|
The Scotiabank Group Member will use or disclose personal information only for the reasons it was collected, unless a customer gives consent to use or disclose it for another reason, or it is permitted or required by law.
Under certain exceptional circumstances, the Scotiabank Group Member has a legal duty or right to disclose personal information without customer knowledge or consent to protect matters which include the Scotiabank Group Member's or the public interest.
The Scotiabank Group Member will keep personal information only as long as necessary for the identified purposes for which it was collected.
5.1 The Scotiabank Group Member may disclose personal information without consent when required by law. For example:
5.2 In these circumstances, the Scotiabank Group Member will protect the interests of its customers by making reasonable efforts to ensure that:
-
orders or demands appear to comply with the laws under which they were issued.
-
it discloses only the personal information that is legally required, and nothing more.
-
it does not comply with casual requests for personal information from government or law enforcement authorities.
The Scotiabank Group Member may notify customers that an order has been received, if the law allows it.
The Scotiabank Group Member may notify customers of such orders by telephone, electronic mail or by letter to the customer's last known address.
5.3 The Scotiabank Group Member may want to use personal information (except for personal health information) to market products and services to its customers, either directly or through other Scotiabank Group Members or affiliates. The Scotiabank Group Member will obtain the consent of the customer before using personal information for this purpose.
When a customer applies for a product or service and provides personal information, the Scotiabank Group Member will:
-
Tell the customer that this personal information may be used by it or other Scotiabank Group Members or affiliates to market other products and services to the customer.
-
Describe the types of Scotiabank Group Members and affiliates who might market their products or services.
-
Ask the customer for consent, telling them that this use of personal information is optional.
The first time a new type of Scotiabank Group Member or affiliate provides promotional information about its product or service, the Scotiabank Group Member or affiliate will:
5.4 A Scotiabank Group Member involved in the provision of an insurance product will collect personal health information only for specific purposes. It will not disclose personal health information to other Scotiabank Group Members or affiliates, and vice versa. For example, the Bank will not use or have access to another Scotiabank Group Member's customer personal health information to help assess a loan application.
5.5 The Scotiabank Group Member specifies in its policies and procedures the periods of time it will keep personal information. Some of these time periods are determined by legislation. If personal information has been used to make a decision about a customer, the Scotiabank Group Member will keep the personal information long enough for the customer to have access to it after the decision has been made, subject to any regulated record retention period.
5.6 The Scotiabank Group Member will destroy or erase any personal information no longer needed for its identified purposes or for legal requirements.
The Scotiabank Group Member's policies and procedures explain how the Scotiabank Group Member will destroy personal information so that unauthorized persons or organizations do not gain access to it.
|
