized representative. Information may be obtained through government agencies, other insurers and financial institutions. We may collect any required health information about customers from the Advisor or directly from the customer. Third party service providers and other authorized representatives may also collect this information on our behalf. We will collect the Advisor’s personal information directly from the Advisor, other insurers and insurance organizations, government agencies and existing and past employers.

Personal information we may collect includes:

name, address, email address, telephone number, and other contact information;

age, birth date, social insurance number, ID numbers, and gender;

information about your preferences, income, assets or personal finances;

medical records, credit records, loan records, employment records, insurance or transaction history;

information about your insurance claims or claims history; and

such other information we may collect with your consent or as permitted or required by law.

Limiting use, disclosure, and retention

TruStone will use and disclose personal information to perform our contractual duties and provide information when we are required to do so by law. We may disclose this personal information to our employees or service providers so that they can perform their duties, to insurers and any person or organization to which consent has been given and where authorized by law. Where personal information is provided to service providers, we require them to protect that information consistent with our policies and practices. We may also use personal information to offer products and services that we believe will interest Advisors or customers but we will never give or sell personal information to third parties for marketing purposes.

Personal information that is no longer required to fulfill the purpose(s) identified when collected is securely destroyed or erased.

Accuracy

Any personal information that TruStone collects, uses, or discloses should be as correct, complete, and up-to-date as possible for the reasons it is used. All reasonable efforts are made to ensure that the personal information collected and kept in the client file is as correct, complete, and up-to-date as it needs to be for the identified purposes.

It is the Advisor’s responsibility to keep the personal information we obtain about the Advisor and customer as accurate and up-to-date as possible. Both the insurer and the Advisor are responsible for providing TruStone with notices of changes that they receive directly. An individual may challenge the completeness and accuracy of his/her personal information that we hold. We will make any necessary corrections to information about an Advisor that is shown to be incomplete or inaccurate and we will notify any third parties, including insurers, if we agree to make such corrections.

Customers may gain access to their personal information we hold by making an access request to the Advisor and/or insurer on whose behalf we hold the information. In situations where a customer seeks corrections to information we hold, we will act on the instructions of the insurer(s) whose products are held and/or the Advisor who is their authorized representative, depending on the corrections required. Any disagreement or discrepancy regarding accuracy will be documented.

Safeguards

To protect your personal information from intrusion, release, or misuse, TruStone implemented and continue to implement rigorous safeguards so that your personal information remains strictly confidential and is protected against loss or theft, as well as unauthorized use, disclosure, access, copying or modification.

Protection methods include organizational measures such as requiring security clearances and limiting access to a “need-to-know” basis, physical measures (e.g. building access cards for employees, visitor registration and identification cards), and technological measures such as the use of passwords and encryption (e.g. the use of firewalls and routinely changing passwords and use of password manager).

Openness

TruStone may update this Privacy Policy from time to time. TruStone makes information about our privacy policies and the practice relating to management of personal information readily available on TruStone’s website.

Individual access

Clients may provide a written request if they would like to access the personal information TruStone has about them. After taking appropriate steps to verify the client’s identity, TruStone allows clients the right to access and update their personal information that we have on file. However, if we cannot allow access to the client’s personal information, we will advise the client the reasons for the refusal, the contact information of our Privacy Officer, and their right to ask for a review within 30 days of being notified of the refusal.

Challenging Compliance

Any questions or concerns regarding our privacy policy can be directed to our Privacy Officer. Complaints will be thoroughly investigated and handled by our Privacy Officer.

Contact Us:

If you have any questions or concerns regarding this Policy or how we manage your personal information, please contact the Privacy Officer, who is also the Compliance Officer and can be reached atgodfreyk@trustonefinancial.ca. You may direct your questions or concerns in writing to TruStone Financial Inc. at the following address:

130-2550 Matheson Blvd. E, Mississauga, ON, L4W 4Z1

Attn: Compliance Officer

Complaints and Concerns
Our employees and representatives are trained to respond to questions or concerns about your personal information. Should you be unsatisfied with our employee’s or representative’s response, you may contact the Privacy officer at the address mentioned above.

In addition, any complaint concerning the protection of personal information should be addressed to the Privacy Officer.

You can also contact the Privacy Commissioner of Canada. The Commissioner encourages individuals to attempt to discuss concerns directly with the organization first. Hours of service are from 8:30 a.m. to 4:30 p.m EST, at:

Toll-free: 1 (800) 282-1376
Phone: (613) 947-1698
Fax: (613) 947-6850
TTY: (613) 992-9190

or by mail at:
30 Victoria Street
Gatineau, Quebec
K1A 1H3