fbpx
Principles of privacy
Accountability

Brio Insurance is responsible for all personal information it collects and stores under its control. Our employees complete mandatory privacy training and we have privacy policies and procedures in place that must be adhered to. We have a designated privacy officer who is accountable for compliance. We choose to work with reputable third-party service providers. If we need to send personal information to them, we use contracts and other measures to provide a comparable level of protection and compliance while information is being sent to or processed by them.

Identifying purposes

When we’re collecting personal information, we will tell you why we are collecting it and how it will be used either before or as we collect it. If we plan to use previously collected information for a new purpose, we will tell you the new purpose before we use it. If the new purpose is not required by law, we will ask for consent prior to using your information. We collect personal information for a number of purposes such as:

  • To identify you, understand your needs, and provide information and services.
  • To determine if you are eligible for and offer and process applications for insurance products and services you request.
  • To evaluate creditworthiness, and collect premiums and fees.
  • To respond to your inquiries, and assess ongoing needs.
  • To communicate with clients and the listed applicants.
  • To assess, manage, and underwrite risk.
  • To determine a premium, eligibility, and conditions for a premium payment plan.
  • To detect and protect against fraud.
  • For billing and administration, including for claims.
  • To meet legal, audit, security, and regulatory requirements.
  • To analyze business results.
  • As permitted by law.
Consent

We require your knowledge and consent to collect, use, and disclose your personal information, except in specific circumstances as permitted or required by law. These circumstances include:

  • To another organization to assist in the investigation of an offence under the laws of Canada.
  • Where the information is considered to be publicly available.
  • In response to a subpoena, warrant or court order to produce records, or otherwise as required by law.
  • To a government institution as permitted or required
  • For debt collection

How you give consent may vary depending on the product or service you request and the information required. Expressed consent is most often given in writing when you complete applications and forms. You can also give expressed consent verbally or by email in certain circumstances. Implied consent is when we assume you have given consent based on an action you took or decided not to. For example, if you request information about a specific product and provide your personal information, but you fail to check a box declining consent, we may assume you want to keep hearing about that product.

To purchase certain insurance products, you may need to provide personal information about other individuals, such as your spouse or dependents. Before you provide their information to us, you must receive consent from them to do so. Consent can be given through an authorized representative (such as a legal guardian or a person having power of attorney).

In order to provide you with a policy, we may need to disclose your personal information to insurance companies, motor vehicle and driver licensing agencies, and other affiliated parties. Your personal information is required by these companies in order to provide you with insurance coverage or the products and services requested. In order to settle claims, your information is shared with claims adjusters and insurers. In these instances, we assume your request constitutes implied consent for the specific related purpose.

Personal information may also be transferred to external agents or third-party service providers that perform services on our behalf.  These services could include but are not limited to data processing, obtaining quotes, secondary support, testing new products, and administrative services. Brio Insurance uses contractual or other means to provide a comparable level of protection to personal information when using third-party service providers. In some cases, services providers may be located outside Canada. Personal information processed by these service providers is subject to legal requirements in Canada. Please note, personal information may be subject to and accessed under the laws of the jurisdiction in which these service providers operate.

You may withdraw your consent at any time, subject to legal or contractual restrictions. Please note that by failing to provide consent or withdrawing your consent, we may not be able to provide the products and services requested or continue existing coverages. To withdraw your consent, you must make a request in writing and give us reasonable notice.

Please visit one of our offices to discuss the consequences of withdrawing your consent with our knowledgeable staff. They can provide the necessary request form and will forward your written request to our Privacy Officer.

Limiting collection

Brio Insurance will limit the collection of your personal information to only what is necessary for the purposes identified. Your personal information will be collected directly from you or from other sources with your consent or where permitted or required by law. These other sources include but are not limited to insurers, other brokers, consumer reporting agencies, motor vehicle and driver licensing authorities, claims adjusters, and health care professionals. If you send us an email, we will only use the content of the email for the intended purposes. We will only collect personal information by fair and lawful means.

Limiting use, disclosure and retention

We will only use and disclose personal information for the purpose it was collected, except with your consent or as required by law. Your personal information will only be retained for as long as necessary for the purpose it was collected and to meet regulatory and audit requirements.

These are some examples of when Brio Insurance may need to disclose personal information without consent to protect the interest of Brio or when required by law:

  • To assist in fraud detection and prevention.
  • By subpoena or search warrant.
  • By other court and government orders.
  • By demand from other parties who have a legal right to personal information.
  • By a person acting in a confidential or professional relationship with Brio, such as an auditor or solicitor.
Accuracy

Accurate and complete information allows Brio Insurance to provide the best possible service to our clients.  While we do our best to keep your personal information accurate, complete and up-to-date for the purposes it was collected and used, we also rely on our clients to update us on certain changes such as name and address. If your information needs to be updated, please contact us so that we can make the changes in a timely manner. Clients have the right to access, verify, and amend their information, we may hold once we’ve taken reasonable steps to verify your identity.

Safeguards

At Brio Insurance, security safeguards are in place to protect all personal information under our control against unauthorized access, use, loss, theft, disclosure and disposal. The nature of the safeguards which include physical, organizational, and technological measures will vary depending on the sensitivity of the information. All third-party service providers are required to safeguard personal information disclosed to them in a manner consistent with the policies of Brio Insurance and applicable legislation to maintain the confidentiality and protection of our clients’ personal information. They are not allowed to use your personal information for their own use or any unauthorized purposes.

Openness

We will make specific and understandable information available about our policies and practices relating to the care of personal information in our control. The contact information for our privacy officer, to whom inquiries and privacy complaints can be sent, is available in our offices or as detailed below.

Individual access

Upon written request, clients shall be made aware of the existence, use and disclosure of their personal information and will be allowed access to the information within a reasonable time frame. Please be aware there are certain situations where Brio Insurance may not be able to provide access to all the information it holds. Clients can challenge the accuracy and completeness of the information held, and request to have it amended as appropriate. We will take reasonable steps to verify an individual’s identity before processing the request for access or making corrections to personal information in our control.

Compliance

Any individual may question our compliance with the above principles. If you’d like additional information on our privacy practices please contact our Privacy Officer. Details on how to submit an access request, inquiry or privacy complaint are provided below.

How to make an access request, inquiry, or privacy complaint

All access requests, inquiries, or privacy complaints must be sent to our Privacy Officer in writing. You will receive a written response within 30 days unless an extension is required.  In order for Brio Insurance to respond in a timely manner, please provide us with as much information as possible as detailed below. If additional information is required, you will be contacted directly by the Privacy Officer.

Access request

Please provide the following in a dated and signed letter:

  • Name and mailing address
  • A description of the information to which you seek access
  • Phone number where you can be reached during the day
  • Location address where you would like to obtain access to the information (for example which office)
  • One piece of identification bearing a signature and photo, including your birth date will be required in office in order to obtain access to the information requested

Inquiry or privacy complaint

Please specify the following in a dated and signed letter:

  • Name and mailing address
  • The nature of the inquiry or complaint (please be as specific as possible)
  • Phone number where you can be reached during the day

All access requests, inquiries or privacy complaints are to be sent to:

Privacy Officer
Brio Insurance
233 Main St
Selkirk, MB
R1A 1S1

or via email:  privacyofficer@brioinsurance.ca

More information

To help you understand how we use and protect our clients’ data, please read through the information on these pages.