Privacy statement

• E-mail address and other identifying or personal information regarding individuals who are employees and name, title, address, telephone number, e-mail address and other contact information for individuals who are not employees;
• Information we collect to comply with securities regulatory requirements, anti-money laundering laws and regulations and similar purpose, such as:
  - date of birth;
  - information about an individual’s business or occupation;
  - copies of driver’s license, passport, birth certificate or other similar personal identification;
  - information about third party beneficiaries of an individual’s accounts; and
  - such other information that may be required from time to time by legislation.
• social insurance number and/or other personal identifiers collected for individual credit and background checks;
• individual credit reports and credit history, asset and liability information;
• information about an individual’s past dealings and accounts with us or our affiliates, such as payment history or reports of suspicious transactions;
• information about past financial dealings with third party references provided to us;
• investment risk profile information and other information used to assess your characteristics for the purposes of determining risk profile;
• account transaction and securities holdings information and similar account records collected and retained in the course of an individual’s transactions with us; and
• such other personal information that we may collected with an individual’s consent or as permitted or required by law.

• completed credit applications and personal financial statements completed by the individuals whose personal information is included or on behalf of a corporate credit application, which may require the provision about one or more individuals, including in his or her capacity as a guarantor of the obligations of the corporate customer;
• correspondence, whether written or electronic between us and existing or prospective corporate customers;
• corporate information we receive from existing or prospective customers in order to evaluate potential business relationships;
• publicly available databases that we access to learn more about existing and potential customers;
• credit reporting agencies and current and past creditors;
• our agents;
• third party financial institutions, brokers, securities dealers and similar references provided in connection with our evaluation of new customer relationships;
• our research on financial markets, industry sectors and other areas relevant to our business;
• our affiliates with whom an individual may have had past dealings;
• use of our Internet website, which generally involves the collection of (a) visitor data provided voluntarily by site users and (b) site data that is collected automatically by our systems to provide us with information about site use and for research analysis purposes;
• public registries (for example, to obtain and confirm information about registered security interests); and 
• ongoing transactions and interactions with us.

• reviewing corporate credit application forms and personal financial statements or personal net worth statements in furtherance of the credit process, including to make a determination of credit worthiness and whether to extend credit in response to credit requests;
• evaluating information provided in connection with potential lending engagements;
• verifying identities of directors, officers, guarantors and agents of a borrower;
• to obtain and exchange credit information, from time to time, from and with credit reporting agencies, credit references and other sources with whom you have or may expect to have financial dealings;
• to disclose and transfer it to a third party as part of a transfer or assignment of all or part of our interest in a financial transaction; 
• to approve you for, and notify you of, our products, programs and services;
• to develop and maintain our relationship with you, including promote or offer additional financial products and services that might benefit or be of interest to you;
• meeting risk management, fraud detection and prevention and security requirements;
• checking identities against money laundering, terrorist financing or similar watch lists;
• checking an individual’s past dealings or accounts with us or our international affiliates;
• within our automated decision-making process, to evaluate your circumstances and other factors to address risks;
• complying with suspicious transaction monitoring and regulatory reporting requirements; 
• otherwise meeting legal, regulatory and industry self-regulatory requirements;
• managing, administering and servicing a borrower’s assets and requested products and services;
• collecting or otherwise enforcing accounts and collecting any amounts owing to us; 
• in connection with audits;
• in connection with certain business transactions relating to our business or assets, as further described in the section entitled “Disclosure of Personal Information”, below;
• maintaining business records for reasonable periods and to meet legal and regulatory records retention requirements;
• generally managing and administering our business; and
• otherwise with an individual’s consent or as permitted or required by law.

• we have reasonable grounds to believe the information could be useful when investigating a contravention of a federal, provincial or foreign law and the information is used for that investigation;
• an emergency exists that threatens an individual’s life, health or security;
• the information is for statistical study or research;
• the information is publicly available;
• the use is clearly in the affected individual’s interest, and consent is not available in a timely way;
• knowledge and consent would compromise the availability or accuracy of the information, and
• collection is required to investigate a breach of an agreement.

• Services and Transactions: We may disclose personal information as necessary in connection with the transactions or services the client to whom your personal information pertains has requested.
• Disclosure within our organization:  Certain personal information about individual representatives (including officers, directors, shareholders, owners, principals, beneficiaries and guarantors) of our corporate clients may be disclosed to our affiliates for the purposes of our and their ongoing risk management, fraud detection and prevention and security requirements, and for identity and financial and related background verification in connection with the provision of our or their products and services.
• Service Providers:  We may use agents and service providers (including computer technology and financial service providers such as credit reporting agencies, and those of our affiliates acting in such capacities) to collect, use, store and/or process personal information on our behalf, and personal information may be transferred to those entities for the purposes described in this Privacy Policy. 
• Business Transactions:  Personal information may be used and disclosed to parties connected with certain business transactions, such as the proposed or actual financing, securitization, insuring, sale, assignment or other disposal of all or part of our business or assets, and for the purposes of evaluating and/or performing a proposed transaction.  These purposes may include permitting such parties to determine whether to proceed or continue with a proposed transaction, fulfilling reporting, inspection or audit obligations to those parties and disclosing personal information as part of concluding a sale or transfer of assets such as a lease portfolio.  Our Assignees or successors of our business or assets may use and disclose personal information for similar purposes as those described in this Privacy Policy.
• Internal Processes:  We may disclose personal information as reasonably necessary to meet insurance, audit, processing, security, regulatory and industry self-regulatory requirements.

• a lawyer representing us;
• collect a debt owed to us by the affected individual or client with respect to whom the affected individual’s personal information was collected;
• comply with a subpoena, a warrant or an order made by a court or other body with appropriate jurisdiction;
• a law enforcement agency in the process of a civil or criminal investigation;
• a government agency or department requesting the information; or

• Right to access and rectification
  You can ask us to access your Personal Data collected by us. Should you believe that your Personal Data is incorrect or incomplete, then you can ask us to rectify or supplement your Personal Data.
• Right to restrict Personal Data
  You can ask us to limit the Personal Data used by us. We may refuse a restriction request if we have a lawful reason to continue using the Personal Data (e.g. the exercise of a contract, a legal archiving duty, or the establishment, exercise or defense of legal claims).
• Right to data portability
  You have the right to ask us to receive the Personal Data that you provided to us with your consent, in a structured and machine readable format or to transfer your Personal Data to a third party. Should you ask us to transfer Personal Data directly to a third party, then this can only be done if it is technically possible.
• Right to object
  You have the right to object if we process your Personal Data, for example if we record telephone conversations. If you object to processing, we will determine whether your Personal Data can indeed no longer be used for those purposes. We can then decide to cease using your Personal Data. We will inform you about our decisions and motivations. You have also the right to request that we stop using your Personal Data for direct marketing purposes. We will then take steps to ensure you are no longer contacted for direct marketing purposes.
• Right to withdraw consent
  If you have given your consent to us for specific uses of your Personal Data, you can at any time withdraw your consent. From that moment, we are no longer allowed to use your Personal Data.

Complaints / Recourse
If an individual has a concern about our personal information handling practices, a complaint, in writing, may be directed to the Privacy Officer identified in this Privacy Policy. Upon verification of the individual's identity, our Privacy Officer will act promptly to investigate the complaint and respond to the individual within 60 days.

Where our Privacy Officer makes a determination that the individual's complaint is well founded, the Privacy Officer will take the necessary steps to correct the offending information handling practise and/or revise our privacy policies and procedures.

Where our Privacy Officer determines that an individual's complaint is not well founded, the individual will be notified in writing of such determination. If the individual is dissatisfied with the finding of and corresponding action taken by our Privacy Officer, the individual may bring a complaint to the Federal Privacy Commissioner at the address below:

The Privacy Commissioner of Canada
112 Kent Street, Ottawa,
Ontario K1A 1H3
Tel 1-800-282-1376
Website: www.privcom.gc.ca

Privacy Policy September 2023

View or download the Canadian Privacy Statement (PDF)