Privacy Policy
About Montrose Mortgage and PIPEDA
Montrose Mortgage Corporation Ltd. (“Montrose Mortgage”) together with its independent licensed affiliate offices identified herein (collectively, “Members”, “we”, “us” or “our” and each individually, a “Member”) offers full service mortgage banking that originates, underwrites, structures, and administers institutional quality mortgage investments on behalf of clients. In the course of their businesses, Members collect, use and share among themselves and in certain instances provide to third parties personal information.
Each Member is committed to meeting or exceeding the privacy standards established by the Personal Information Protection and Electronic Documents Act (Canada) (“PIPEDA”). A Member’s business may be subject to provincial legislation, rather than PIPEDA and we are committed to meeting those standards. As such, any reference to PIPEDA includes any provincial counterpart. This privacy policy (the “Privacy Policy”) informs you of each Member’s commitment to the ten privacy principles described in PIPEDA and includes many of our personal information collection and usage practices and policies in Canada, no matter how the information is collected, used or disclosed. As used in this Privacy Policy, “personal information” and “personal health information” have the meanings ascribed to them in PIPEDA (being information about an identifiable individual) and “you” and “your” refer only to individuals. This Privacy Policy does not apply in any circumstances where PIPEDA does not apply
Principle 1 – Accountability
1.1 Accountability. The Member is accountable for all personal information in its control, including any personal information disclosed to third parties for processing or other administrative functions. The Member will safeguard this personal information through means such as an agreement with the relevant third party. Each Member has established policies and procedures to comply with this Privacy Policy, has informed and trained their staff with respect to PIPEDA and such policies and procedures and has designated at least one person to be accountable for compliance.
1.2 Members Who Are Governed. The names and contact information of the Members which have adopted this Privacy Policy to govern the manner in which Members collect, use, store and share personal information are as follows:
Winnipeg Office
Privacy Compliance Officer
Montrose Winnipeg Inc.
Suite 680 – 201 Portage Avenue
Winnipeg, Manitoba R3B 3K6
Head Office
Privacy Compliance Officer
Montrose Mortgage Corporation Ltd.
Suite 1110 – 201 Portage Avenue
Winnipeg, Manitoba R3B 3K6
1.3 Members Are Independent. Each Member is an independent entity operating as a licensed regional office of Montrose Mortgage. Each Member has agreed to adopt this Privacy Policy and implement practices and procedures to abide by it and PIPEDA. Nothing in this Privacy Policy creates or establishes between any of the Members a partnership, a joint venture or other similar relationship. No Member has authority to enter into any agreement or to assume or incur any obligation or responsibility for, or on behalf of, or in the name of, another Member. Each Member is individually responsible for its compliance with PIPEDA and this Privacy Policy. No Member shall be held responsible or have any liability for the failure of another Member to comply with PIPEDA or this Privacy Policy.
1.4 Third Party Websites. The Montrose Mortgage website may contain links to other third party sites that are not governed by this Privacy Policy. We encourage you to review the privacy policy of websites you choose to link to from our website so that you can understand how those websites collect, use and share your information. We are not responsible for the privacy policy or other content on websites outside of the Montrose Mortgage website.
Principle 2 – Identifying the Purposes
2.1 Identifying Purposes. Except for situations described in section 3.3, the Member will identify the purposes for which it collects personal information, before or when the information is collected.
2.2 Explaining the Purposes. The Member will generally identify the purposes for which it intends to use the personal information, in writing, orally in person or over the telephone or electronically. Member staff who collect personal information will be able to explain these purposes to you. In some cases, the purposes for collecting personal information are obvious and will not be explained. However, you will always be entitled to ask and receive answers about such purposes.
2.3 General Purposes. The Member uses your personal information to communicate with you, understand our borrower clients’ needs, analyze the suitability of our products or services for our borrower clients, process applications, solicit our lender clients to offer credit to our borrower clients, determine our borrower clients’ eligibility for products and services, offer, set up, manage and administer products and services, provide ongoing services to our clients and generally fulfill our legal and regulatory requirements. The Member also uses your personal information to inform you of other products or services available from other Members. The Member may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your personal information is not transferred to the third party. The Member may survey your opinions of current products or services or of potential new products or services that may be offered.
2.4 Credit Purposes. In connection with credit products and services, we and our lender clients need to know an individual’s creditworthiness. For this reason, the Member may contact other lenders or credit bureaus to give us information on an individual’s credit history. The Member may also contact employers or other personal references to verify information that has been given to us by the individual. Credit information is reported to credit bureaus, credit reporting agencies, credit insurers, and other lenders, to maintain the integrity of the credit-granting process. Your Social Insurance Number is used to match credit bureau information.
2.5 Loan Administration Purposes. In connection with Montrose Mortgage’s loan administration services, we periodically report to our lender clients with respect to the status of the loan.
2.6 Insurance Purposes. In connection with insurance products and services, we, our lender clients and third party insurers need to know personal health information about you for the purpose of approving or declining a request. Personal health information is reported to the information bureau to maintain the integrity of the underwriting record. Personal health information will not be made available to others nor used for any other purpose, such as assessing a loan application.
2.7 Sale of Business. As the Member continues to develop and grow, it may buy or sell parts of its business. As an important part of the Member’s business includes customer relationships, personal information would generally be one of the transferred business assets.
2.8 Cookies. Our website may use cookies to track the activities of your browser as well as provide you with a consistent, more efficient experience while visiting our website. Cookie information is not given to any third party.
Principle 3 – Consent
3.1 Obtaining Your Consent. The Member will make a reasonable effort to ensure you understand how your personal information will be used by the Member. Generally, the Member will obtain consent from you before or when it collects or uses your personal information. Sometimes the Member may identify a new purpose and it will seek your consent to use and disclose personal information for that purpose after the information has been collected. If the Member is seeking to collect personal information from you which is not required in order for us to provide a product or service to a client, the Member will indicate that you are not required to provide it with such information.
3.2 Forms of Consent. An individual’s consent can be express or implied. Consent may be given through an authorized representative. Consent may be implied through action or inaction, such as by using or applying for a product or service offered by us or not responding to an offer to have your personal information removed from a list. Express consent is the preferred form. Express consent may be given orally, in writing or electronically. Before deciding what form of consent is appropriate, the Member will consider the type of personal information it needs, the reason for its use, and the type of individual contact that is involved.
3.3 Where Consent Unnecessary. The Member may collect, use or disclose personal information without your knowledge or consent in exceptional circumstances where such collection, use or disclosure is permitted or as required by law. For example, the Member will not ask for consent when personal information is collected, used, or disclosed in the following instances:
(a) where it is in your best interests and consent cannot be obtained in a timely way;
(b) where personal information is given to our legal representatives;
(c) where personal information is given to a person who in the reasonable judgment of the Member is seeking the information as your agent;
(d) where personal information is given to agents of the Member who need it to carry out business-related functions, such as product and services fulfillment, data processing, loans adjudication and insurance underwriting;
(e) when asking for consent may compromise the information sought and collection relates to an investigation of a breach of an agreement or a contravention of a law;
(f) to protect and defend the Member’s rights or property;
(g) where personal information is disclosed for the purpose of collecting a debt, complying with a subpoena or warrant, responding to a lawful authority for lawful purposes, complying with the law;
(h) where PIPEDA permits personal information to be disclosed without obtaining your consent; and
(i) when the Member obtains individual lists from another organization governed by PIPEDA, the Member presumes that the organization obtained each individual’s consent before disclosing the information to the Member.
3.4 Refusing to Consent. Subject to legal and contractual requirements, you can refuse to consent to our collection, use or disclosure of information about you, or you may withdraw your consent to our further collection, use or disclosure of information at any time in the future by giving us reasonable notice. If you refuse or withdraw your consent, the Member may not be able to provide you or continue to provide you with some products, services or information which may be of value to you. During the term of a loan or credit arrangement, you may not withdraw your consent to our ongoing collection, use or disclosure of your personal information in connection with the loan or other credit arrangement you have with our lender client or have guaranteed. The Member can continue to disclose such personal information to credit bureaus even after the loan or credit arrangement has been retired, and you may not withdraw your consent to our doing so. The Member does this to help maintain the accuracy, completeness and integrity of the credit reporting system.
3.5 General Information We Collect. The types of information the Member may collect about you depends on the nature of the product or service being provided to our clients. Typical information that the Member collects includes your name, gender, marital status, family information and history, mailing address, e-mail address, phone number(s), date of birth, birth certificate information, banking information, such as bank account number(s), place and details of employment, annual income, net worth information, credit history, past loan transaction history and Social Insurance Number. In cases where insurance products and services are involved, the Member may also collect personal health information where permitted by law. The Member may also request additional information to help us provide you with advice and information about other products and services that the Member believes would interest you.
3.6 Credit Information. Our lender clients routinely require us to provide personal credit and financial information. To comply with these requests, the Member requires your consent. The Member usually obtains this permission in a mandate letter, which you sign upon the commencement of our relationship with the borrower client. In other cases, your consent to the use and/or disclosure of your personal information will be obtained verbally or electronically or may be implied from the circumstances.
3.7 Marketing Additional Products and Services. The Member may want to use personal information (except for personal health information) to market products and services to you, either directly or through other Members or third parties. The Member will obtain your consent before using personal information for this purpose.
3.8 Non-Personal Information. We may collect anonymous/non-personal information and business information or render anonymous information we have about you. Because this information cannot be associated with or traced back to a specific individual, it is not governed by this Privacy Policy.
Principle 4 – Limiting Collection
4.1 Limiting Collection. The Member will limit the collection of personal information to that which is necessary for the purposes it has identified to you, using means which are fair and lawful.
4.2 Sources for Information. Although the Member will collect your personal information primarily from you, it may also collect it from external sources such as credit bureaus, references, employers, personal property and land titles registries and other government agencies, other lenders, and with regards to insurance products, medical information bureaus, brokers, insurers, advisory organizations, underwriting and claims information networks, and attending physicians.
Principle 5 – Limiting Use, Disclosure and Retention
5.1 Limiting Use and Disclosure. The Member will use or disclose personal information only for the purposes it was collected, unless you give further consent to use or disclose it for another reason, or it is permitted or required by law.
5.2 Exceptions. Under certain circumstances including those set forth in section 3.3, the Member has a legal duty or right to disclose personal information without the individual’s knowledge or consent.
5.3 Retention Policies. The Member retains personal information only as long as it is required for the reasons it was collected. The length of time personal information is retained varies depending on the purpose for which the information was collected. This period may extend beyond the end of your relationship with the Member but only for so long as it is legally necessary for the Member to have sufficient information to respond to any issue that may arise at a later date. When your information is no longer needed for the purposes for which is has been collected, the Member has procedures to destroy, delete, erase or convert it to an anonymous form.
Principle 6 – Accuracy
6.1 Keeping Information Accurate. The Member will keep your personal information as accurate, complete and up to date as necessary for the purposes for which it is used. The Member will update personal information only if it is necessary for the purposes for which it was collected and if the information is used on an ongoing basis. The Member will also rely on you for keeping certain personal information accurate, complete, and current, such as a change in address.
6.2 Errors May Occur. Despite our efforts, errors sometimes do occur. Should you identify that a Member holds incorrect or out-of-date personal information about you, the Member will make the proper changes and provide you with a copy of the corrected information. Where appropriate, the Member will communicate these changes to other parties who may have unintentionally received incorrect personal information from the Member.
Principle 7 – Safeguarding Personal Information
7.1 Safeguarding Information. The Member will protect personal information with security safeguards appropriate to the sensitivity of the information to protect personal information against loss or theft, unauthorized access, disclosure, copying, use, or modification. The Member’s safeguards vary depending on the information’s sensitivity, amount, distribution and format of the information and the method of storage. The Member uses a variety of security technologies and procedures to help safeguard your personal information. For example, personal information which the Member holds electronically is on password protected computer systems with limited access that are located in controlled facilities. Paper-based files are kept in controlled facilities and access is restricted on a need-to-know basis. All security measures are appropriate to the sensitivity level of your information.
7.2 Staff Compliance. The Member informs its staff about the importance of maintaining the confidentiality of personal information. As a condition of employment, the Member’s staff are required to abide by its policies and procedures, and they are prohibited from disclosing any personal information except as is necessary to carry on their employment duties.
7.3 Third Party Compliance. In instances where personal information is provided to third parties for providing goods or services, the Member generally requires the third party to safeguard all personal information in a way that is consistent with this Privacy Policy, or as regulated by law and the Member only gives to the third party the personal information necessary to perform those services. Further, the third party is prohibited from using that information for any other purpose.
7.4 Disposing of Information. Care is used by the Member when disposing of or destroying personal information, to prevent unauthorized access to the information.
Principle 8 – Openness
8.2 Amending this Policy. We may add, modify or remove portions of this Privacy Policy at any time and such change will become effective upon the publication of the updated Privacy Policy on our website at www.montrosemortgage.com.
8.1 Information Inquiries. The Member makes readily available to you, specific information about the policies and practices relating to the management of personal information. If you wish to obtain a copy of this Privacy Policy or if you have a question, concern or complaints about this Privacy Policy, please contact Montrose Mortgage Corporation Ltd. as follows or contact a Member in accordance with section 1.2:
Privacy Compliance Officer
Montrose Mortgage Corporation Ltd.
Suite 1110 – 201 Portage Avenue
Winnipeg, Manitoba R3B 3K6
Principle 9 – Individual Access
9.1 Access to your Information. Upon written request, the Member will inform you of the existence, use, and disclosure of your personal information and will afford access to that information upon payment of any applicable charges. You are entitled to challenge the accuracy and completeness of the information and have it amended as appropriate.
9.2 Exceptions to Access. Please note that the Member may not be able to provide information about you if it (i) would reveal personal information about a third party, (ii) is subject to legal privilege, (iii) contains other confidential information which would be revealed, (iv) is information that was generated in the course of a formal dispute resolution process, (v) relates to an investigation of a breach of agreement or contravention of laws, (vi) cannot be disclosed for other legal or security reasons, or (vi) is prohibitively costly to provide.
Principle 10 – Challenging Compliance
10.1 Challenging Compliance. You may challenge the Member’s compliance with this Privacy Policy. To initiate a challenge, you may begin by contacting the Member’s compliance officer in the manner set forth in section 1.2. The Member will investigate and respond to the challenge. If the Member finds your challenge is justified, it will take appropriate measures, including changing its policies or procedures, to ensure that other individuals will not experience the same problem