Date of last update: February 26, 2023
At The Personal Insurance Company and The Personal General Insurance Inc. (hereinafter “The Personal”1), your privacy is invaluable. That's why we take the protection and confidentiality of personal information you entrust us with very seriously.
Whether to serve you every day and provide you with products and services or meet our legal obligations, we need to collect, use and disclose certain personal information.
The information we collect is used to identify you, assess your eligibility for requested products and services, offer products and services that meet your expectations, help you take advantage of the benefits of being The Personal client, and manage the risks associated with our activities. We also use your information to comply with our legal obligations, which include the prevention of cyber threats, fraud and other financial crimes.
- Your consent to the collection, use and disclosure of your personal information by The Personal
- Our commitment to collect only necessary personal information
- Our responsibility to protect the security and confidentiality of your personal information
- Our transparency regarding our practices and obligations in this regard
To learn about our policy when you use The Personal mobile application, read our Management and Protection of Personal Information Policy for mobile application users.
Getting your consent
What is my consent to the collection, use and disclosure of my information?
By giving your consent, you authorize The Personal to collect, use and disclose your personal information to serve you on a daily basis and meet its legal obligations.
We collect, use and disclose only The Personal information that is necessary, unless the law authorizes us to process it otherwise.
This consent to the collection, use and disclosure of your personal information takes precedence over any previous consent. It remains valid as long as you have a business relationship with The Personal.
Can I withdraw my consent to collect, use and disclose my personal information or refuse to provide certain information?
If you decide to withdraw your consent to the collection, use and disclosure of The Personal information required to serve you on a daily basis and to meet our legal obligations, we'll provide you with all the information required to explain the impact of such a decision on our provision of products and services.
In some cases, withdrawing your consent is not an option because of legal or contractual requirements.
If you refuse to allow us to collect certain personal information, we may not be able to provide you with the product or service requested and with certain benefits and discounts associated with that product or service.
Collecting only what's necessary
What personal information does The Personal collect?
We’ve compiled a table detailing all The Personal information we may collect from our clients.
Some categories are only collected when we provide particular products and services. If you don’t own, use or acquire these products and services, we won’t collect that personal information. For example, we would only ask for information about your health for life and disability insurance products. Also, some kinds of personal information (like biometrics) have additional consent requirements.
We've organized The Personal information we collect into 9 categories, as you’ll see detailed below, and we’ve provided examples for each category. We only collect the information we need to meet your day-to-day needs and our legal obligations.
1. Identification information
- First and last name
- Email and mailing addresses
- Telephone number
- Date of birth
- Gender or non-binary
2. Authentication information
- Passwords and personal identification numbers (PINs)
- Answers to authentication questions
- Biometric information (fingerprint or voiceprint2 )
- Government identifiers (passport number, driver's licence number, etc.)
3. Information about your communications with us
- Summary of your appointments
- Log, history, recording3and summary of your communications with us
- Written communications by email or chat (including complaints and dissatisfactions where applicable)
- Responses to surveys and consultations
- Video recordings from security cameras at our locations
4. Information about how you use our websites and applications
- Information collected through cookies
- Browsing preferences (language, province, etc.)
- Clickstream data and browser history
- IP address
- Information about your device, operating system or browser
5. Information about your products and services
- Information on your transactions and operations (accounts, contract numbers, dates and amounts, description, etc.)
- Information on products held (type of product, date obtained, terms, payment methods, etc.)
- Authorized account users
6. Information about your financial situation
- Information about your job or source of income
- Criminal record
- Credit rating and report
7. Information on your insurance files
- Insurance policy numbers and claims numbers
- Insurance amount
- Person and property insured
- Names of beneficiaries
- Health check and lifestyle information
- Insurance needs analysis
- Claims history
- Driving record
- Insurance quotes and applications (including verifying information such as prior claims, convictions, and annual kilometres)
- Information collected for a claim
8. Information on communication choices and preferences
- Choices and preferences for how we communicate with you
- Information on our loyalty initiatives (reward or discount programs)
9. Other information to enable us to comply with our legal obligations
- Proof of citizenship
- Country of birth
- Social insurance number (SIN)
- Taxpayer identification number (TIN)
- Residence and tax identification number
- Results of our anti-money laundering, cybercrime, fraud and other audits
How is my personal information collected?
We collect your personal information from 3 sources:
Directly from you
When you want to obtain a The Personal product or service, or when you communicate with us, regardless of the method used—in person at one of our locations, by telephone, email or online chat—or when you complete a survey, we ask you to provide information about yourself.
The same goes if you contact us about our products and services; we need to identify you by asking you to answer authentication questions, for example.
This may include information required to open an account and become a The Personal client, such as your first and last name and address, or more specific information like your claims history for a property and casualty insurance quote.
We may also ask you to provide information about a third party, such as a driver for an auto insurance claim or a contact person when you open your file.
When using The Personal products and services
We collect information about you when you browse our websites or use our online and mobile applications and services.
This information may be collected through cookies4 or directly on our websites or applications. It may include information about your bank transfers, insurance claims and online investments.
See How we collect, use and disclose information on Desjardins websites for more details.
From other sources
Depending on the situation, we may need to collect information about you from other individuals, organizations or entities, such as:
- A person that you have a joint product or service with, for whom you're the guarantor (surety), or who is a guarantor (surety) for you
- Credit reporting agencies and other financial institutions
- Insurance databases
- Vehicle and claims history
- Service providers
- Public bodies
- Personal referrals
- Public sources such as registries, official documents and websites, etc.
- Other relevant sources to provide you with the requested product or service
Being transparent about our practices
What does The Personal use my personal information for?
We use your personal information to serve you every day and to meet our legal obligations.
We'll inform you if we plan to use your personal information for any other purpose, unless we are legally authorized to use it otherwise.
As such, before we can serve you and provide you with our products and services, we must:
- Confirm that we're providing products and services to the right person by verifying that you are who you say you are (identify you and validate your identity)
- Ensure that your personal information is still accurate, complete and up to date before we use it; however, it is your responsibility to inform us of any changes
Assess your eligibility for requested products and services
- Review your financial situation
- Reassess your financial obligations to us
- Assess your application for insurance, which includes verifying information such as prior claims, convictions and annual kilometres
- Evaluate whether the product or service requested meets your needs and goals, if necessary
- Review and update your file or credit rating to assess our risks
Offer products and services that meet your expectations
- Provide you with the product or service you requested
- Guide, advise and help you make the best decisions based on your expressed need, situation and goals
- Design statistical models5 to deliver products, services and advice that meet your needs
- Manage your current products and services
- Process your insurance claims
- Contact you6
- Obtain your opinion following an interaction with The Personal or in connection with a product or service
- Provide you with guidance and support, respond to your requests for information and refer you to the right person based on your request
- Handle complaints and dissatisfaction
Help you take advantage of the benefits of being a client of The Personal
- Offer you discounts, cashback and special rates or fees, depending on the products and services you have with us
Manage the risks associated with our activities
- Assess and monitor the performance of our products and services, price them, improve them, and create new ones
- Develop, maintain and improve internal audit systems, processes, methods, practices and procedures
- Design and build dashboards, indicators and other types of reports
- Find, identify and assess risks to continuously improve our products and services
- Design statistical models5 to monitor operations and ensure the security of your information
We must also use your personal information to meet our legal obligations to:
Prevent cyber threats, fraud and other financial crimes
The term "other financial crimes" includes money laundering, terrorist financing and tax evasion, among others.
- Protect your assets
- Rapidly detect and prevent cyber threats, fraud, and other financial crimes
- Design statistical models5 to facilitate detection and prevention
- Take corrective actions as required
- Keep relevant regulatory documents
- Report or flag specific transactions
- Investigate or facilitate investigations when required
- Cooperate with and inform the proper authorities when required
- Confirm the identity of members and clients using our products or services, for example, to:
- Identify you
- Validate the information you provided about yourself, your citizenship and nationality, your job title or function, and your employer
- Confirm your source of income
- Confirm the use of some of your products
Respond to information requests, warrants and orders from courts and other organizations
- Protect your rights and interests as well as our own
- Cooperate with legal proceedings or administrative investigations
- Work with any organization with the authority to prevent, detect or punish crime and violations of the law
- Respond to requests, warrants and orders from organizations with the authority to compel us to disclose your information
Comply with tax requirements
- Comply with the Common Reporting Standard (CRS), which requires us to report accounts held by individuals, non-resident entities or certain entities controlled by non-resident individuals
- Comply with the US Foreign Account Tax Compliance Act (FATCA), which requires us to report accounts held by US citizens to the US government
Who has access to my personal information at The Personal?
Access to your information is limited to The Personal employees and consultants as well as The Personal agents and representatives who need to access it to perform their duties.
Our employees and consultants commit annually to protect the confidentiality of The Personal information they need while performing their duties and must regularly take security and privacy training.
Who can my personal information be disclosed to?
Our commitment is clear: We will never sell your personal information to anyone.
However, we may need to disclose your personal information to third parties in the normal course of business.
Desjardins Group components
Desjardins Group components disclose The Personal information they need to serve you on a daily basis and to meet their legal obligations.
At Desjardins General Insurance Group, in order to provide you with products and services that meet your expectations, information about your interactions and transactions with us is disclosed between Desjardins General Insurance Inc. and Certas Direct, a home and auto insurance company—or among subsidiaries doing business under "The Personal" brand.
Lastly, in accordance with Ontario's legal requirements, Desjardins Ontario Credit Union does not disclose any of your personal information to Desjardins General Insurance Group (unless you gave your consent as part of a referral to obtain a service provided by third party insurance supplier) and its subsidiaries, or to Desjardins Financial Security and Desjardins Trust Inc.
Courts, authorities and other agencies
Certain situations require us to disclose your personal information to courts, law enforcement authorities and other agencies.
This may be necessary to prevent cyber threats, fraud and other financial crimes, to respond to requests, warrants and orders or to meet our insurance obligations.
From time to time, we may need to disclose some of your personal information with third parties, such as other financial institutions, credit reporting agencies, public and private fraud and claims databases, and lending institutions.
Similarly, we may need to disclose some of your personal information to other people or ask them for information about you, for example, if you have a joint product or service with another person, if a third party is a guarantor (surety) for one of your obligations to us, or if you're a guarantor (surety) for another person.
Suppliers and partners
We may disclose information about you to suppliers and partners.
- Insurance providers, claims advisors and health consultants
- Bank card printing or manufacturing companies
- Information technology services and products companies
- Client consulting firms mandated by The Personal
- Cloud, web-hosting and data-processing services
- Creative and promotional agencies
- Legal services
- Credit reporting or collection agencies
- Human resources management and training companies
We entrust only our suppliers and partners with The Personal information they need to perform their duties, functions and contractual obligations with The Personal.
In addition to being subject to confidentiality obligations, the employees of suppliers who have access to personal information must also fully comply with our contractual requirements. Lastly, The Personal suppliers and partners must apply adequate physical, information technology and administrative security measures.
We'll inform you if a new need arises, unless we're authorized by law to disclose it without your consent. In any case, we ensure the protection and confidentiality of the information we disclose.
Protecting the security and confidentiality of your information
Is my personal information secure?
We apply the necessary security measures rigorously to ensure the protection of your personal information.
These measures may consist of:
Physical security measures
- Surveillance cameras
- Security guards
- Office access cards
- Locking filing cabinets
- Any other security measures required to limit access to authorized persons
Technological security measures
- Data encryption
- Access management system
- Monitoring and control to detect suspicious activity
- Any other security measures required to limit access to authorized persons
Administrative security measures
- Access to your personal information limited to employees, consultants, who need it to perform their duties
- Adherence to the Code of Professional Conduct and annual certification required of all our employees and consultants, with strict rules governing the protection of personal information
- Regular training and education of employees, consultants, agents and representatives on the Code of Professional Conduct, policies, practices and procedures on security and privacy
- Policies and procedures for monitoring, investigating and updating security systems and measures
- Ongoing monitoring and control to detect suspicious activity and potential deviations from organizational directives and policies
Visit our Security page for more information on these security measures. .
Where is my personal information stored?
Your information is usually stored in Canada, but we may use suppliers or partners located outside of the country.
If we need to disclose personal information with these suppliers and partners, The Personal will ensure the protection and confidentiality of this information meets its own requirements and will ask these suppliers and partners to contractually agree to comply with and respect these requirements.
In all cases, we'll ensure the protection and confidentiality of your information.
How is my information stored?
We store your personal information in a secure and confidential manner for as long as it's required for us to meet our legal obligations.
For example, in Canada, we're subject to laws and regulations that stipulate minimum retention periods. The retention periods must take into account the exhaustion of potential remedies and limitation periods applicable in Canada. These retention periods vary depending on the situation. Therefore, we may retain your personal information after your relationship with us has ended.
When and how is information disposed of?
Once the retention period has expired, we ensure that your personal information is safely disposed of or de-identified. While deletion is a final and irreversible disposal process, de-identification means that your personal information is altered so that it can no longer directly or indirectly identify you.
Deletion and de-identification are carried out in a safe and secure manner, in accordance with applicable best practices.
Respecting your rights when it comes to your information
Can I access, correct or update my personal information?
Yes, you can access your personal information at any time.
To do so, you must submit a written request to The Personal’s customer service.
Your request must be detailed enough to allow us to identify the documents or other media containing The Personal information you wish to access.
We may need to validate your identity and the reason for your request.
We'll inform you if there are any fees for processing your request. These fees, if any, are reasonable and are usually limited to the cost of transcription, reproduction or transmission. In such cases, we'll ask for your permission before proceeding.
Yes, you can correct inaccurate and incomplete personal information we have about you. If you wish to correct any inaccurate or incomplete information we have about you, contact The Personal’s customer service.
Yes, you can update the personal information we have about you.
If you wish to update the information we have about you—for example, after a change in your personal situation or a change of address—you're responsible for contacting The Personal’s customer service, your advisor or the person you deal with at The Personal to update it.
What can I do if I have questions or if I'm not satisfied with the handling of my personal information?
If you have a question, concern or complaint about the processing of your personal information, you can:
1. First, contact us.
Talk to a customer service employee to ensure that your complaint or concern is addressed in a timely manner. You can also call us at 1-888-476-8737.
2. If you're not satisfied with the response you received, you may contact the Desjardins Group Chief Privacy Officer:
Office of the Chief Privacy Officer
100 Rue des Commandeurs
Lévis, Quebec G6V 7N5
You must provide your name and contact information, the nature of your request, the name of the department or person you have already contacted and any relevant information.
If you wish, you may also contact the appropriate provincial or federal privacy commissioner.
Understanding our policy
Any client of The Personal, any person who communicates with us, regardless of the means used, and any individual whose personal information we collect in the course of our operations.
What does it apply to?
In addition, it applies to all products and services offered by any component7 of Desjardins Group across Canada for which we collect personal information.
We collect, use, disclose and protect your personal information in accordance with Canada's privacy laws.