At GFMD, a company affiliated with The People Corporation, we are committed to respecting and protecting the privacy and personal information entrusted to us. We have adopted the following principles:
Our employees, affiliates and other persons or organizations that act on behalf of the Corporation are responsible for protecting your personal information. We have established and implemented policies and procedures governing how we deal with personal information. Our Chief Privacy Officer oversees our privacy program including policy, dispute resolutions, education, communication, and reporting to our Board of Directors on privacy matters.
When we collect your personal information, we inform you of our reasons for collecting, using, and disclosing this information. Purposes may include to:
- Verify identity and protect against fraud or misrepresentations
- Ensure the information we have about you is accurate and current
- Understand your needs to be able to offer suitable products and services
- Determine your eligibility for products and services
- Set up, administer, and maintain the products and services you have chosen
- Communicate with you about products and services that you have requested or that may be of interest
- Respond to questions or concerns you may have
- Perform analysis using anonymized data to improve and/or market our products or services
- Comply with legal or regulatory requirements.
When you apply for or accept a new product or service, we obtain your consent to collect, use or disclose your personal information for the purposes outlined above. Consent may be provided in writing, verbally or through an authorized representative. You may withdraw your consent at any time, subject to legal or contractual restrictions and reasonable notice. However, without your consent we may not be able to provide you with the products or services you requested.
We limit the personal information we collect to the information necessary for our identified purposes. Depending on the product or service, personal information we collect may include, but isn’t limited to:
- Identification information such as name, address, telephone number, e-mail address, date of birth, union/employee ID, and other identifiers
- Social Insurance Number (SIN) as required to comply with Canada Revenue Agency reporting requirements
- Financial information such as salary, income, assets, and liabilities to ensure that the advice and/or products we provide to you meet your needs
- Banking information for delivery of benefit or pension services
- Information about your spouse/partner, dependent children, or other beneficiaries
- Health, medical or lifestyle information such as healthcare provider, medical history, and travel history or plans which may be required for some insurance products or other services
- Employment information including work history, education, professional designations, and references as required for recruitment, career transition and other HR services
- Marketing preferences if you choose to subscribe to our marketing and promotional communications
- Feedback you may have about our products and services
We may collect your personal information from you directly, or indirectly from other sources such as your employer/union, health care providers, or insurance companies. We may also collect information by monitoring or recording your interactions with us through telephone/video calls, online chats or other interactions with our website or portals.
You may choose not to provide us with certain information, but if you make this choice, we may not be able to provide you with the product, service, or information you requested.
Limiting Use, Disclosure, and Retention
We limit the use and disclosure of personal information, and only use and retain such information for the purposes for which it is collected unless you consent to other uses. In addition to sharing your information on a need-to-know basis with our employees, including those in our divisions and affiliates, we may provide your information to service providers who are involved in delivering the products or services to which you are entitled, including:
- Insurers, carriers, underwriters, advisors, claims processors, or claims adjudicator to service benefit plans
- Health care services providers, including virtual medicine and prescription providers, where group benefit plans provide for such services
- Pension trust funds, mutual fund or investment companies and custodians for retirement plans and other investment services
- Banks or other financial institutions to facilitate payments
- HR service providers including private search organizations, recruitment platforms, and background check providers
- Technology service providers
- Regulators or other public authorities to comply with legal and regulatory requirements.
We may also provide personal information to another organization if all or part of our business is being sold.
We have contractual agreements in place with service providers and other third parties, whether or not they are located in Canada, requiring that any information we provide be safeguarded and used only for the purpose for which it has been provided.
We retain personal information for only as long as it is needed to accomplish the purpose for which it was collected, or as needed for authorized, legitimate. or legal purposes.
We keep your personal information as accurate, complete, and up to date as needed for its use. You have the right to question the accuracy and completeness of the information we have about you and have it amended as appropriate.
We have implemented reasonable technical, administrative, contractual, and physical safeguards to protect personal information against loss, theft, unauthorized access, modification, or disclosure. We have security policies and procedures, including the use of passwords and encryption, to protect our systems against unauthorized access and use. Our employees receive information security, privacy, and code of conduct training. In addition, our service providers are contractually required to protect their systems against unauthorized access and to only use your personal information for the purposes authorized by us.
We are open about how we manage and protect your personal information, and we make our privacy policies available. Upon written request, we will respond to inquiries about our practices relating to the management of personal information.
You may request access to your personal information, and we will respond in accordance with applicable law.
Upon written request, we’ll provide you with details regarding your personal information including what information we have about you, and how it has been used and disclosed, subject to certain exceptions permitted by law.
You may also request that we change or delete your personal information that we have in our possession, and we will make best efforts to fulfil such requests, again subject to legal limitations. Deleting your information may also prevent us from providing you with the product or service you requested.
Handling Customer Complaints
You may submit in writing a privacy-related concern or complaint to our Chief Privacy Officer. Please see the contact information below.
We will investigate all complaints. If a complaint is justified, we will take all appropriate steps to set the situation right, including changing our policies and practices if necessary.
Chief Privacy Officer
1403 Kenaston Blvd
Winnipeg, MB R3P 2T5
Sherbrooke (Quebec) J1L 1C1