Privacy Policy

Scotiabank Group Privacy Agreement

Your privacy is important to Scotiabank. This Agreement sets out the information practices for Scotiabank Group Members† in Canada, including what type of information is collected, how the information is used, and with whom the information is shared.

This Agreement may be amended from time to time. (See “Further Information”, below, for an explanation of how we will advise you of any future changes.)

In this Agreement, “we”, “our”, “us” and “Scotiabank” mean, as applicable, any Scotiabank Group Member or the collective Scotiabank Group† and include any program or joint venture any of these parties participates in; “you” and “your” mean an individual who has made application to us for, enrolled in or signed an application in respect of any personal or business banking, insurance, brokerage or financial product or service offered by us (“Service”), including any co-applicants, guarantors or personal representatives.

Collecting, using and disclosing your information

  1. When you apply for, or provide a guarantee in respect of, or use any Service and while you are our customer, you agree that:
  • Your name, address, telephone number, nature of your principal business or occupation and date of birth, which is required by law;
  • Identification, such as a valid driver’s license or passport. We may also ask for documents such as a recent utility bill to verify your name and address;
  • Your annual income, assets and liabilities and credit history;
  • Information about your transactions, including payment history, account activity and how you intend to use the account or Service and the source of any incoming funds or assets;
  • Information we may need in order to provide you with a Service such as health information if you are applying for certain insurance products. In some instances, providing this information is optional;
  • Information about third parties such as your spouse if you are applying for certain Services, where this information is required by law; and
  • Information about beneficial owners, intermediaries and other parties, which is required by law.
  • To confirm your identity;
  • To understand your needs;
  • To determine the suitability of our Services for you;
  • To determine your eligibility for our Services;
  • To set up, manage and offer Services that meet your needs;
  • To provide you with ongoing Service;
  • To satisfy legal and regulatory requirements that we believe are applicable to us, including the requirements of any self-regulatory organizations to which we belong;
  • To help us collect a debt or enforce an obligation owed to us by you;
  • To respond to a court order, search warrant or other demand or request which we believe to be valid, or to comply with the rules of production of a court;
  • To manage and assess our risks;
  • To investigate and adjudicate insurance claims; and
  • To prevent or detect fraud or criminal activity or to manage and settle any actual or potential loss in connection with fraud or criminal activity.


We may collect personal information from you and about you such as:

For legal entities such as businesses, partnerships, trusts, estates, clubs or other organizations, we may collect the information referred to above from each authorized person, partner, trustee, executor and club member, as appropriate. We may collect your personal information, and use it, and disclose it to any person or organization for the following purposes:

When we collect your health information for the purpose of providing an insurance Service, we will use that information strictly for that purpose. (See below for more information.)

We do not provide directly all the services related to your relationship with us. We may use third party service providers to process or handle personal information on our behalf and to assist us with various services such as printing, mail distribution and marketing, and you acknowledge that we may release information about you to them. Some of our service providers are located outside of Canada. As a result, your personal information may be accessible to regulatory authorities in accordance with the law of these jurisdictions. When personal information is provided to our service providers, we will require them to protect the information in a manner that is consistent with Scotiabank Group privacy policies and practices.

  1. We may collect, use and disclose your Social Insurance Number (SIN) for income tax reporting purposes, as required by law. In addition, we may ask you for your SIN to verify and report credit information to credit bureaus and credit reporting agencies as well as to confirm your identity. This allows us to keep your personal information separate from that of other customers, particularly those with similar names, and helps maintain the integrity and accuracy of your personal information. You may refuse to consent to its use or disclosure for purposes other than as required by law.
  2. We may verify relevant information you give us with your employer or your references and you authorize any person whom we contact in this regard to provide such information to us. If you apply for or enroll in a Service and during the time you have the Service, we may consult various financial service industry databases or private investigative bodies maintained in relation to the type of Service you have applied for, enrolled in or have. You also authorize us to release information about you to these databases and investigative bodies. In Canada, investigative bodies are designated under the regulations of the Personal Information Protection and Electronic Documents Act (PIPEDA) and include such organizations as the Bank Crime Prevention and Investigation Office of the Canadian Bankers Association and the Investigative Services Division of the Insurance Bureau of Canada.
  3. You agree that we may monitor or record any telephone call we have with you. The content of the call may also be retained. We may inform you before proceeding with the call of this possibility. This is to establish a record of the information you provide, to ensure that your instructions are followed properly and to ensure customer service levels are maintained.
  4. Scotiabank may use video surveillance in and around our branches, bank machines and other locations for the purpose of: safeguarding our clients and employees; and protecting against theft, fraud and vandalism. Any video images recorded are destroyed when they are no longer required for business or other purposes, and any personal information is safeguarded in accordance with this Agreement.
  5. If you have a Service with us, we may use, disclose to and collect from credit bureaus or financial service industry databases, credit and other information about you in order to offer you pre-approved credit products or margin facilities. We may also do this after the Service has ended. You may withdraw your consent at any time by giving us reasonable notice (see below).
  6. We may give information (except health information) about you to other members of the Scotiabank Group (where the law allows this) so that these companies may tell you directly about their products and services. The Scotiabank Group includes companies engaged in the following services to the public: deposits, loans and other personal financial services; credit, charge, debit and payment card services; full-service and discount brokerage services; mortgage loans; trust and custodial services; insurance services; investment management and financial planning services; and mutual funds investment services. This consent will also apply to any companies that form a part of the Scotiabank Group in the future. You also agree that we may provide you with information from third parties we select. Your consent to this is not a condition of doing business with us and you may withdraw it at any time (see below). For a list of Scotiabank’s affiliates and subsidiaries in Canada, please refer to the Public Accountability Statement/Corporate Social Responsibility Report available at any Scotiabank branch or on www.scotiabank.com.
  7. We may ask you for contact information such as your telephone, mobile or fax number or e-mail address, and keep and use this information as well as disclose it to other members of the Scotiabank Group so that we or any of these companies may contact you directly through these channels for the purpose of marketing, including telemarketing. This consent will also apply to any companies that form a part of the Scotiabank Group in the future. Your consent to this is not a condition of doing business with us and you may withdraw it at any time (see below).
  8. If we sell a company in the Scotiabank Group or a portion of the business of a Scotiabank Group Member, we may release the information we hold about you to the prospective purchaser. We will require any prospective purchaser to protect the information provided and to use it in a manner that is consistent with Scotiabank Group privacy policies and practices.
  9. We may keep and use information about you in our records for as long as it is needed for the purposes described in this Agreement, even if you cease to be a customer.
  10. You agree that all information that you give us will, at any time, be true and complete. If any personal information changes or becomes inaccurate or out of date, you are required to advise us so we can update our records.

Refusing or withdrawing consent

Subject to legal, regulatory and contractual requirements, you can refuse to consent to our collection, use or disclosure of information about you, or you may withdraw your consent to our further collection, use or disclosure of your information at any time in the future by giving us reasonable notice. However, depending on the circumstances, withdrawal of your consent may prevent us from providing you, or continuing to provide you, with some Services or information that may be of value to you.

We will act on your instructions as quickly as possible but there may be certain uses of your information that we may not be able to stop immediately.

You cannot refuse our collection, use and disclosure of information required by third party service providers essential for the provision of the Services or required by our regulators, including self-regulatory organizations. Some of our service providers are located outside of Canada. As a result, your personal information may be accessible to regulatory authorities in accordance with the law of these jurisdictions.

You can tell us at any time to stop using information about you to promote our Services or the products and services of third parties we select, or to stop sharing your information with other members of the Scotiabank Group. If you wish to refuse consent or to withdraw consent as outlined in this Agreement, you may do so at any time by contacting the branch or office with which you are dealing or by calling us toll-free.

Scotiabank 1-800-4-SCOTIA

ScotiaMcLeod Direct Investing 1-800-263-3430

ScotiaMcLeod and Scotia Private Client Group 1-866-437-4990

ScotiaLife Financial 1-800-387-9844

HollisWealth 1-800-301-6745

In addition, if you apply for, accept, or guarantee, a line of credit, term loan, mortgage or other credit account with us

When you apply for, accept, or guarantee a loan or credit facility or otherwise become indebted to us, and from time to time during the course of the loan or credit facility, we may use, give to, obtain, verify, share and exchange credit and other information (except health information) about you with others including credit bureaus, mortgage insurers, creditor insurers, reinsurers, registries, other companies in the Scotiabank Group and other persons with whom you may have financial dealings, as well as any other person as may be permitted or required by law. We may do this throughout the relationship we have with you. You also authorize any person whom we contact in this regard to provide such information to us.

If you have a VISA* account with us, we may give information (except health information) about you to VISA Canada Association, VISA International Service Association and their employees and agents, for the purpose of processing, authorizing and authenticating your VISA card transactions, providing you with customer assistance services, and for other purposes related to your VISA account. We may also give this information in respect of your participation in contests and promotions administered by the Association on our behalf.

If you have a Service with us such as a ScotiaCard® banking card, we may give information (except health information) about you when you use your ScotiaCard banking card to electronic payment service providers, debit card networks, loyalty program partners and their respective employees and agents for the purpose of processing, authorizing and authenticating your debit card transactions, providingyou with customer assistance services and for other purposes related to yourServices. We may also give this information in respect of your participation in contest and promotions administered by the electronic payment service providers,debit card networks, and loyalty program partners on our behalf.

If you have a mortgage account with us, we may give information about you, including credit information, to mortgage insurers for any purpose related to mortgage insurance. Information retained by Canada Mortgage Housing Corporation will be subject to federal access to information and privacy legislation.

During the term of the loan or credit facility, you may not withdraw your consent to our ongoing collection, use or disclosure of your personal information in connection with the loan or other credit arrangement you have with us or have guaranteed. We can continue to disclose your personal information to credit bureaus even after the loan or credit facility has been retired, and you may not withdraw your consent to our doing so. We do this to help maintain the accuracy, completeness and integrity of the credit reporting system.

In addition, if you accept an insurance Service with us

When you apply for, enroll in or sign an application in respect of or accept an insurance Service from us, we may use, give to, obtain, verify, share and exchange information about you with others including references you have provided, from hospitals and health practitioners, from government health insurance plans, from other insurers, from medical information and insurance service bureaus, from law enforcement representatives, from private investigators, and from other groups or companies where collection is necessary to underwrite or otherwise administer the Service requested, including the assessment of claims. You also authorize any person whom we contact in this regard to provide such information to us.

If you accept an insurance Service with us, or if an insurance Service is issued on your life, you may only withdraw your consent as noted above so long as the consent does not relate to underwriting or claims where the Scotiabank Group member must collect and report information to insurance service bureaus after the application has been underwritten or the claim has been adjudicated. This is necessary to maintain the integrity of the underwriting and claims systems.

Further information

You acknowledge that we may amend this Agreement from time to time to take into consideration changes in legislation or other issues that may arise. We will post the revised Agreement on our website and make it available at our branches or we may also send it to you by mail. We may also notify you of any changes to this Agreement in any of the following ways:

  • A notice prominently displayed at all banks ATMs;
  • An announcement through the Voice-Response-Unit (VRU);
  • A notice on the Scotiabank website;
  • A notice in our branches; or
  • A notice in your monthly statement.

Your continued use of the account or Service following notice of such change means that you agree to and accept the new terms and conditions of the Agreement as amended. If you do not agree with any of the changes made or with the new terms of the Agreement, you must immediately stop using the account or Services and notify us that you are closing your account or terminating your Service with us.

If you have a general question about any Scotiabank Group Member's privacy policies, please contact the branch or office you deal with or call us toll-free at 1 800 472 6842. If your branch or office is not able to resolve your concern to your satisfaction, contact the President's Office:

Telephone: 1-877-700-0043

Fax: 1-877-700-0045

Email: mail.president@scotiabank.com

Letter:

The President,
Scotiabank, 44 King Street West,
Toronto ON M5H 1H1

Copies of our entire formal Privacy Code as well as the Scotiabank Guidelines for Business Conduct are also available to the public on www.scotiabank.com. These documents form part of the Scotiabank Group Privacy Agreement.

†For the purposes of this Agreement, Scotiabank Group means, collectively, The Bank of Nova Scotia and all of The Bank of Nova Scotia’s affiliates and subsidiaries with respect to their operations in Canada. Scotiabank Group Member means The Bank of Nova Scotia or any one of its affiliates and subsidiaries with respect to its operations in Canada.

® Registered trademark of The Bank of Nova Scotia. *VISA Int./Lic. user The Bank of Nova Scotia.

Privacy Code

Introduction

The Scotiabank Group has always been committed to keeping customers' personal information accurate, confidential, secure and private. The Scotiabank Group Privacy Code builds on this commitment.

This code is based on the Canadian Standards Association (CSA) Model Code for the Protection of Personal Information (CAN/CSA-Q830-96), and the Federal Personal Information Protection and Electronic Documents Act ('PIPEDA'). It describes how the Scotiabank Group subscribes to the principles of the CSA Model Code. Copies of the CSA Model Code are available on request from the Canadian Standards Association at 1-800-463-6727.

The Scope of this Code

Members of the Scotiabank Group of Companies include companies engaged in the following services to the public: deposits, loans and other personal financial services; credit, charge, debit and payment card services; full-service and discount brokerage services; mortgage loans; trust and custodial services; insurance services; investment management and financial planning services; and mutual funds investment services.

This code describes the principles each Scotiabank Group Member will use to protect the privacy of individual customers' personal information in the carrying out commercial activities in Canada, no matter how the information is collected, used or disclosed.

This code applies to each member of the Scotiabank Group as defined within this code with respect to their operations in Canada. Where any Scotiabank Group Member is subject to laws or industry regulation or self regulatory requirements which impose greater or additional obligations with respect to the protection of personal information, the Scotiabank Group Member also complies with those additional obligations.

Principle

  1. The Scotiabank Group Member's AccountabilityThe Scotiabank Group Member is accountable for all personal information in its possession or custody, including any personal information disclosed to third parties for processing or other administrative functions. Each Scotiabank Group Member has established policies and procedures to comply with this code, and has designated one or more persons to be accountable for compliance.
    Get more details
  2. Identifying the Purposes of Collecting Personal InformationThe Scotiabank Group Member will identify the purposes for which it collects the personal information, before or when the information is collected.
    Get more details
  3. Getting the Customer's ConsentThe Scotiabank Group Member will make a reasonable effort to make sure customers understand how their personal information will be used by the Scotiabank Group Member. The Scotiabank Group Member will obtain consent from its customers before or when it collects or uses the personal information. The Scotiabank Group Member will not attempt to deceive a customer into giving consent.

    A customer's consent can be express, implied, or given through an authorized representative. A customer can withdraw consent at any time, with certain exceptions. The Scotiabank Group Member, however, may collect, use or disclose personal information without the customer's knowledge or consent in exceptional circumstances where such collection, use or disclosure is permitted or as required by law.
    Get more details
  4. Limits for Collecting Personal InformationThe Scotiabank Group Member limits the amount and type of personal information it collects. Each Scotiabank Group Member will collect personal information for the purposes it identifies to the customer. The Scotiabank Group Member collects personal information using policies and procedures which are fair and lawful.
    Get more details
  5. Limits for Using, Disclosing and Keeping Personal InformationThe Scotiabank Group Member will use or disclose personal information only for the reasons it was collected, unless a customer gives consent to use or disclose it for another reason, or it is permitted or required by law.
    Under certain exceptional circumstances, the Scotiabank Group Member has a legal duty or right to disclose personal information without customer knowledge or consent to protect matters which include the Scotiabank Group Member's or the public interest.
    The Scotiabank Group Member will keep personal information only as long as necessary for the identified purposes for which it was collected.
    Get more details
  6. Keeping Personal Information AccurateThe Scotiabank Group Member will keep personal information as accurate, complete and current as necessary for the identified purposes for which it was collected.
    Customers may, in writing, challenge the accuracy and completeness of their personal information and request that it be amended as appropriate.
    Get more details
  7. Safeguarding Personal InformationThe Scotiabank Group Member protects personal information with safeguards appropriate to the sensitivity of the information.
    Get more details
  8. Making Policies and Procedures Available to CustomersThe Scotiabank Group Member is open about the policies and procedures it uses to manage personal information. Customers have access to information about these policies and procedures. The information will be made available in a manner that is generally easy to understand.
    Get more details
  9. Customer Access to Personal InformationWhen customers make a request in writing, the Scotiabank Group Member will within a reasonable time tell them what personal information the Scotiabank Group Member has, what it is being used for, and to whom it has been disclosed.
    When customers request it in writing, the Scotiabank Group Member will give them access to their personal information. The Scotiabank Group Member will respond to the written request in a timely fashion. In certain situations, however, the Scotiabank Group Member may not be able to give customers access to all their personal information. The Scotiabank Group Member will explain the reasons for this lack of access and any recourse the customer may have, except where prohibited by law.
    Get more details
  10. Handling Complaints and Questions
    Get more details

Principle #1: The Scotiabank Group Member's Accountability

The Scotiabank Group Member is accountable for all personal information in its possession or custody, including any personal information disclosed to third parties for processing or other administrative functions. Each Scotiabank Group Member has established policies and procedures to comply with this code, and has designated one or more persons to be accountable for compliance.

1.1 The Scotiabank Group Member's senior management has accountability for protecting its customers' personal information. Senior management, however, delegates the day-to-day procedures of compliance to others.

1.2 The Scotiabank Group Member will identify internally and to its customers the person or persons who are responsible for overall privacy protection and compliance.

1.3 The Scotiabank Group Member is accountable for personal information in its possession or custody that is disclosed to a third party for processing or other administrative functions. The Scotiabank Group Member will safeguard this personal information through means such as a contract or other agreement with the relevant third party.

1.4 To practice the principles of this code, the Scotiabank Group Member:

  • Has policies and procedures to protect the privacy of personal information.
  • Has policies and procedures to receive and respond to customers' questions and complaints.
  • Informs customers and staff of the Scotiabank Group Member's policies and procedures.
  • Trains staff to understand and follow the Scotiabank Group Member's policies and procedures.

The Scotiabank Group Member also oversees compliance with these policies and procedures through normal risk-based cyclical audits, and through compliance policies and procedures.

Principle #2: Identifying the Purposes of Collecting Personal Information

The Scotiabank Group Member will identify the purposes for which it collects the personal information, before or when the information is collected

2.1 Except as noted below, when a customer applies for a product or service, the Scotiabank Group Member will make sure the customer is made aware of:

  • Why the Scotiabank Group Member needs the personal information it is requesting.
  • How the personal information may be used with customer consent for other purposes.
  • The fact that the customer can refuse at any time permission for the Scotiabank Group Member to use personal information for these other purposes.

In some cases the Scotiabank Group Member may not explain or obtain customer consent for the other purposes for which the information has been collected. See 3.4, 3.4.1, and 5.1 for details.

2.2 The Scotiabank Group Member will collect and use personal information for only the following purposes:

  • To understand the customer's needs.
  • To analyze the suitability of our products or services for the customer.
  • To determine the customer's eligibility for our products and services.
  • To set up, manage and offer products and services that meet the customer's needs.
  • To provide ongoing service.
  • To meet legal and regulatory requirements.
  • With regards to insurance products to investigate and adjudicate insurance claims.

2.3 The Scotiabank Group Member will identify the purposes for which it intends to use the personal information, in writing, orally in person or over the telephone, electronically or by any other alternative format or means it uses to communicate with its customers. The Scotiabank Group Member will use words that customers can easily understand.

The Scotiabank Group Member will distinguish the purposes from other information so that customers will be made aware of them. For instance, on an application form, the Scotiabank Group Member may identify the purposes using bolder type or a box, or a separate form or letter. Over the telephone, the Scotiabank Group Member will identify the purposes as a distinct part of the application.

2.4 Scotiabank Group Member staff who collect personal information will be able to explain the purposes to customers. Customers will also be able to ask for information about the purposes when they phone or write to the Scotiabank Group Member or visit a branch or office having possession or custody of the personal information.

2.5 The Scotiabank Group Member will take care to explain all the purposes for which personal information is collected by that member including any purposes which may not appear to be as obvious as others. The purposes for collecting a name or address are obvious and do not need to be explained, but the purposes for collecting other information may not be obvious. For example as appropriate in the circumstances, the Scotiabank Group Member will tell customers that:

  • References are used to verify information on an application.
  • A Social Insurance Number is used because the Income Tax Act requires it for the customer's income tax reporting.
  • Credit information is reported to credit bureaus, credit reporting agencies, credit insurers, and other lenders, to maintain the integrity of the credit-granting process.
  • Further medical information may be required in conjunction with the customer's application for insurance for the purpose of approving (or declining) the request.
  • Medical information is reported to the Medical Information Bureau to maintain the integrity of the underwriting record.
  • Claims and insurance history is shared with the Insurance Services Bureau to maintain data integrity in the insurance industry.
  • Personal information is required for the creation of a digital certificate, Digital certificates are required with on-line services to authenticate the customer to the web site and their account information.
  • Personal information, including without limitation, the customer's age, investment horizon, investment objectives, risk tolerance, investment knowledge, investment income requirements, net worth, income, employment is used to determine the appropriateness of particular investments for an individual pursuant to securities legislation.
  • Information regarding the employment of the customer and his or her spouse is required to comply with 'insider' trading rules under securities legislation
  • Information regarding accounts held at other investment dealers is required to comply with the requirements of self-regulatory organizations.

Principle #3: Getting the Customer's Consent

The Scotiabank Group Member will make a reasonable effort to make sure customers understand how the personal information will be used by the Scotiabank Group Member. The Scotiabank Group Member will obtain consent from its customers before or when it collects or uses the personal information. The Scotiabank Group Member will not attempt to deceive a customer into giving consent.

A customer's consent can be express, implied, or given through an authorized representative. A customer can withdraw consent at any time, with certain exceptions.

The Scotiabank Group Member, may however collect, use or disclose personal information without the customer's knowledge or consent in exceptional circumstances where such collection, use or disclosure is permitted or as required by law.

3.1 The Scotiabank Group Member will make a reasonable effort to make sure customers understand how the personal information will be used and disclosed by the Scotiabank Group Member. It will get the customer's consent before or when it collects, uses, or discloses personal information.

Generally, the Scotiabank Group Member will seek consent to use and disclose personal information at the same time it is collected. Sometimes, however, the Scotiabank Group Member may identify a new purpose and it will seek consent to use and disclose personal information for that purpose after the information has been collected.

3.2 The Scotiabank Group Member will not attempt to deceive customers into giving consent. It will explain to customers how personal information will be used before they give their consent.

3.3 Customers can express consent orally, in writing or electronically. They can imply consent through action or inaction. They can also give consent through an authorized representative. Express consent is the preferred form.

Customers can express consent:

  • Orally, such as when information is collected over the telephone.
  • In writing, such as when completing and signing an application.
  • Electronically, such as when applying through a computer or electronic communicating device.

Customers can imply their consent by:

  • Using a Scotiabank Group Member product or service.
  • Not responding to the Scotiabank Group Member's offer to have their personal information removed from a direct marketing list. In this case, the Scotiabank Group Member may assume that the customer consents to the use of the personal information.

Customers can also give consent through an authorized representative, such as a legal guardian or a person with a power of attorney. This is necessary, for example, if the Scotiabank Group Member cannot obtain express consent from a customer who is a minor, seriously ill, or mentally incapacitated.

Before deciding what form of consent is appropriate, the Scotiabank Group Member will consider the type of personal information it needs, the reason for its use, and the type of customer contact that is involved.

3.4 The Scotiabank Group Member can collect or use personal information without the knowledge and consent of the customer in exceptional circumstances where such collection or use is permitted or as required by law.

For example the Scotiabank Group Member will not ask for consent when personal information is collected used, or disclosed in instances, such as:

  • In the clear best interests of the customer and consent cannot be obtained in a timely way.
  • When asking for consent may compromise the information sought and collection relates to an investigation of a breach of an agreement or a contravention of Canadian laws, as for example to detect and prevent criminal activity and dealings in proceeds of crime.
  • The Scotiabank Group Member will not ask for consent when personal information is collected or used if it is regulated public information.
  • When the Scotiabank Group Member obtains customer lists from another regulated organization, the Scotiabank Group Member will assume that the organization providing the personal information obtained each customer's consent before disclosing the information to the Scotiabank Group Member.

3.4.1 The Scotiabank Group Member can disclose personal information without the knowledge and consent of the customer in exceptional circumstances where such disclosure is permitted or required by law. For example the Scotiabank Group Member will not ask for consent when personal information is:

  • Given to agents of the Scotiabank Group Member who need it to carry out business-related functions, such as fulfillment (e.g. mailing follow-up information packages), data processing or the printing of cheques and credit cards, insurance underwriting and/or claims adjudication.
  • Given to its legal representatives.
  • Disclosed for the purpose of collecting an overdue account.
  • Disclosed in order to:
  • comply with a subpoena or warrant.
  • respond to a lawful authority for lawful purposes.
  • facilitate the activities of an investigative body or government institution in dealing with a past, potential or actual breach of an agreement or contravention of the laws of Canada or a province or a foreign jurisdiction; or
  • comply with the law;
  • disclosed if it is regulated public information.
  • (for insurance products) transferred to other insurance companies that share the risk

3.5 Subject to legal and contractual restrictions, customers can refuse or withdraw consent at any time as long as:

  • The Scotiabank Group Member is given reasonable notice of the withdrawal.
  • Consent does not relate to a credit product where the Scotiabank Group Member must collect and report information after credit has been granted. This is to maintain the integrity of the credit system.
  • Consent does not relate to the underwriting of an insurance policy, or an insurance claim where the Scotiabank Group Member must collect and report information after the application has been underwritten or the claim has been adjudicated. This is to maintain the integrity of underwriting and claims systems.

The Scotiabank Group Member will let the customer know the consequences of refusing or withdrawing consent when customers seek to do so. Refusing or withdrawing consent for the Scotiabank Group Member to collect, use or disclose personal information could mean that the Scotiabank Group Member cannot provide the customer with some product, service or information of value to the customer.

For example if a customer does not:

  • Allow the Scotiabank Group Member to get a credit history report, the Scotiabank Group Member may not be able to lend money to the customer. Prudent lending practices, Canada Deposit Insurance Corporation standards, or other regulations may prevent the Scotiabank Group Member from lending money.
  • Provide the information needed to underwrite an insurance application or adjudicate a claim, the Scotiabank Group Member may not be able to provide the service to the customer.
  • Provide the information needed to open a securities or investment account or needed to assess the suitability of an investment transaction, the Scotiabank Group Member may not be able to provide the service to the customer.

The Scotiabank Group Member, however, will not unreasonably withhold products, services or information from customers who refuse or withdraw consent.

3.6 The Scotiabank Group Member may ask customers for Social Insurance Numbers (SIN) to match credit bureau information. When the Scotiabank Group Member asks a customer for a SIN for this purpose, it will:

  • explain why it is needed.
  • tell customers that they are not required to provide their SIN to the Scotiabank Group Member.
  • ask for consent to use and disclose the SIN if the customer does provide it.

The Scotiabank Group Member will not deny credit to a customer just because the customer does not provide a SIN.

3.7 A Scotiabank Group Member involved in the provision of an insurance product may ask a customer for the name of their attending physician in order to obtain additional medical information when necessary for the underwriting of insurance coverage or the adjudication of an insurance claim. When the Scotiabank Group Member asks a customer for this information, it will:

  • Explain why it is needed.
  • Tell the customer they are not required to provide the name of their attending physician, however, the Scotiabank Group Member may deny coverage on the basis they have insufficient information to assess the risk or claim.

Principle #4: Limits for Collecting Personal Information

The Scotiabank Group Member limits the amount and type of personal information it collects. Each Scotiabank Group Member will collect personal information for the purposes it identifies to the customer. The Scotiabank Group Member collects personal information using policies and procedures which are fair and lawful.

4.1 The Scotiabank Group Member will collect only the amount and type of information needed for the purposes documented by the Scotiabank Group Member and identified to the customer.

4.2 Although the Scotiabank Group Member will collect personal information primarily from customers, it may also collect it from external sources such as credit bureaus, employers, land registries, other lenders, and with regards to insurance products, medical information bureaus, brokers, insurers, the Insurance Crime Prevention Bureau, insurer's advisory organizations, underwriting and claims information networks, and attending physicians.

Principle #5: Limits for Using, Disclosing and Keeping Personal Information

The Scotiabank Group Member will use or disclose personal information only for the reasons it was collected, unless a customer gives consent to use or disclose it for another reason, or it is permitted or required by law.

Under certain exceptional circumstances, the Scotiabank Group Member has a legal duty or right to disclose personal information without customer knowledge or consent to protect matters which include the Scotiabank Group Member's or the public interest.

The Scotiabank Group Member will keep personal information only as long as necessary for the identified purposes for which it was collected.

5.1 The Scotiabank Group Member may disclose personal information without consent when required by law. For example:

  • subpoenas
  • search warrants
  • other court and government orders
  • demands from other parties who have a legal right to personal information.

5.2 In these circumstances, the Scotiabank Group Member will protect the interests of its customers by making reasonable efforts to ensure that:

  • orders or demands appear to comply with the laws under which they were issued.
  • it discloses only the personal information that is legally required, and nothing more.
  • it does not comply with casual requests for personal information from government or law enforcement authorities.

The Scotiabank Group Member may notify customers that an order has been received, if the law allows it.

The Scotiabank Group Member may notify customers of such orders by telephone, electronic mail or by letter to the customer's last known address.

5.3 The Scotiabank Group Member may want to use personal information (except for personal health information) to market products and services to its customers, either directly or through other Scotiabank Group Members or affiliates. The Scotiabank Group Member will obtain the consent of the customer before using personal information for this purpose.

When a customer applies for a product or service and provides personal information, the Scotiabank Group Member will:

  • Tell the customer that this personal information may be used by it or other Scotiabank Group Members or affiliates to market other products and services to the customer.
  • Describe the types of Scotiabank Group Members and affiliates who might market their products or services.
  • Ask the customer for consent, telling them that this use of personal information is optional.

The first time a new type of Scotiabank Group Member or affiliate provides promotional information about its product or service, the Scotiabank Group Member or affiliate will:

  • Explain the proposed use of the customer's personal information to the customer.
  • Give the customer an opportunity to withdraw consent for further use of their personal information.

5.4 A Scotiabank Group Member involved in the provision of an insurance product will collect personal health information only for specific purposes. It will not disclose personal health information to other Scotiabank Group Members or affiliates, and vice versa. For example, the Bank will not use or have access to another Scotiabank Group Member's customer personal health information to help assess a loan application.

5.5 The Scotiabank Group Member specifies in its policies and procedures the periods of time it will keep personal information. Some of these time periods are determined by legislation. If personal information has been used to make a decision about a customer, the Scotiabank Group Member will keep the personal information long enough for the customer to have access to it after the decision has been made, subject to any regulated record retention period.

5.6 The Scotiabank Group Member will destroy or erase any personal information no longer needed for its identified purposes or for legal requirements.

The Scotiabank Group Member's policies and procedures explain how the Scotiabank Group Member will destroy personal information so that unauthorized persons or organizations do not gain access to it.

Principle #6: Keeping Personal Information Accurate

The Scotiabank Group Member will keep personal information as accurate, complete and current as necessary for the identified purposes for which it was collected.

Customers may, in writing, challenge the accuracy and completeness of their personal information and request that it be amended as appropriate.

6.1 The Scotiabank Group Member will make reasonable efforts to minimize the possibility of using inaccurate, incomplete, or outdated personal information to make a decision about the customer.

6.2 The Scotiabank Group Member will update personal information only if it is necessary for the purposes for which it was collected.

6.3 The Scotiabank Group Member will make reasonable efforts to keep customers' personal information accurate and current if the information is used on an ongoing basis. This includes personal information disclosed to third parties for processing.

6.4 The Scotiabank Group Member will also rely on customers for keeping certain personal information (such as customer addresses) accurate, complete, and current. If a customer shows that personal information is inaccurate, incomplete, out of date, or irrelevant, the Scotiabank Group Member will revise the personal information. If necessary, the Scotiabank Group Member will disclose the revised personal information to third parties which were provided with the wrong information to revise their records as well.

6.5 If the Scotiabank Group Member does not agree to revise personal information as requested by the customer, the customer may challenge the Scotiabank Group Member's decision. The Scotiabank Group Member will make a record of this challenge, and if necessary, disclose the challenge to the third parties who also possess the personal information, and advise the customer of the relevant complaint procedures.

Principle #7: Safeguarding Personal Information

The Scotiabank Group Member protects personal information with safeguards appropriate to the sensitivity of the information.

7.1 The Scotiabank Group Member safeguards personal information from loss or theft, and from unauthorized access, disclosure, duplication, use, or modification.

7.2 The Scotiabank Group Member's safeguards vary depending on the sensitivity, amount, distribution, format, and storage of the personal information. The Scotiabank Group Member gives the highest level of protection to the most sensitive personal information.

7.3 The Scotiabank Group Member safeguards personal information through security measures. For example:

  • Physical security, such as secure locks on filing cabinets and restricted access to offices.
  • Organizational security, such as controlled entry in data centres and limited access to relevant information.
  • Electronic security, such as passwords, personal identification numbers, and encryption.

7.4 The Scotiabank Group Member informs its staff regularly about the Scotiabank Group Member's policies and procedures for protecting customers' personal information, and emphasizes the importance of complying with them. As a condition of employment, employees are required to conform to the Scotiabank Group Member's policies and procedures.

7.5 The Scotiabank Group Member may disclose personal information to third parties for printing cheques, data processing services or administrative services, collection, or for other goods and services. The Scotiabank Group Member requires these third parties to safeguard all personal information in a way that is consistent with the Scotiabank Group Member's measures, or as regulated by law.

7.6 The Scotiabank Group Member may, with the customer's consent, disclose personal information to businesses such as, credit bureaus, credit insurers and lenders, and with regards to insurance products; medical information to Insurance Crime Prevention Bureaus, insurer's advisory organizations, underwriting and claims information networks. The Scotiabank Group Member uses procedures and/or contracts to protect the privacy of that personal information. The Scotiabank Group Member relies on the added protection of credit reporting legislation to ensure that credit bureaus protect personal information.

7.7 As referred to in section 5.6, the Scotiabank Group Member uses care when disposing of or destroying personal information, to prevent unauthorized access to the information.

Principle #8: Making Information About Policies and Procedures Available to Customers

The Scotiabank Group Member is open about the policies and procedures it uses to manage personal information. Customers have access to information about these policies and procedures. The information will be made available in a manner that is generally easy to understand.

8.1 The Scotiabank Group Member makes available to customers information about the policies and procedures it uses to manage personal information. It also makes available copies of this code.

8.2 Information about the Scotiabank Group Member's policies and procedures and code has been written so that it is generally easy to understand and it is readily available to customers. Through brochures or other documents, customers will be able to find out:

  • The title and office address of the representative of the Scotiabank Group Member who is responsible for protecting the privacy of customers' personal information, so customers know where to address complaints and questions.
  • How to access personal information held by the Scotiabank Group Member.
  • What type of personal information is held by the Scotiabank Group Member and for what purpose it is used
  • The personal information made available to other Scotiabank Group Members or affiliates.

8.3 The Scotiabank Group Member makes information about its policies and procedures available in a variety of ways, depending on the nature of the service customers are using and the sensitivity of the personal information. For example, the Scotiabank Group Member may make brochures or other information available in its branches or offices, mail information to its customers, establish a toll-free telephone service, use electronic mail or provide on-line access.

Principle #9: Customer Access to Personal Information

When customers make a request in writing, the Scotiabank Group Member will within a reasonable time tell them what personal information the Scotiabank Group Member has, what it is being used for, and to whom it has been disclosed.

When customers request it in writing, the Scotiabank Group Member will give them access to their personal information. The Scotiabank Group Member will respond to the written customer request in a timely fashion. In certain situations, however, the Scotiabank Group Member may not be able to give customers access to all their personal information. The Scotiabank Group Member will explain the reasons for this lack of access and any recourse the customer may have, except where prohibited by law.

9.1 A customer has the right to know, by written request, what personal information is held by the Scotiabank Group Member. Customers have a right, upon written request, to access personal information, and to know to which third parties the information has been disclosed.

9.2 The Scotiabank Group Member has policies and procedures for responding to customers' requests for access to personal information. When customers ask, the Scotiabank Group Member will make these policies and procedures known to the customers. To respond to a customer's request certain information may be required, for example, customers have to be specific about the type of personal information that may be held by the Scotiabank Group Member and the branch or office through which the customer deals.

9.3 The Scotiabank Group Member will attempt to be as specific as possible about the persons from whom it collected the personal information, to whom it has disclosed the personal information, and how and when the information was disclosed. The Scotiabank Group Member will take this information from its records, and will provide it to the customer in a form that is generally easy to understand, providing explanations for abbreviations and codes. The Scotiabank Group Member will provide the personal information to the customer within a reasonable time, and for a cost commensurate with the effort to retrieve the information, or at no cost.

9.3.1 The Scotiabank Group Member will not charge the customer without first informing the customer of the cost of providing the personal information and giving the customer the option to withdraw the request.

9.3.2 On request, the Scotiabank Group Member will give a customer, who has a sensory disability, access to personal information to which the customer is entitled, in an alternative format if a version of the information already exists in the alternative format, or if conversion into that format is reasonable and necessary in order for the customer to access the personal information.

9.4 The Scotiabank Group Member will not provide the personal information that is in its control if

  • In so doing, it would reveal personal information about a third party and such personal information is not severable from the requesting individual's personal information.
  • It is subject to solicitor-client or litigation privilege.
  • It contains the Scotiabank Group Member's own confidential commercial information and such confidential commercial information is not severable from the requesting individual's personal information. For example, the Scotiabank Group Member may use a scoring formula, form an assessment of risk, or make a collection recommendation that is confidential to the Scotiabank Group Member.
  • In so doing, it would reveal information that would reasonably be expected to threaten the life or security of another individual and such information is not severable from the requesting individual's personal information.
  • It is information that was generated in the course of a formal dispute resolution process.
  • It cannot be disclosed for legal reasons. For example, the Scotiabank Group Member may not legally be able to provide the customer with information relating to disclosures to lawful authorities for law enforcement or crime prevention purposes. In some provinces the Scotiabank Group Member cannot legally provide a customer's credit bureau report to that customer.
  • It is used for the detection and prevention of criminal activity and dealings in proceeds of crime.

9.5 The Scotiabank Group Member will not record in customers' individual files when personal information was disclosed to third parties for routine purposes. For example:

  • Cheque printing and other services for the Scotiabank Group Member.
  • Reporting to Canada Customs and Revenue Agency (T5 and other reports).
  • Regular updating of credit information to credit bureaus.
  • Indicating to third parties when cheques are returned for NSF (not sufficient funds).
  • Underwriting and /or insurance claims processing.
  • Insurance premium payments.
  • Preparation and mailing of customer statements.
  • Record keeping for settlement of investment positions and transactions.

9.6 If the Scotiabank Group Member denies the customer's request for access to personal information, the Scotiabank Group Member will tell the customer why except where prohibited by law. The customer may then challenge the Scotiabank Group Member's decision. See Principle 10.

9.7 A customer may challenge the reasonableness of the cost of providing personal information.

Principle #10: Handling Complaints and Questions

Customers may challenge the Scotiabank Group Member's compliance with this code. The Scotiabank Group Member has policies and procedures to receive, investigate, and respond to customers' complaints and questions.

10.1 The Scotiabank Group Member has policies and procedures to receive, investigate, and respond to customers' complaints and questions relating to privacy. The Scotiabank Group Member will inform customers of these policies and procedures, which are generally easy to understand and use. The complaint resolution process and the person to whom customers should contact are part of these policies and procedures.

10.2 The Scotiabank Group Member will investigate all complaints and if it finds a complaint justified, the Scotiabank Group Member will try to resolve it. If necessary, the Scotiabank Group Member will take appropriate measures, including changing its policies or procedures, to ensure that other customers will not experience the same problem.

10.3 If a customer is not satisfied with the way the Scotiabank Group Member has responded to a complaint concerning their personal information, there are a variety of resources available for pursuing the customer's concerns. A list of resources, pertinent to the Scotiabank Group Member or the product or service about which the customer has a complaint, can be obtained from any Scotiabank Group branch or office.

10.4 If a customer is not satisfied that the Scotiabank Group Member is operating in compliance with the requirements of this code the customer may file a written complaint with the Commissioner.

Federal Privacy Commissioner
112 Kent Street
Ottawa, Ontario
K1A 1H3
Tel: 1-613-995-8210
Toll free: 1-800-282-1376
Fax: 1-613-947-6850
Internet: www.privcom.gc.ca

Privacy and Cookies

A "cookie" is a piece of data that a web server creates when you visit a web site. This data is typically encoded information about how and when you use a site. It is placed on your PC in the form of a small text file.

There are two types of cookies: "session cookies" and "persistent cookies":

  • Session cookies are used only for the length of time you stay on the web site. When you leave the site, they expire and are no longer active.
  • Persistent cookies are more permanent and can be re-read when you return to the site that placed them on your PC.

Contrary to some media reports, cookies cannot carry viruses or other damaging data.

Session and persistent cookies are used within the public web sites at HollisWealth.com.

In the future, we may use cookies for site personalization and marketing (by allowing us to recommend products that may be of interest to you). If we do, we will post appropriate information on this page.

You can choose not to accept cookies. You may do this by setting your browser options to inform you when cookies are being sent. Alternately, you can set these options to deny cookies altogether. Please note, however, that by not accepting cookies you may limit the functionality that we can provide to you when you visit our sites.

To change your browser settings:

Additional Information:
How Internet Cookies Work

The Scotiabank Group and You

A Question of Privacy

Scope

This document provides highlights of the Scotiabank Group Privacy Agreement and the full Scotiabank Group Privacy Code. It applies to Scotiabank and all of its’ subsidiaries with respect to their operations in Canada.

Personal Information

  • We collect personal information from you when you apply for, or provide a guarantee in respect of, any of our products or services. For example, we collect your name, address, occupation and date of birth (which is required by law), and identification such as a valid driver’s license or passport to confirm your identity.
  • We collect information about your transactions, including payment history and account activity when you use our products or services.
  • We collect other information we may need in order to provide you with a product or service. For example, your credit history from credit bureaus if you are applying for credit products or margin facilities.

Uses

  • We use information about you to set up, manage and offer products and services that meet your needs.
  • We may share information (except health information) about you with other members of the Scotiabank Group (where the law allows this) so that these companies may inform you directly about their products.
  • We do not provide directly all the services related to your relationship with us. We may use third party service providers to process or handle personal information on our behalf Some of our service providers are located outside of Canada and subject to foreign legislation.
  • We may use and disclose information about you to meet our legal and regulatory requirements, and to detect and prevent fraud or other criminal activity.

Your Choices

  • You may access and update your personal information. If you have a sensory disability, please let us know and we will give you access to your personal information in an alternative format.
  • You can tell us at any time to stop using information about you to promote our products or services, or to stop sharing your information with other members of the Scotiabank Group (subject to legal, regulatory and contractual requirements).
  • To do so, contact the branch or office you deal with or call us toll-free:
  • Scotiabank: 1-800-472-6842
  • ScotiaMcLeod Direct Investing: 1-800-263-3430
  • ScotiaMcLeod & Scotia Private Client Group: 1-866-437-4990
  • ScotiaLife: 1-800-387-9844
  • HollisWealth: 1-800-301-6745

Further Information

  • Scotiabank is committed to keeping your personal information confidential and secure. For more information on any Scotiabank Group Member’s privacy policies, read our full Privacy Code.
  • For information on Scotiabank’s complaint resolution process, read our brochure Resolving Your Complaint.
  • Copies of our full Privacy Code and the Scotiabank Group Privacy Agreement as well as the Resolving Your Complaint brochure are available on the Scotiabank website at www.scotiabank.com.
  • For information on how to protect your personal information, including safe computing and general security practices, identity theft and phishing scams visit the Scotiabank website at www.scotiabank.com.

How to Reach Us

  • If you have a general question about any Scotiabank Group Member’s privacy policies, please contact the branch or office you deal with or call us toll-free at 1-800-472-6842.
  • If your branch or office is not able to resolve your concern to your satisfaction, contact the
  • Telephone: 1-877-700-0043
  • Fax: 1-877-700-0045
  • E-mail: mail.president@scotiabank.com
  • Letter:
    The President, Scotiabank,
    44 King Street West,
    Toronto ON M5H 1H1

Privacy Definition of Terms

Alternative format

A format that allows a person with a sensory disability to read or listen to the personal information.

Bank

For the purposes of this code, 'the Bank' includes The Bank of Nova Scotia and Scotia Mortgage Corporation, the Bank's mortgage subsidiary.

Collect

To gather, receive, or record personal information, from any source, by any means.

Commissioner

The Federal Privacy Commissioner.

Court

The Federal Court - Trial Division.

Consent

Voluntary agreement. Consent can be express, implied, or provided through an authorized representative. A customer can express consent orally, in writing or electronically. Express consent is unequivocal and does not require inference by the Scotiabank Group Member. Implied consent arises where consent may reasonably be inferred from the action or inaction of the customer.

Customer

An individual who uses, or applies to use, the Scotiabank Group Member's products or services.

Direct Marketing

Promotions targeted to customers whose personal information suggests that a certain product may be of interest to them. This includes mail, telemarketing or electronic mail initiatives. This does not include statements, statement stuffers, messages on banking machines, announcements on electronic bulletin boards or web-sites, through personal bankers or customer relationship management.

Disclose

To make personal information available outside the Scotiabank Group Member.

Personal Information

Information about an identifiable individual customer of the Scotiabank Group Member. This may include, without limitation, the individual's name, address, age, gender, identification numbers, income, employment, assets, liabilities, source of funds, payment records, personal references and health records. Personal information may also identify whether or not credit or other services were extended and to whom the Scotiabank Group Member disclosed the information. Personal information does not include the name, title or business address or telephone number of an employee of an organization.

Personal health information

Information concerning: the physical or mental health of an individual; any health service provided to an individual; a donation by an individual of any body part or any bodily substance or information derived from the testing or examination of any body part or bodily substance; or information that is collected in the course of, or incidently to, providing health services to an individual.

Record

Includes any entries in the books or records made in the usual and ordinary course of business of a Scotiabank Group Member, any correspondence, memorandum, book, plan, map, drawing, diagram, pictorial or graphic work, photograph, film, microform, sound recording, videotape, machine-readable record and any other documentary material regardless of physical or electronic form or characteristics, and any copy of any of these things that are in the possession or custody of a Scotiabank Group Member.

Scotiabank Group

For the purposes of this code means collectively the Bank and all the Bank's subsidiaries with respect to their operations in Canada.

Scotiabank Group Member

For the purposes of this code, means the Bank or any one of its subsidiaries, with respect to its operations in Canada.

Third Party

An individual or organization other than the Scotiabank Group Member itself.

Use

To manage personal information by and within the Scotiabank Group Member.

Top D.G. Dunbar Insurance