Privacy Statement

This Privacy Policy outlines our privacy practices concerning the collection, use, retention, disclosure and security of personal information obtained with respect to our clients, including credit applicants and guarantors (sometimes hereinafter referred to as “you” or “your”), in connection with financing transactions, including in particular, with respect to decisions regarding the extension of credit, and has been developed to comply with Canada’s Personal Information Protection and Electronic Documents Act ("PIPEDA").

Protecting client privacy is important and we are committed to maintaining personal information we obtain about our clients, including credit applicants and guarantors, secure and confidential. We use personal information to provide you with the products and services that you have requested, and to get to know you, your needs and your preferences. This helps us provide you with superior customer service and offer products, programs and services that may be of interest to you. Accordingly, we want you to understand what personal information we collect and how we use and share it, and what steps we take to protect the security of personal information.

Some providers of our products and services are entities with whom we are affiliated or have a co-venture, partnership or other similar relationship (“affiliates”). For the purposes of providing you with certain products or services, your personal information may be collected, used and disclosed by our affiliates, and this collection, use and disclosure may also be governed by the privacy policies of our affiliates.

Personal Information We Collect
In order to process your requests for our services we are required to collect personal information about you. PIPEDA defines “personal information” as any information about an identifiable individual, but does not include the name, title or business address or telephone number of an employee of an organization.

Accordingly, when used in this Privacy Policy, references to “personal information” mean, but are not limited to:

  • E-mail address and other identifying or personal information regarding individuals who are employees and name, title, address, telephone number, e-mail address and other contact information for individuals who are not employees;
  • Information we collect to comply with securities regulatory requirements, anti-money laundering laws and regulations and similar purpose, such as:
    • date of birth;
    • information about an individual’s business or occupation;
    • copies of driver’s license, passport, birth certificate or other similar personal identification;
    • information about third party beneficiaries of an individual’s accounts; and
    • such other information that may be required from time to time by legislation.
  • social insurance number and/or other personal identifiers collected for individual credit and background checks;
  • individual credit reports and credit history, asset and liability information;
  • information about an individual’s past dealings and accounts with us or our affiliates, such as payment history or reports of suspicious transactions;
  • information about past financial dealings with third party references provided to us;
  • investment risk profile information;
  • account transaction and securities holdings information and similar account records collected and retained in the course of an individual’s transactions with us; and
  • such other personal information that we may collected with an individual’s consent or as permitted or required by law.

Please note that you are not required to provide us with your social insurance number; however, in order to accurately process a credit application, we require either your social insurance number and your date of birth or your driver’s license number.

Collection of Personal Information
We may collect personal information in a number of circumstances in connection with our business. We may collect or otherwise come to possess personal information of individual representatives of corporate customers in connection with researching potential corporate clients, evaluating potential lending engagements, due diligence in connection with proposed transactions and ongoing management and servicing of our customer relationships. Although you will be the main source of the personal information we require, but we may also collect or otherwise receive personal information through a number of other sources, including:

  • completed credit applications and personal financial statements completed by the individuals whose personal information is included or on behalf of a corporate credit application, which may require the provision about one or more individuals, including in his or her capacity as a guarantor of the obligations of the corporate customer;
  • correspondence, whether written or electronic between us and existing or prospective corporate customers;
  • corporate information we receive from existing or prospective customers in order to evaluate potential business relationships;
  • publicly available databases that we access to learn more about existing and potential customers;
  • credit reporting agencies and current and past creditors;
  • our agents;
  • third party financial institutions, brokers, securities dealers and similar references provided in connection with our evaluation of new customer relationships;
  • our research on financial markets, industry sectors and other areas relevant to our business;
  • our affiliates with whom an individual may have had past dealings;
  • use of our Internet website, which generally involves the collection of (a) visitor data provided voluntarily by site users and (b) site data that is collected automatically by our systems to provide us with information about site use and for research analysis purposes;
  • public registries (for example, to obtain and confirm information about registered security interests); and
  • ongoing transactions and interactions with us.


Use of Personal Information
Personal information will be used for only those purposes to which the affected individual has consented, subject to certain exceptions detailed below, as permitted under PIPEDA.

We may use personal information with the affected individual’s consent in connection with credit decision-making, account opening processes and ongoing account administration, including for the following purposes:

  • reviewing corporate credit application forms and personal financial statements or personal net worth statements in furtherance of the credit process, including to make a determination of credit worthiness and whether to extend credit in response to credit requests;
  • evaluating information provided in connection with potential lending engagements;
  • verifying identities of directors, officers, guarantors and agents of a borrower;
  • to obtain and exchange credit information, from time to time, from and with credit reporting agencies, credit references and other sources with whom you have or may expect to have financial dealings;
  • to disclose and transfer it to a third party as part of a transfer or assignment of all or part of our interest in a financial transaction;
  • to approve you for, and notify you of, our products, programs and services;
  • to develop and maintain our relationship with you, including promote or offer additional financial products and services that might benefit or be of interest to you;
  • meeting risk management, fraud detection and prevention and security requirements;
  • checking identities against money laundering, terrorist financing or similar watch lists;
  • checking an individual’s past dealings or accounts with us or our international affiliates;
  • complying with suspicious transaction monitoring and regulatory reporting requirements;
  • otherwise meeting legal, regulatory and industry self- regulatory requirements;
  • managing, administering and servicing a borrower’s assets and requested products and services;
  • collecting or otherwise enforcing accounts and collecting any amounts owing to us;
  • in connection with audits;
  • in connection with certain business transactions relating to our business or assets, as further described in the section entitled “Disclosure of Personal Information”, below;
  • maintaining business records for reasonable periods and to meet legal and regulatory records retention requirements;
  • generally managing and administering our business; and
  • otherwise with an individual’s consent or as permitted or required by law.

We may use personal information without the affected individual's consent, where:

  • we have reasonable grounds to believe the information could be useful when investigating a contravention of a federal, provincial or foreign law and the information is used for that investigation; an emergency exists that threatens an individual’s life, health or security;
  • the information is for statistical study or research;
  • the information is publicly available;
  • the use is clearly in the affected individual’s interest, and consent is not available in a timely way;
  • knowledge and consent would compromise the availability or accuracy of the information, and
  • collection is required to investigate a breach of an agreement.

Disclosure and Transfer of Personal Information
Personal information will be disclosed to our employees, committees, and members of the Board of Directors that need to know the information for the purposes of their work, including as identified below. We may otherwise disclose personal information with the affected individual’s consent as permitted or required by law.

  • Services and Transactions: We may disclose personal information as necessary in connection with the transactions or services the client to whom your personal information pertains has requested.
  • Disclosure within our organization: Certain personal information about individual representatives (including officers, directors, shareholders, owners, principals, beneficiaries and guarantors) of our corporate clients may be disclosed to our affiliates for the purposes of our and their ongoing risk management, fraud detection and prevention and security requirements, and for identity and financial and related background verification in connection with the provision of our or their products and services.
  • Service Providers: We may use agents and service providers (including computer technology and financial service providers such as credit reporting agencies, and those of our affiliates acting in such capacities) to collect, use, store and/or process personal information on our behalf, and personal information may be transferred to those entities for the purposes described in this Privacy Policy.
  • Business Transactions: Personal information may be used and disclosed to parties connected with certain business transactions, such as the proposed or actual financing, securitization, insuring, sale, assignment or other disposal of all or part of our business or assets, and for the purposes of evaluating and/or performing a proposed transaction. These purposes may include permitting such parties to determine whether to proceed or continue with a proposed transaction, fulfilling reporting, inspection or audit obligations to those parties and disclosing personal information as part of concluding a sale or transfer of assets such as a lease portfolio. Our Assignees or successors of our business or assets may use and disclose personal information for similar purposes as those described in this Privacy Policy.
  • Internal Processes: We may disclose personal information as reasonably necessary to meet insurance, audit, processing, security, regulatory and industry self- regulatory requirements.
Personal information will be disclosed to third parties with the affected individual's knowledge and consent; provided, however, that PIPEDA permits us to disclose personal information to third parties, without the affected individual's knowledge and consent, to:
  • a lawyer representing us;
  • collect a debt owed to us by the affected individual or client with respect to whom the affected individual’s personal information was collected;
  • comply with a subpoena, a warrant or an order made by a court or other body with appropriate jurisdiction;
  • a law enforcement agency in the process of a civil or criminal investigation;
  • a government agency or department requesting the information; or

PIPEDA also permits us to transfer personal information to a third party, without the affected individual's knowledge or consent, if the transfer is simply for processing purposes and the third party only uses the information for the purposes for which it was transferred.

We will ensure, by contractual or other means, that third parties to whom personal information is disclosed or transferred protects the personal information in accordance with this Privacy Policy and uses it only for the purposes for which it was disclosed or transferred.

Disclosure and Transfers Outside of Canada
Some of the third parties to whom we may disclose or transfer personal information may be located outside of Canada, and personal information may therefore be disclosed, transferred, stored (including electronically) or processed outside of Canada for the purposes described herein.

Accordingly, any personal information which is disclosed, transferred, stored or processed outside of Canada may be subject to legal requirements in foreign countries applicable to us, including the United States Patriot Act, which requires all financial institutions to obtain, verify and record information that identifies every customer and facilitates, among other things, the ability of United States authorities to conduct searches and to seize or compel the disclosure of records.

An individual’s express, written consent will be obtained before or at the time of collecting personal information and the purposes for the collection, use or disclosure of the personal information will be provided to the individual at the time of seeking his or her consent. Once consent is obtained from the individual to use his or her information for those purposes, we have the implied consent of the affected individual to collect or receive any supplementary information that is necessary to fulfil the same purposes. Express consent will also be obtained if, or when, a new use is identified.

By signing a credit application and/or other forms, implied consent is granted by the individual to obtain and/or to verify information from third parties such as banks, credit bureaus, other lenders, and insurance companies in the process of assessing the eligibility of an individual or a corporate client on whose behalf the individual’s personal information is collected. An individual can choose not to provide some or all of the personal information at any time, but if we are unable to collect sufficient information to proceed with the approval of a request for financing, such request may be delayed or turned down.

A client or an individual can withdraw consent to the use of his or her personal information at any time by making such request in writing to us.

This Privacy Policy does not cover statistical data from which the identity of individuals cannot be determined. We retain the right to use and disclose statistical data as we determine to be appropriate.

Retention of Personal Information
Personal information will be retained in client files as long as the file is active and for such periods of time as may be prescribed by applicable laws and regulations.

A file will be deemed inactive if an application for credit is rejected, when financial obligations are repaid in full and securities are discharged, or when a guarantee is terminated. Information contained in an inactive file will be retained for a period of seven (7) years, except in the case where an application is rejected. Where an application has been rejected, the file and all personal information contained in the file will be retained for a period of two (2) years.

We endeavour to ensure that any personal information provided by the individual in his or her active file(s) is accurate, current and complete as is necessary to fulfill the purposes for which the information has been collected, used, retained and disclosed. Individuals are requested to notify us of any change in personal or business information we have collected. Information contained in inactive files is not updated.

We will use physical, organizational, and technological measures to safeguard personal information to only those employees or third parties who need to know this information for the purposes set out in this Privacy Policy.

Organizational Safeguards: Access to personal information will be limited to those individuals who require it to make determinations with respect to the extension of credit. Neither our employees nor our Board of Directors are permitted to copy or retain any personal information on individuals or clients and must return for destruction all such information given to them to review once the purpose for being provided with this information has been fulfilled.

Physical Safeguards: Active files are stored in locked filing cabinets when not in use. Access to work areas where active files may be in use is restricted to employees only and authorized third parties. All inactive files or personal information no longer required are shredded prior to disposal to prevent inadvertent disclosure to unauthorized persons.

Technological Safeguards: Personal information contained in our organization’s computers and electronic databases are password protected in accordance with internal policies. Access to our organization’s computers is also password protected. The Internet router or server servicing our organization has firewall protection sufficient to protect personal and confidential business information against virus attacks and "sniffer" software arising from Internet activity.

If an individual has a concern about our personal information handling practices, a complaint, in writing, may be directed to the Chief Privacy Officer identified in this Privacy Policy. Upon verification of the individual's identity, our Chief Privacy Officer will act promptly to investigate the complaint and respond to the individual within 60 days.

Where our Chief Privacy Officer makes a determination that the individual's complaint is well founded, the Chief Privacy Officer will take the necessary steps to correct the offending information handling practise and/or revise our privacy policies and procedures.

Where our Chief Privacy Officer determines that an individual's complaint is not well founded, the individual will be notified in writing of such determination. If the individual is dissatisfied with the finding of and corresponding action taken by our Chief Privacy Officer, the individual may bring a complaint to the Federal Privacy Commissioner at the address below:
The Privacy Commissioner of Canada 112 Kent Street, Ottawa,
Ontario K1A 1H3
Tel 1-800-282-1376

Questions, Requests for Access and Complaints
Any questions regarding this privacy policy may be directed to our Chief Privacy Officer. Requests for access to information or complaints must be made in writing and sent to the Chief Privacy Officer at the address below:
Chief Privacy Officer
3450 Superior Court, Unit 1
Oakville, Ontario L6L 0C4

If upon requesting access to information the individual finds that the information held by us is inaccurate or incomplete, upon the individual providing documentary evidence to verify the correct information, we will promptly make the required changes to the individual's active file(s).

Amendment Privacy Policy
This Privacy Policy is in effect January 1, 2013. This Privacy Policy is subject to amendment in response to developments in PIPEDA or other applicable privacy legislation and the Chief Privacy Officer will review and revise this Privacy Policy from time to time as required by such changes in privacy law. Any changes in this Privacy Policy will apply to personal information collected from the date of the posting of such revised Privacy Policy.