Your Privacy is Our Priority
Our privacy program
We maintain a privacy program that’s overseen by our Privacy Officer, featuring policies, practices, and processes, all intended to protect your information. The program is based on the ten fair information principles outlined in the Personal Information Protection and Electronic Documents Act (PIPEDA), one of Canada's federal privacy laws. Visit www.priv.gc.ca for more details.
Our Privacy Officer, supported by the Affinity Privacy Office, reports to our Executive Leadership and Board of Directors on the program's effectiveness and our organization's compliance with applicable privacy laws.
The key focuses of our program, described in more detail below, are:
For more details on how you can challenge our compliance with our privacy policies and exercise other rights related to your information, see the Contact the Affinity Privacy Office section below.
We'll only collect, use, and disclose your information with your express or implied consent or in limited circumstances when the law allows us to do so without your permission. We get your consent at various points of our relationship (e.g. when you apply for a membership).
Why we collect your information
We'll always identify why we're collecting your information when we collect it. Our privacy policies are updated when we identify a new purpose for collecting, using or disclosing your information. We'll only collect your data when needed for a valid business purpose or if otherwise required by law.
Most often, we collect, use and disclose your information for any of the following reasons:
- To verify your identity, assess your creditworthiness, and provide you with products and services
- To send you newsletters and other information, solicit your feedback, and offer you different products and services of ours and our partners and affiliates
- To service our accounts and manage our business relationships
- To identify ways to improve our products and services
- To make credit-related and other regulatory reports
- To oversee and assess security and risk related to our operations
- To assist in dispute resolution
- To comply with legal and regulatory requirements
What we collect
We may collect a variety of personal data about you, including:
- Government-issued identification
- Contact details, including your email, phone number, address, alternate contacts, etc
- Background details, including prior and current employment, marital status, products and services at other financial institutions, etc
- Credit reports
- Transactional data
- Information gathered during communications with staff (e.g. recorded phone calls) or through on-premises video surveillance
- Device information when you access our online services (e.g. IP address)
We collect information directly from you when you apply for and utilize our products and services and interact with us on an ongoing basis. We may obtain information about you from third parties, including credit agencies and via referrals (e.g. through our dealer finance program). If you conduct transactions with our customers, we'll collect and retain details about that transaction, which may include your personal information.
If we ask you for optional information that isn't required to obtain a product or service, we explain why we're asking for it and how we'll use it if it’s provided.
How it's shared
We may share your information with third parties to provide the products and services you request or if the law requires or permits us to. Any time your information is shared with a third party, we only share as much information as necessary to fulfil the purposes for which it's shared. Information may be shared with joint account holders or authorized representatives, such as a power of attorney or an executor of an estate.
We offer some of our products and services in partnership with other organizations, which results in your information being shared between us. You consent to this sharing by agreeing to the terms of our contracts and using the products and services.
We utilize third-party service providers for various purposes, including:
- Provision of specific products and services (e.g. Affinity credit cards)
- Cloud-based services
- Identity verification and authentication
- Obtaining credit reports (from Equifax and/or TransUnion)
- Payment processing and settlement
- Data processing and analysis
- Statement issuance and cheque printing
- Promoting products and soliciting feedback
- Storage and destruction of records
There are situations where we're legally required or permitted to collect or share your information without your consent, including:
- If we're legally required to disclose your information (e.g. a production order from law enforcement)
- To collect a debt
- To investigate, stop, or prevent fraud
- To protect yourself or others from harm, financial or otherwise
- When it's clearly in your best interest, and we're unable to obtain your consent promptly
When you can refuse to provide information
You can refuse to provide information or withdraw your consent to our use of your data at any time, subject to legal and contractual restrictions. Depending on the circumstances, your refusal or withdrawal of consent might result in us being unable to provide you with the products and services you request. Please note various laws oblige us to keep your information for defined timeframes once we have it, including after our business relationship ends.
One example of information you may refuse to provide in some instances is your social insurance number (SIN). Providing your SIN isn't mandatory unless you have an interest-bearing product. You can opt-out from us using your SIN for credit matching purposes. Alternatively, you may elect to provide your SIN regardless to help ensure any credit-related information we obtain about you is accurate.
See the Your Rights and Choices section below for more details.
Protecting Your Information
We take physical, technical, and administrative measures to keep your information safe, including:
- Keeping physical documents locked in secure storage
- Limiting staff access to systems and areas on our premises on an "as needed" basis
- Implementing security measures to prevent third-party access to our systems
- Implementing corporate training programs, policies, procedures, and practices for our employees so they understand their responsibilities related to keeping your information safe and confidential
- Maintaining record retention and destruction processes that ensure we only keep your information as long as necessary before it's destroyed or anonymized
- Developing incident response protocols that enable us to respond quickly and efficiently to issues involving personal information
Visit https://www.affinitycu.ca/banking/ways-to-bank/security for more information.
We work with third parties to help provide you with the highest standard of financial service. We require those third parties to protect your information in accordance with this policy. Depending on the circumstances, we ensure this is the case through contractual means and other administrative measures. Any third party that receives your information from us is only allowed to use it for the purposes we have shared it. We do not sell your information. We may share your data with third parties outside your province of residence or Canada, such as the United States, in which case the handling of your information will also be subject to the laws of that foreign jurisdiction.
Your Rights and Choices
We give you simple ways to control how we use your information. You can personalize your promotional, alert, and communication preferences to suit your needs. If you opt-out, you can always change your mind by letting us know you want to opt back in.
You may receive promotions, alerts or other notifications from our partners not managed by Affinity directly (e.g. newsletters from our wealth partners). Refer to the privacy policies and additional information provided to you with the related products and services to determine how you can update those preferences.
Updating your information
You can always contact us and update your personal information. We might ask you to confirm the accuracy of your information occasionally, such as your address and occupation. We'll identify you before making any changes to your information. To update your personal information:
- Log in to your online or mobile banking
- Visit an advice centre, or
- Give us a call at 1.866.863.6237
Any information you can't update through our website or mobile app must be changed through an advice centre or by phone at 1.866.863.6237.
Your preferred method of communication
You can tell us the time of day and how you prefer to be contacted, whether by phone, email, or mail. That's how we'll attempt to communicate with you unless it's inappropriate given the circumstances (e.g. in an emergency, we may call you even if you prefer email). To update your preferred communication method:
Your marketing preferences and text notifications
We review and process your information to identify opportunities to offer products and services that suit you. We rely on your implied consent to send you promotional offers and surveys until you tell us you don't want to receive them. We use third parties occasionally for this purpose. You may be contacted by mail, phone, email, or text.
Please note you can only opt-out from optional communications, such as product promotions. You can't opt-out of us contacting you with information relevant to our business relationship or your existing products and services. To opt‑out of:
Email offers and surveys
- Click 'Unsubscribe' or 'Manage Preferences' at the bottom of one of our emails and choose from the available options
- Visit an advice centre, or
- Give us a call at 1.866.863.6237
Telephone offers and surveys
Physical mail offers
Don't hesitate to contact the Privacy Office if you receive optional communications after opting out, so we can investigate and ensure you don't receive anything in the future.
Credit bureau and SIN consent
We obtain your credit report with your consent to help assess your suitability for certain products and services. If you don't consent to us pulling your credit report, various holds and restrictions will be placed on your accounts.
You may provide your SIN for identity verification (e.g. if you use our digital channels to onboard) and to help us accurately identify you with credit bureaus. Providing your SIN for those purposes is not a condition of service, and you can opt-out of our use of your SIN to pull credit information. Depending on what products and services you obtain, we may require your SIN for other reasons (e.g. if you have interest-bearing products). To opt‑out from:
Using your SIN for credit matching
Affinity alerts and credit card alerts
Affinity alerts are email notifications that tell you when specific actions or scenarios occur on your profile. They can be used to help you manage your finances and to keep an eye out for unauthorized activity. Two types of alerts are available through your online banking: general and account alerts. General alerts inform you of profile-based activity (e.g. changes to your password). The account alerts focus on activity within specific accounts (e.g. point-of-sale purchase notifications). To adjust your alerts, you can:
- Make changes through your online banking
- Visit an advice centre, or
- Give us a call at 1.866.863.6237
Similar notifications are available for Affinity credit card holders that you can adjust yourself through the credit card platform. If you'd like Affinity to change your credit card-related notifications for you:
Contact the Affinity Privacy Office
The Affinity Privacy Office, led by our Privacy Officer, oversees our organization's compliance with our privacy policies and the laws and regulations that apply to us. You can contact the Privacy Office for any of the following reasons:
- If you have questions or concerns about our information handling practices or compliance with our privacy policies
- If you want to amend your information, and you were unable to do so at an advice centre, through our Contact Centre or otherwise
- If you want to submit an access request related to your information in our records
The Privacy Office responds to all inquiries and complaints as soon as possible, but in any event, no later than 30 days after you’ve submitted it. If you submit a request or complaint, please ensure it's as detailed as possible to help us respond promptly. Our staff can help you prepare your submission if needed.
We usually don't charge a fee to respond to requests, but it may be necessary occasionally. We'll contact you before completing any work with a cost associated or if we need to clarify any details about your request/complaint. If we cannot comply with your request, we'll explain why.
You can contact the Affinity Credit Union Privacy Office at:
Affinity Credit Union Privacy Office
PO Box 1330
Saskatoon, SK S7K 3P4
If you reach out to the Privacy Office and you're not satisfied with how we respond to a request or complaint, you can contact the Office of the Privacy Commissioner of Canada at 1.800.282.1376 or online at https://www.priv.gc.ca/.