Privacy and Security
TD Privacy Code
The TD Insurance, General Insurance commitment to privacy
Protecting your privacy and the confidentiality of your personal information has always been fundamental to the way we do business within TD Bank Group1 (TD), including TD Insurance, General Insurance2 (TDIGI) as a member of TD.
We strive to provide you with the best customer service. To us, that includes treating you fairly and with respect.
The TDIGI Privacy Code informs you of the ways we help protect your privacy and the confidentiality of your information.
General Insurance Privacy Code
Table of Contents
Our Privacy Code
Our Privacy Code informs you of the practices we have in place relating to the management of personal information at TD in Canada. The word “information” means personal, financial and other details about you that you or your authorized representative provide to us and we obtain from others within or outside TD, including through the products and services you use.
This Code applies to any person who has requested from us, or offered to provide a guarantee for, any product or service offered by us in Canada. This includes individuals carrying on business alone or in partnership with other individuals and signing officers of our business customers. It consists of five key principles:
1. Collecting and using your information
Either before or when we collect information about you, we will explain how we intend to use it. We will limit the information we collect to what we need for those purposes, and we will use it only for those purposes. We will obtain your consent if we wish to use your information for any other purpose and before collecting information from third parties such as credit bureaus.
Your information is used to help us manage products and services you have with us, to contact you about products or services you may be interested in having with us, to help us collect a debt or enforce an obligation owed to us by you and to manage operations and risk within TD. Your information is also used in order to satisfy valid information requests from regulators and other organizations or individuals who are legally entitled to make such requests.
2. Releasing your information
We may provide your information to other persons in situations where –
3. Protecting your information
We will protect your information with appropriate safeguards and security measures. We will retain your information only for the time it is required and for the purposes we explained to you.
4. Providing your information access and keeping your information accurate
Upon request, we will give you access to the information we retain about you and we will make reasonable efforts to keep your information accurate and up-to-date.
5. Respecting and responding to your privacy concerns
We will explain your options for withdrawing consent to the collection, use and disclosure of your information, and we will record and respect your choices. We will investigate and respond to your concerns about any aspect of our handling of your information.
In this Code, we explain how we fulfill each of these important principles.
Why we ask for your information
We ask you for information to enable us to complete your request and to establish and serve you as our customer.
We collect the information we need and only use it for the purposes explained to you.
When you apply for a new product or service, we will indicate in the application or agreement how we intend to use your information. We will indicate clearly which information would help us to serve you but is optional for you to provide.
We obtain most of our information about you directly from you.
At the time you request to begin a relationship with us and during the course of our relationship, we may collect information about you. The information we ask for depends on which product or service you want. For every product or service, we need your name, address, birthdate, occupation and some identification. Here is why we need some of the information we may ask you to provide:
We also collect information during our interactions with you.
How we obtain your consent
It is important to understand the different ways that we may obtain your consent to collect, use, disclose and share your information.
Depending on the situation and the sensitivity of the information, we may obtain your consent in different ways. Express consent may be obtained verbally, online or in writing. Implied consent may be obtained through your use of a product, or when you approach us to obtain information, inquire about or apply for products or services from us.
We will not make your consent a condition of obtaining a product or service, unless it is reasonably or legally required, and we will clearly indicate when this is the case.
Why we share your information
We may share information within TD to manage your total relationship with us including servicing your account and maintaining information about you, to manage and assess our risks and operations, including to collect a debt owed to us by you and to comply with legal or regulatory requirements.
Your information may be shared, stored or accessed in Canada or other jurisdictions or countries. Your information may be disclosed in response to valid demands or requests from governments, regulators, courts and law enforcement authorities in those jurisdictions or countries.
Sharing your information within TD helps us determine your preferences and allows us to review whether any other products or services are suitable for you so that we may offer them to you – including special promotions that we believe will be of interest to you.
In order to understand when you can withdraw your consent, refer to the "Respecting your preference" section.
Why we ask others for information about you
With your consent, we may obtain information about you from third parties, including credit reporting agencies.
Obtaining additional information about you from parties outside TD helps us assess your eligibility for our products.
When we release your information
We do not sell or rent customer lists or personal information to others. However, we may release your information to parties outside TD in certain circumstances, which include –
How we protect your information
We will protect your information with appropriate safeguards and security measures.
We have security standards to protect our systems and your information against unauthorized access and use.
For example, our systems have been designed to ensure that your Personal Identification Number (PIN), password and other access codes are always private and confidential. For your protection, your access codes are known only to you – our employees cannot gain access to them and they will not ask you to reveal them.
All our suppliers and agents, as part of their contracts with TD, are bound to maintain your confidentiality and may not use your information for any unauthorized purpose.
When we provide information in response to a legal inquiry or order that we believe to be valid, we disclose only the information that is legally required.
All employees of TDIGI are familiar with the procedures that must be taken to safeguard customer information. And to us, protecting the confidentiality of your information is more than a procedure – it’s part of our job. It is specified in our employment agreements and regularly confirmed in writing.
We audit our procedures and security measures regularly to help ensure that they are being properly administered and that they remain effective and appropriate to the sensitivity of the information.
We retain your information only as long as it is required for the reasons it was collected.
The length of time we retain information varies depending on the product or service and the nature of the information. This period may extend beyond the end of your relationship with us but only for so long as it is necessary for us to have sufficient information to respond to any issue that may arise at a later date or for legal or regulatory purposes. When your information is no longer needed for these purposes, we have procedures to destroy, delete, erase or convert it to an anonymous form.
Your right to access your information
Upon request, we will give you access to the information we have about you. If requested, we will assist you in making your request.
Any request to TD Insurance, General Insurance to access your information should be sent to our Privacy Officer in writing at the following address:
TD Insurance, General Insurance
We will ask you for specific details such as account numbers.
We will advise you in advance if a minimal charge will be required for conducting the search and we will respond to your request within 30 days.
Please note that we may not be able to provide information about you from our records which contains references to other persons, is subject to legal privilege, contains confidential information proprietary to TD, relates to an investigation of a breach of agreement or contravention of laws, or cannot be disclosed for other legal reasons.
If you have any questions regarding decisions made about you, we will tell you the reasons for those decisions. If we relied on information from a third party, such as a credit bureau, to make the decision, we will provide you with the name and address of the third party.
Keeping your information accurate
We will make reasonable efforts to keep your information accurate and up-to-date.
Having accurate information about you enables us to provide you better service and minimize the possibility that out-of-date information may be used to make a decision which impacts you.
We have procedures and practices in place to help us maintain the accuracy of your information. For most updates, we rely on you for information. You can help by keeping us informed of any changes, such as if you move or change telephone numbers. If you find any errors in our information about you, let us know and we will make the corrections immediately, and make sure they are conveyed to anyone we may have misinformed. For information that remains in dispute, we will note your opinion in the file.
Respecting your preferences
We will explain your option to withdraw your consent to the collection, use or release of your information, and, given reasonable notice, we will record and respect your choices.
In most cases you are free to refuse or withdraw your consent at any time. You may do so by leaving us a message at 1 866 323 0266 or by contacting our client services centre. Our staff will be pleased to explain your options and any consequences of withdrawing your consent, and record your choices.
There are several privacy preferences available to you, subject to legal, business or contractual requirements. If you prefer, you may choose not to have us –
- Contact you by telephone, fax, text messaging, or other electronic means, and automatic dialing-announcing device, at the numbers you have provided us, or by ATM, internet, mail, email and other methods with marketing offers that may be of interest to you.
This does not include messages or other information about promotional offers we provide on, or enclose with, your written or electronic account statements, or that we may discuss while talking with you. Any marketing campaigns that are already underway may not immediately take your preference into account.
- Share your information within TD in certain circumstances
- Contact you to participate in customer research and surveys
Addressing your concerns
If you have any questions or concerns about privacy, we encourage you to let us know. If you choose to mail, fax or email2 us, please include your full name, address and telephone number.
We've developed a resolution process that can deal with most concerns in a single, simple step.
Talk to Your TDIGI Representative
Many concerns can be resolved right at the time when they occur. Discuss your concern with your TDIGI Representative who will be happy to help you.
Further steps you can take
If the TDIGI Representative is not able to resolve your concern to your satisfaction or if, after the first step, you are still not satisfied that your concern has been resolved, TDIGI offers two more internal levels that can help you.
Elevate Your Concern
If you have contacted us and are not satisfied with the resolution that has been suggested, your concern can be referred to a representative of the TD Insurance Customer Care Department.
How to contact us:
TD Insurance Customer Care Department
Contact the TD Insurance Ombudsman
If you have been through the first two steps and you still feel your concern has not been resolved, please contact the TD Insurance Ombudsman. The office of the TD Insurance Ombudsman acts as an independent body that mediates between customers and different TD Insurance groups to resolve outstanding concerns. When you refer a concern to the TD Insurance Ombudsman, the office will conduct a thorough and impartial investigation and work to reach a fair and reasonable resolution.
The TD Insurance Ombudsman does not normally investigate concerns regarding bank policies, including credit granting policies or risk management decisions; levels of interest rates, service charges or fees that apply to all customers; or matters where legal action has already commenced or has been concluded.
Include your full name, address, telephone number(s) and the details of your concern in your letter, email or fax.
The following independent services can provide you with information and a further review of your complaint if you do not accept the decision of the TD Ombudsman. You can also contact these services if you have waited more than 90 days for a resolution after elevating your concern (Step 2).
General Insurance OmbudService (GIO)
Our Online Privacy Code
This Online Privacy Code tells you how we handle the information we obtain from you when you use our websites.
A cookie is a small file containing certain pieces of data that a website creates when you visit the website, either from a computer or a device such as a mobile phone or tablet. When you visit a website, a cookie may be used to track the activities of your browser as well as provide you with a consistent, more efficient experience.
There are two common types of cookies that we use: “Session cookies” and “Persistent cookies”.
Session cookies store information only for the length of time that you are connected to a website – they are not written onto your hard drive. Once you leave the website, they expire and are no longer active.
Persistent cookies store information for longer than the length of time that you are connected to a website – they are more permanent and store information on your hard drive. Persistent cookies can be re-read when you return to the website that placed them on your hard drive.
On our websites we use Session and Persistent cookies in the following ways.
We use Session cookies –
We use Persistent cookies –
Managing Your Cookies
Tags & Other Tracking Technologies - help us to manage some of our online advertising and report on activities that happen after a web user sees or clicks on one of our online ads. These tags enable us to learn which advertisements bring users to our website and combined with a cookie and the information a user provides us when completing an online application, may identify the individual and the individual’s activities on our site.
Online Ads - some of the ads TD places on external websites use behavioural remarketing (a form of online targeted advertising based on a consumer’s previous Internet actions). When you click on one of these ads, a third party cookie is placed on your device. This persistent cookie together with web beacons (small transparent graphic images embedded in web pages that when combined with cookies help provide a website operator the ability to monitor usage and effectiveness of a website) are used to monitor whether you have previously clicked on a TD ad and your related activities on our website. This process does not associate this cookie with a particular individual, only a device. When your device is used to revisit an external website that displays TD ads, the presence of this cookie on the device may be used to trigger the display of additional TD ads. You may opt-out by clicking here: http://preferences.truste.com/truste/. Please note this does not opt you out of being served generic advertising.
Online Authentication Process
Responding to surveys online
When you submit your response online to a survey question, we receive your answer or any opinions or information that you volunteer.
For a survey, we may publish results in aggregate on our websites. We may also use your response to improve our products or services. Based on your participation in a survey, we may forward information about our offers on products and services that we believe may be of interest to you.
Our Mobile Apps Privacy Code
This Mobile Apps Privacy Code tells you how we handle the information we obtain from you when you use our mobile apps. If you are using your mobile device, such as a mobile phone or tablet, to access TD websites, please refer to our Online Privacy Code.
What information we collect and how we use it
Depending on the TD mobile app you use, we may collect the following information from you or your device as you use the mobile app: personal information you input into the app, financial information, transactional data, mobile phone number, geolocation, IP address, device ID, mobile country code, and Integrated Circuit Card Identifier.
We may use your information to provide or enhance the app-specific products or services you request from us or to improve the functionality of our TD apps.
We may also use and disclose your information as described in the Privacy Agreement located on our website
Please note that the ability to collect certain personal information is controlled by your device, for example geolocation. Please refer to the documentation for your device regarding how to allow or block the collection of location or device information. If you choose not to provide location or certain device information, some services you request may not operate effectively.