Accountability
Assentt takes the security of our business and our clients very seriously and safeguard all non-public, personal information with those that we do business in a secure environment in accordance with legislation like The Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s Anti-Spam Legislation (CASL), and the General Data Protection Regulation (GDPR) that regulate the collection and use of personal information. This Privacy Statement has been structured to address the 10 principles of PIPEDA.
This statement outlines the information we collect and how we use it. You have the right to request access to the personal information that we store about you.
Identifying Purposes and Limiting Collection
We are transparent about how we use the personal information that we collect. We will obtain your consent to the collection and use of your personal information. We will only collect and use the information we need for reasons we have specified. If we wish to use your information for any other purpose, we will obtain your consent, expressed or implied, before we use it.
Website
Our website is for general information use and there is no registration required to visit and browse the contents. We do not collect any personal information from website visitors other than cookies. There are circumstances where you may choose to provide your information for business purposes or subscribe to updates from us. In these cases, we may contact you at your request with regard to your enquiry or subscription of updates from us.
Children’s Privacy
We understand the importance of protecting the privacy of children. This website is not designed or intended for use by children, nor do we knowingly collect or store information about children.
Email Subscription
Assentt allows you to subscribe to email updates. If you subscribe, we collect your name, email address, company name, and job title so that we can send information that is relevant to you. When you subscribe to email updates via our online form, you are providing express consent to receive consumer electronic messages (CEMs) as outlined in Canada’s Anti-spam Legislation (CASL).
Products and Services
Personal information such as your name, address, financial information, and legal information may be collected for the purposes of obtaining a product or service and is collected only as required with the consent of the party wishing to obtain the product or service. For more information, on personal information see the section on Personal Information below under Safeguards and Openness.
Consent
Canada’s Anti-Spam Legislation (CASL) – CASL prohibits companies from sending commercial electronic messages (CEMs) to an electronic address without a person’s consent. Assentt remains CASL compliant and has provided our contacts with clear options to subscribe and unsubscribe to our CEMs.
PIPEDA also requires that consent be meaningful. To ensure that consent is meaningful to our contacts, Assentt makes efforts to declare the nature, purpose, and consequences of the collection, use, or disclosure of personal information in advance of collection.
You may refuse or withdraw consent for us to collect, use, or disclose your information at any time and we will record and respect your choice. Certain consequences may arise from your refusal or withdrawal and we will advise you of those in response to your request. If you choose to refuse or withdraw consent, you must contact our Chief Privacy Officer, at the address indicated at the bottom of this statement.
Limiting Collection, Use, Disclosure, and Retention
Assentt does not keep records containing personal information for longer than we are required to by law. Access to personal information is limited. Personal information is only accessible by employees that require access to it for the purpose of fulfilling their employment duties.
General Data Protection Regulation (GDPR) – The GDPR outlines rights based on the fact that personal information is not owned by the steward or data controller but by the individual who that information describes or concerns.
Below is a list of rights that Assentt respects under GDPR:
- the right to be informed
- the right of access
- the right of rectification
- the right to erasure
- the right to restrict processing
- the right to data portability
- the right to object
We will not be able to provide information from our records if those records contain references to other persons, are subject to legal privilege, contain confidential information proprietary to Assentt, or cannot be disclosed for other legal reasons.
Privacy Breach Reporting – As of November 1, 2018, new federal provisions came into effect under the Personal Information Protection and Electronic Documents Act (PIPEDA), detailing the mandatory disclosure process in the event of a privacy breach. Assentt is fully compliant with these provisions.
If Assentt determines that a privacy breach has occurred, we will immediately notify affected individuals, as well as the Privacy Commissioner of Canada.
Accuracy
Keeping Your Information Accurate – We make reasonable efforts to keep your personal information accurate and up to date.
You can help by keeping us informed of any changes in the information, such as a change in email address, mailing address, or telephone number.
Safeguards and Openness
Personal Information – Assentt is the ‘data controller’ of the personal information collected from our associates and clients. We are responsible for the safekeeping of all personal information provided electronically or via print disclosure. We understand and adhere to our legal obligation to protect personal information and we take this obligation seriously by regularly checking our internal protocols against regulatory requirements and best practices.
- Our clients entrust us with their personal information and we protect that information.
- We use various methods to safeguard personal information. These include physical security, computer and electronic security, destruction of information no longer needed, and contractual protections with third party data processors.
- Personal information held by us consists of all information provided on each application and credit information obtained from or with the consent of a client.
- This information is used by us and our affiliates only for the purposes and in the ways consented to by each client on our Mortgage Loan Application form, or as required or permitted by law. These purposes can include i) arranging and/or renewing loan(s) / mortgage(s), ii) informing the client of group creditor insurance for which Assentt or its affiliate is the group policyholder, iii) informing the client of other products offered or approved by Assentt or its affiliates that may be of interest to the client.
- No personal information is disclosed to third parties except as consented to by each client on our Mortgage Loan Application form, or as required or permitted by law.
Changes to the Privacy Statement – Assentt may change this Privacy Statement at any time. We respect your rights and may notify you to keep you informed of our actions.
Individual Access and Challenging Compliance – You may request access to your personal information held by us, or request a change in your consent to our use of your personal information, by contacting our Chief Privacy Officer.
All inquiries or complaints regarding personal information or privacy issues can be forwarded to:
Chief Privacy Officer
Assentt
7025 Tomken Rd Suite 205
Mississauga ON L5S 1R6
If your inquiry or complaint is not resolved to your satisfaction, please contact: The President, Assentt, at the above address. You may also file a complaint with the federal government’s Privacy Commissioner at 112 Kent Street, Ottawa, Ontario, K1A 1H3, or in Quebec, contact the Commission d’accès à l’information, 575, St-Amable, Suite 1-10, Québec, PQ, G1R 2G4.