Privacy Commitment and Personal Information
We collect, use and disclose personal information to operate our business and as permitted or required by law. Personal information is information about an identifiable individual, as defined in the Federal Personal Information Protection and Electronic Documents Act (PIPEDA) and in any applicable provincial legislation, such as the Alberta Personal Information Protection Act, the British Columbia Personal Information Protection Act, and the Quebec Act Respecting the Protection of Personal Information in the Private Sector.
This Policy describes our current privacy practices. We update this Policy on an ongoing basis to ensure consumers, applicants, customers, third party program merchants, and service providers, are aware of updates to our privacy practices, to streamline those practices and to comply with applicable laws. Consumers are individuals who are not currently our customers; applicants are individuals who apply to become our customers; and customers are individuals who have been approved, use or have used our products and services in the past. Please visit this site regularly for updates. We will also notify individuals with whom we have a relationship of any material changes that may impact them.
Our Privacy Officer is responsible for ensuring that we comply with this Policy and applicable privacy laws.
We are responsible for personal information in our possession or custody, as well as personal information transferred to a third party for processing. More details on our third parties are provided below under “Limiting Use, Disclosure and Retention”.
Information We Collect, and Limiting Collection
Except where information is required to fulfill an identified purpose or as required by law, you get to decide what information you want to share with us.
Contact details and marketing preferences. We may collect information you provide, such as your name, phone number, address, city, email address, and marketing preferences if you visit or use our website or mobile application, register or apply for one of our products or services, interact with us through social media or online ads, participate in surveys, or engage with us in any way. We may collect that information for uses as described in this Policy.
Information about you. If you apply or sign up for one of our products or services, depending on the product or service, we may collect information about you, including your name, date of birth, contact details, identification information, employment and occupation details, tax residency details, living situation, intended purpose of account, and financial information. We may collect information from credit reporting agencies and other outside sources to verify financial information about you, such as your employment and credit history. If you give us your social insurance number (SIN), we may use it for tax reporting purposes. When you provide authorized user information, we expect that you have the authority to consent to its collection, use, and disclosure as outlined in this Policy. We may keep the information described above along with other information about you in our records, even after your account is closed for the purposes of complying with legal and regulatory obligations.
Digital and online information. We may collect information from your mobile and online activity; for example, information about your web browser, time zone, Internet Protocol (IP) address, mobile device ID, application and website use, and history. Cookies (small computer files that a website’s server places on your computer) collect information about your online behaviour. You can set your browser to reject cookies, but this may impair our ability to customize and test your experience, like remembering your preferred language or present location-specific information to you.
Transaction information. If you sign up for one of our products or services, depending on the product or service, we may collect information about your transactions, including purchases, account balances, fees, payment history, parties to transactions, card usage, and account usage. If you consent and provide account details for card or bank accounts with other providers, we may also collect and store transaction information from these accounts.
Counterparty information. If you add contacts to your account, we will collect and store their name, email address, and phone number. If you add business contacts to your account, we will collect and store the business name, nickname, and your account number with them.
Usage information. If you sign up for one of our products or services, depending on the product or service, we may collect information regarding the use of our website and mobile application, including screens visited and in-app behavior in order to monitor and improve the app.
Security credentials. If you create an account or sign up for one of our products or services, depending on the product or service, we may collect and store security credentials including your username, password, security questions, and card personal identification number.
Third party service providers. We may collect information about you from third parties that we have contracted with, such as credit reporting agencies or affiliates. We may collect publicly available information about you from online sources, or from surveys that you participate in. You may also enter into various services, agreements and reward and loyalty programs operated by third parties. The privacy policies of such third parties will apply to such transactions with third parties, and not this Policy.
Communication. When you have a telephone or online chat conversation with one of our representatives, your call and chat may be recorded for quality and training purposes, as well as to resolve concerns. If you choose to contact us by email or mail, we may retain your email or mailing address, the content of your communication and our responses.
We will clearly identify the purposes for which personal information is collected, used or disclosed prior to, or at the time of, collection, and as stated in our customer agreements and disclosures.
Contact. We may use your information to contact you. Your information allows us to contact you by various methods, including mail, email, SMS message, app push notification, and telephone at the contact points you’ve provided to us. We will contact you to respond to your questions, proactively provide you with information about your accounts with us, inform you about our products and services, and update you on changes to our website, mobile application, and other digital services we provide. We may use your information to send you important updates about your application status and account opening disclosures, and important or useful messages about your accounts. When you communicate online or by email, you should be aware that sending information over the internet isn’t secure, as it can be intercepted or manipulated and retransmitted.
Authentication. We may use your information to authenticate you. With your information, we can confirm your identity by sharing your information with credit reporting agencies as well as third party identity verification providers to authenticate you when you apply for a product or service, to verify that it’s you we are speaking with when you call into our Customer Service to discuss your account, or identify you when you visit us online or on our mobile application.
Assess creditworthiness. We may use your information to assess your creditworthiness from time to time. With your information, we can assess your creditworthiness to determine your eligibility for financial products and services, and process your credit applications. This information is helpful for us to offer you financial product choices that are suitable for you. In order to do this, we will provide your information to, and collect information about you from credit reporting agencies (refer to section 7 (Limiting Use, Disclosure and Retention) for information on third party sharing). Information used to assess your creditworthiness may include: credit reporting agency data, income data, employment data, living situation, and housing costs.
Service. We may use your information to service you. Your information may be used to open, maintain, service, process, analyze, audit and collect on your accounts. We may use your information to service your mobile account, optimize our website, perform business analytics, and provide you with a unique user experience. We may also send notifications and support mobile payments with this information. When we issue you a new card, we may provide your new account information to facilitate your payments, pursuant to industry standards (refer to section 7 (Limiting Use, Disclosure and Retention) for information on third party sharing).
Google Analytics. We use Google Analytics which allows us to see information on user activities including, but not limited to, page views, source and time spent on our website and mobile application. You may opt out of our use of Google Analytics by visiting the Google Analytics opt-out page.
Improvements. We may use your information to make improvements on our products and services, as well as our website and mobile application. We may use your personal information to evaluate existing products and services, develop new products and services, drive strategy and improve the customer experience we offer. Information we collect is also valuable for our quality and servicing training programs.
Customization. We also customize our website and mobile applications based on information collected, and use that information to understand and deliver products and services that you, and others who are similar to you, may find useful. The information is used to better understand our website and mobile application activity, and how users interact with our digital sites. It’s also used to monitor and improve our website and mobile applications.
Fraud prevention. We may use your information to prevent fraud. We may use your information to assess fraud and other risks to you and us, and to protect consumers, applicants, customers and providers from identity theft, fraud and unauthorized account access. When investigating fraud, we may ask for identification documents (such as a Canadian driver’s licence, Canadian passport, birth certificate, utility bill or bank statement, or other forms of identification).
Identification. We may use your personal information to identify you on third-party platforms you already use (such as Facebook and Twitter) and serve you ads through their marketing platforms. We may also use your information to identify you on third-party platforms (such as Facebook and Google), and then use the algorithms of those platforms to find other people with similar characteristics.
Rewards. We may use your personal information to identify you on our third-party platforms you already use (such as Neo’s partnered merchant platforms) to attribute rewards redemptions to your respective third-party account.
Reporting. We may use your application, transaction, authentication and “know your client” information to report to our banking partners, consumer reporting agencies, credit reporting agencies and other regulatory agencies as permitted or required by law.
If you apply for a product or service, communicate with us or provide personal information to us in any way, you acknowledge your consent for personal information collection, use and disclosure as set out in this Policy, applicable laws and industry standards. If we want to use your information for a purpose that was not disclosed at the time of initial consent, consent will be sought at the time of this new purpose.
Updating or withdrawing consent. Subject to legal and contractual restrictions, you can, with reasonable notice to us, withdraw your consent for use and disclosure of your personal information, other than that which is required for us to maintain your account and to provide services for which you were approved.
To opt out of our email marketing list after you have opted in, you may use the unsubscribe link provided in any email marketing material you receive.
To update your privacy preferences outside of email marketing, please do so by emailing email@example.com.
Opt out of cookies used for Online Behavioural Advertising (“OBA”). You can adjust your browser to reject cookies by clicking on the “AdChoices” link embedded in many of our ads. We subscribe to the Digital Advertising Alliance of Canada’s Self-Regulatory Principles for OBA. These principles promote consumers’ awareness and choice about how their information is used for OBA. You can opt out of the use of your browsing habits for OBA – just visit the AdChoices website provided by the Digital Advertising Alliance of Canada, and use the opt-out mechanism.
Limiting Use, Disclosure and Retention
We limit use, disclosure and retention of personal information to the purposes we identify, and as required by applicable laws.
Third parties. We do not sell or rent customer lists or personal information to others. We may share your personal information with service providers who perform services on our behalf (such as credit reporting agencies, identity verification services, card manufacturers, print suppliers, payment processing businesses, marketing, research, call centres, collections agencies, and other services as required to service you). Additionally, we may share anonymized and aggregated information with our third party program merchants in order to provide insights and analytics on their respective rewards programs. We may also share personal information with our co-brand card partners so that they can administer their rewards programs and deliver personalized offers and experiences to you. Our contracts with third parties include obligations to protect your personal information, and third parties must meet our privacy standards. When you engage with other companies directly, or contact us through their platforms, their use of the information they collect from you is subject to the terms of their privacy policies. We may share your information with regulators, courts or other institutions as required by law.
Savings accounts - We may share your information with the providers of our savings accounts, including Concentra Bank, for the purposes of regulatory reporting and compliance and to inform if we can onboard you as a customer for our products.
Credit Reporting Agencies – We may share your information with the credit reporting agency/agencies to make a decision about your application and other decisions about your account. Information shared may include the following: name; address; SIN; phone number; account numbers and terms; date of birth; transaction records; credit information; customer performance data. In addition, we may share your information, including but not limited to credit information, with credit reporting agency/agencies on an ongoing basis in order for our credit agency providers to maintain accurate consumer credit information within their databases in accordance with applicable laws. These credit reporting agencies may, in turn, verify this information and disclose such information in its discretion to cooperate with local, provincial and national authorities in the investigation of unlawful, improper or fraudulent activities.
Payment Processors – We may share your information with our third party payment processors in order to generate credit card details and maintain access to the Mastercard network. Information shared may include the following: name; address; account numbers and terms; date of birth; transaction records; and payment records.
Third party verification providers – We may share your information with third party verification service providers, including those who maintain records relating to you telecommunications service providers, for the purposes of identity validation, risk assessment, and maintaining accurate contact details for your account. Information shared may include the following: name; address; SIN; phone number; device information; location information, identification details, and ‘selfie’ photos for identification validation purposes.
Plastic manufacturers – We may share your information with the plastic manufacturer to issue your credit cards. Information shared may include the following: credit card number and details; name; and address.
Print suppliers – We may share your information with print suppliers to print letters and statements pertaining to your account. Information shared may include the following: last four digits of your credit card plastic number; name; address; and previous period transactions.
Payment processing suppliers – We may share your information with our payments processing suppliers to process your transactions and payments. Information shared may include the following: transaction information; account number; bank from which monies were extracted; and the name on the account of the bank.
Collections and law firms – We may share your information to help us collect a debt owed to us by you. Information shared may include the following: contact details, communication history, account details, and financial information.
Fraud detection services – We may use third parties to monitor your transactions to identify fraudulent activity on your account.
Mastercard – As part of the payment network, and pursuant to the Mastercard Automatic Billing Updater (ABU), Identity Check, and SecureCode programs as amended from time to time, or pursuant to other industry standards, we may update or provide information regarding your credit card or account. ABU facilitates the secure transmission of account updates to card-on-file and recurring payments merchants. ABU helps reduce the number of declined transactions due to card expirations, lost or stolen cards, and other account changes. SecureCode and Identity Check programs help verify purchases are yours through further authentication using passwords, one-time passcodes or biometrics.
Call centres and quality assurance providers – We may share access to your account information maintained on our financial systems, with call centres to service your account and provide you with customer support. We may share your customer experience with a third party to evaluate how we are doing, and ensure we are complying with applicable laws and regulations.
Marketing and research companies – We may share your information to understand and deliver products, services and offers that you, and others who are similar to you, may find useful. We may also share your information to block offers that you won’t find useful. This includes digital affiliates.
Program Merchants – We may share anonymized and aggregated spend, transaction, reward redemption, and demographic information to deliver personalized offers and experiences to you. We may also share your identifying information with third party program merchants to attribute rewards to your account in their platforms. We contractually require our third party program merchants to only use personal information in accordance with the terms of such offers and experiences and their privacy policies. Please consult the privacy policies of our third party program merchants for any offers and experiences offered by such merchants through our services, as those privacy policies and not this Policy will apply with regard to the merchant.
Regulators, courts, law enforcement and other government institutions – We may share your information to resolve concerns and as required by law.
Mobile Wallet Providers - If you choose to load your Neo Mastercard into a Wallet, we may share your information with the Wallet provider, Mastercard, and other Service providers as outlined in Neo’s Mobile Wallet Terms and Conditions.
Co-brand card partners
Assignees. We may, at any time, sell, transfer or assign any or all of our rights to our Canadian business, including our interests, rights or obligations regarding your accounts with us. If we do so, we may share your personal information with prospective purchasers, transferees or assignees. In such circumstances, we will contractually require any such purchaser, transferee or assignee to only use your information for the purposes specified herein, and to safeguard your information appropriate to the sensitivity of personal information.
Information processed outside Canada. Your personal information may be stored and processed with approved third parties within Belgium, Germany, Ireland, the Netherlands, the United Kingdom, and the United States. If a third party processes or stores information outside Canada, foreign governments, courts, law enforcement or regulatory agencies may therefore be able to access such personal information through the laws of the foreign jurisdiction.
We take steps to ensure that your personal information is as accurate, complete and up to date as is necessary for the purposes for which it is to be used.
If you believe that the personal information we have about you isn’t accurate or complete, please contact us by updating your information through our website or mobile application, by calling the customer service number on the back of your card, or by writing to the Privacy Office (see section 10 (Openness, Individual Access and Challenging Compliance) below). If you move, change your phone number, or change your email address, you are required to update your information with us.
We use procedures and practices appropriate to the sensitivity of personal information to protect against loss, theft and unauthorized access. Access to your information is restricted to those individuals and parties who require access.
For example, we have physical security (such as restricted access to our offices and secure storage), electronic protection (such as passwords and encryption) and safe business practices (such as customer authentication when you call us). We also train our staff on how to safeguard personal information.
While we take all reasonable measures to protect data, there is always inherent risk when providing personal information. You can help us safeguard your information too. If you contact us through email or social media, you should avoid sending sensitive information, such as your banking information or full credit card number. If someone purporting to represent us contacts you and requests your personal or financial information, and you are suspicious, you can always contact us to confirm that the request was legitimate before providing any such information. We also recommend that you use unique and strong passwords for your online accounts and that you don’t share your passwords with anyone.
Openness, Individual Access and Challenging Compliance
You can write to our Privacy Office to request access or to make corrections to the personal information we have on file for you. We will provide you with the personal information we have, subject to certain considerations specified by law. Some of the information we have on you, like your contact information and transactions, is available on your account statements.
You can contact Customer Service for general privacy inquiries or concerns at: firstname.lastname@example.org
For more information about our Policy, or to raise a privacy concern, please contact our Privacy Office at the following address:Attention: Privacy Officer
Neo Financial Technologies Inc.
200 - 632 Confluence Way SE
Calgary, AB T2G 0G1