In the field of insurance and financial services, LiLand Insurance Inc. and its affiliates (“LiLand Insurance”) are required to collect information of a personal nature including health, lifestyle or financial situation of their respective clients, employees or representatives (each an “individual”). LiLand Insurance Inc.(“Company”) is aware of the sensitivity of such information and has always made sure that it is kept strictly confidential.
The purpose of this policy is to confirm, formalize and promote the protection of personal information in possession and control of the Company.
1. Personal Information
Personal information is defined as being any information concerning an individual and allowing the identification of him or her.
Personal information has to be protected regardless of its characteristics or its form whether written, graphic, audio, visual, computerised or any other form.
2. Purposes of Information Collection
The Company shall identify the purposes for which personal information is collected at or before the time of collection. Persons mandated by the Company to collect information or persons who collect information that is submitted to the Company, should be able to explain to the concerned individuals the purposes for which the information is being collected.
Information will generally be collected from individuals through the various forms such as enrolment, account opening or claim forms which, if produced by the Company, shall indicate the purposes of the information collection. The sole objective of the information collected from the individuals will be to provide the products or services requested and to respond to their needs or the Company’s needs for the duration of their relationship with the Company.
Where the Company collects personal information from an individual, the Company informs the individual of the purposes for the collection of personal information and obtains the individual’s consent at or before the time of collection, as well as when a new use is identified. Every person must be informed of any further collection, use or communication of personal information about them and provide express consent for these purposes.
The Company seeks express written consent in order to collect, use or disclose personal information through different forms used by the Company. Where appropriate in the circumstances, the Company may accept a verbal or implied consent.
Consent must be given by the individual or an authorized representative such as a legal guardian or a person having power of attorney.
Any person may withdraw their consent at any time, subject to legal or contractual restrictions. The Company must inform the person of the consequences of such withdrawal, including the possibility that the Company may not be able to provide a product or the inability to process a request.
The Company may have to collect, use or disclose personal information without an indivual’s knowledge or consent for legal, medical or security reasons. The Company has also to disclose personal information to institutions regulating its activities and public bodies having the authority to investigate.
4. Limitations to Collection, Use, Disclosure and Retention
The Company must always proceed by fair and lawful means in the collection, use, disclosure or retention of information. The Company must not collect, use or disclose information except with the consent of the individual or as required by law.
The Company must limit the amount and type of information collected to that which is necessary to fulfil the purposes identified. The Company shall only collect personal information from the concerned individual unless this individual allows the Company to collect it from a third party.
Personal information held by the Company is only accessible to persons having authority to access such information. They use such information only to the extent necessary in the discharge of their duties.
The Company shall retain personal information only as long as necessary for the fulfilment of the purposes for which it was collected and the information must be destroyed in accordance with the law and Company’s guidelines with respect to the retention of files.
The Company shall occasionally share personal information concerning individuals with suppliers or agents to ensure the management of the selected products or to provide the required services. These suppliers or agents shall have to commit themselves to comply with privacy legislation before any communication of information.
Some companies of the LiLand Insurance Inc. may establish a nominative list of their respective clients (names, addresses and telephone numbers) and share this list with other companies of the LiLand Insurance Group. If need be, the purpose of this list shall be to allow the company to better serve its clients by offering relevant and available products and services. Clients may request that their name be withdrawn from such list by writing to the Privacy officer at the address provided in section 8 of this policy.
The Company shall apply methods aimed to ensure that personal information is as accurate and complete as necessary for the purposes for which it is to be used.
The Company shall not routinely update personal information, unless such a process is necessary to fulfil the purposes for which the information was collected.
The Company is responsible for personal information in its possession or control, including information that has been transferred to a third party for processing. The Company requires such third party to keep personal information under strict standards of privacy and protection.
The Company shall ensure that each department has implemented procedures to apply the principles of this policy. The Company shall adequately inform and train its employees on the Company’s policies and procedures with respect to the protection of personal information.
The Company has implemented and continues to implement appropriate safeguards with the purpose that personal information remains strictly confidential and that it is protected against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
8. Request for Access to Information or Amendments
The Company’s policies and procedures concerning the protection of personal information shall be readily available to anyone. The Company must inform an individual of the existence, use, and disclosure of his or her personal information and his or her right to access the information.
The Company shall respond to an individual’s request for information within a reasonable time. In addition, the fee charged for processing the request shall also be reasonable.
A company of LiLand Insurance Inc. may refuse to provide access to medical information directly to the concerned person and may ask to designate a health care professional in order to receive communication regarding that concerned person. The designated professional will then communicate information to the concerned person.
An individual may challenge the accuracy and completeness of personal information and have it amended as appropriate. The Company shall respond to an amendment request within a reasonable time.
Any request for access to information or request for amendment must be sent to the following address:
LiLand Insurance, Inc.
759 Warden Avenue
9. Complaints and Concerns
The Company’s employees and representatives are trained to assist clients’ questions or concerns relating to personal information. If the employee or representative dealing directly with the customer did not satisfy such concern, he or she may contact the Privacy Officer at the address provided in section 8 of this Policy.
If a customer wants to make a complaint concerning the protection of personal information, he or she may contact the Privacy Officer at the address provided in section 8 of this Policy. For a justified complaint, the Company will make the appropriate corrections and modify its practices and procedures if necessary.
* This Policy reflects the legislation applicable in Canada regarding the protection of personal information.