Privacy

At nowly Insurance (“nowly“, “we” or “us“) we value you as a customer and take the confidentiality and privacy of your personal information very seriously. All collection, handling and storage of your personal information is managed in full accordance with all federal and provincial privacy requirements and legislation including the Personal Information Protection and Electronic Documents Act. The purpose of this Privacy Statement is to inform you about the types of Personal Information Teachers Life collects, uses, and discloses in connection with our operations. It explains how we use and disclose that information, the choices you have regarding such use and disclosure, and how you may correct that information. This Privacy Statement does not apply to any linked websites that are operated by third parties, and nowly is not responsible for the privacy practices of those websites. You should review the privacy policies of those websites to ensure that they are acceptable to you. From time to time, we may make changes to this Privacy Statement. The Privacy Statement is current as of the “last revised” date which appears at the top of this page. Generally, we will treat Personal Information in a manner consistent with the Privacy Statement under which it was collected, unless we have your consent to treat it differently.

The following topics will be covered in this Privacy Statement:
  1. What is Personal Information?
  2. How do we collect your Personal Information?
  3. What about cookies?
  4. Where do we store your Personal Information?
  5. How do we use your Personal Information?
  6. To whom do we provide your Personal Information?
  7. When and how do we obtain your consent?
  8. How long will we utilize, disclose or retain your Personal Information?
  9. How can you review your Personal Information that we have collected, utilized or disclosed?
  10. How do you know that the Personal Information we have on you is accurate?
  11. What if the Personal Information we have on you is inaccurate?
  12. How fast will we respond to your written requests?
  13. Are there any costs to you for requesting information about your Personal Information or our privacy practices?
  14. How do we know that it is really you requesting your Personal Information?
  15. What safeguards have we implemented to protect your Personal Information?
  16. How do you contact us regarding access to your Personal Information or our privacy practices?

1. What is Personal Information?

“Personal Information” is any information that is identifiable with you, as an individual. This information may include but is not limited to your name, contact information, date of birth, medical and health information, employment and income information, and financial information. It includes any information that you provide to us; any information that we generate about you (such information about your transactions with us); and any information that we are permitted to receive from third parties (such as medical/health professionals, the Ministry of Transportation, or consumer reporting agencies). Personal Information, however, does not include any information that is solely used to communicate with you in relation to your employment, business or profession, such as your name, position name or title, work address, work telephone number, or work electronic address.

2. How do we collect your Personal Information?

We will always collect your Personal Information by fair and lawful means. We may collect Personal Information from you directly and/or from third parties, where we (and/or those third parties) have obtained your consent, or as otherwise required or permitted by law. The data we collect includes your IP address, information about how visitors explore our websites and about the number of new and repeat visitors, the pages they visited on our website, the date and time of their visits, the length of the visits, the referral URL, and information about the device and browser used and other similar details.

3. What about cookies?

Our website uses various technological means to collect limited information about you to make our website more useful. “Cookies” are data files that a website sends to your computer while you are viewing the website. These data files include information that allows a website to remember important information that will make your use of the website more efficient and useful to you. Cookies do not harm your computer system or files, and only the website that transferred a particular cookie to you can read that cookie. 

Our websites uses encrypted and non-encrypted cookies for a variety of purposes. We may use cookie technology and IP addresses to obtain non-personal information from our on-line visitors and also to provide registered visitors with the best possible personalized on-line experience.

For example:

• Our website uses cookies and other technological means to collect information about visitors to our site, which is stored in Google Cloud Platform data centers located in Canada. We may collect the IP address of a user’s computer, as well as environmental variables, such as the time you accessed our website, the type of web browsers and operating system or platform used, the Internet address of the website you left to visit our website, the pages you visit while at our website and the Internet address of the website you then visit on leaving our website. This information is collected for our internal use, such as to enhance website security, and to help determine the effectiveness of our website.

• For users who have a secure online account with us, our member log-in processes may use session cookies. Session cookies enable the website to recognize your log-on credentials, and enhance your browsing experience. Session cookies are stored in your computer’s temporary memory and are deleted when you close your browser.

If you do not want to use cookies, there are simple procedures in most browsers that allow you to delete existing cookies, to automatically decline cookies or to be given the choice of declining or accepting cookies. Please refer to your browser instructions or help screen to learn more about these functions. If you choose to decline cookies, this may impair your ability to access and use some parts of our website.

4. Where do we store your Personal Information?

We store your personal information in our data centre.

Our service providers may, from time to time, also hold your personal information in connection with purposes for which you provided your consent. We may keep a record of your personal information, correspondence or comments in a file specific to you. Our service provider, HubSpot’s, product infrastructure is hosted on Amazon Web Services (AWS) in the United States East region. HubSpot leverages the Google Cloud Platform (GCP) in the EU (Frankfurt, Germany region) to support the processing of local customer data that is critical to our customers’ businesses. This includes leads, email events, and analytics. By hosting these services in both AWS in the US and GCP in Germany, HubSpot has increased the performance and reliability of those services by locating them closer to end users in the EU. Customer data is processed and secured in the EU before being transmitted and stored in the US. The cloud infrastructure hosted on GCP provides additional redundancy for all HubSpot customers for critical components of our system. A number of HubSpot services are routed through the GCP EU data center before being securely transferred to the US and securely stored in AWS. Our Service Provider, Breathe Life’s product infrastructure is hosted on the Google Cloud Platform in Montreal, Canada Region. Breathe Life processes customer data for the application purpose of purchasing insurance policies. Our Service Provider ManageMy’s, production infrastructure is hosted on Amazon Web Services (AWS) in the Canada (Central) Region. ManageMy processes customer data for the purpose of a customer portal. Giving customer access to their insurance policies details, updating the contact information, submitting claims, and purchasing insurance policies. Our Service Provider, Stripe, is a PCI Service Provider Level One1. Stripe is a PCI-DSS Payment Facilitator. They collect payment information for the purpose of purchasing insurance policies and paying premiums. Our Service Provider Medical Information Bureau (MIB), a not-for-profit membership organization of life insurance companies, which operates an information exchange on behalf of its members for accurate customer risk assessment. Our Service Provider Virgin Pulse stores data at Amazon Web Services in the United States of America. Virgin Pulse collects personal information to identify individuals who are eligible to join the wellness program.

5. How do we use your Personal Information?

We identify the purposes for which we use your Personal Information at the time we collect such information from you and obtain your consent, in any case, prior to such use. We generally use Personal Information for the following purposes (the “Purposes”):

• to process your application for our insurance;

• to underwrite your policies;

• to process your claims;

• to register or administer your member account;

• to advise you about new programs and services that may be of interest to you;

• to respond to requests or complaints;

• to collect opinions and comments in regard to our operations; and

• such other purposes for which nowly may obtain consent from time to time.

6. To whom do we provide your Personal Information?

Generally, we do not disclose your Personal Information. We will only make disclosures of Personal Information to such persons for which you provide your consent or as permitted or required by law.

Aside from those disclosures, we may transfer your Personal Information to third party service providers that are assisting us with the Purposes and that are acting on our behalf, including reporting agencies. We ensure that those third party service providers protect your Personal Information according to our standards and privacy laws by imposing contractual and other binding means. Alternatively, if we use publicly available online service providers to handle basic Personal Information on our behalf, we advise you of those service providers and how you can obtain information about their privacy practices.

7. When and how do we obtain your consent?

We generally obtain your consent prior to collecting, and in any case, prior to using or disclosing your Personal Information for the Purposes. The form of consent that we seek, including whether it is express or implied, will largely depend on the sensitivity of the personal information and the reasonable expectations you might have in the circumstances. In limited circumstances, we may rely on a third party to obtain your consent to the sharing of your personal information with us.

You may withhold or withdraw your consent for the collection, use and/or disclosure of certain Personal Information, subject to any limitations under applicable law. If you seek to do so, we will inform you of the consequences of withholding or withdrawing your consent, such as nowly being unable to provide you with your chosen products or coverage.

8. How long will we use, disclose or retain your Personal Information?

We will use, disclose or retain your Personal Information for as long as necessary to fulfill the purposes for which that Personal Information was collected and as permitted or required by law. We provide customers with the ability to delete their account data. This is initiated by the customer via our customer portal online or through our digital app. The customer must confirm and enter their customer portal password at the time of the request. The request is sent to our team to review and initiate. The action does not cancel an active insurance policy, or delete any data which resides outside the customer portal and app.

9. How can you review your Personal Information that we have collected, used or disclosed?

If you make a written request to review any Personal Information about you that we have collected, used or disclosed, we will provide you with any such Personal Information to the extent required by law. We will make such Personal Information available to you in a form that is generally understandable, and will explain any abbreviations or codes.

10. How do you know that the Personal Information we have on you is accurate?

We will ensure that your Personal Information is kept as accurate, complete and up-to-date as possible. We will not routinely update your Personal Information, unless such a process is necessary. We expect you, from time to time, to supply us with updates to your Personal Information, when required.

11. What if the Personal Information we have on you is inaccurate?

At any time, you can challenge the accuracy or completeness of your Personal Information in our records. If you successfully demonstrate that your Personal Information in our records is inaccurate or incomplete, we will amend the Personal Information as required. Where appropriate, we will transmit the amended information to third parties having access to your Personal Information.

12. How fast will we respond to your written requests?

We will attempt to respond to each of your written requests not later than thirty (30) days after receipt of such requests. We will advise you in writing if we cannot meet your requests within this time limit. You have the right to make a complaint to the Privacy Commissioner of Canada (or other privacy authority with jurisdiction) in respect of this time limit.

13. Are there any costs to you for requesting information about your Personal Information or our privacy practices?

We will not charge any costs for you to access your Personal Information in our records or to access our privacy practices without first providing you with an estimate of the approximate costs, if any.

14. How do we know that it is really you requesting your Personal Information?

We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Information. Any such identifying information shall be used only for this purpose.

15. What safeguards have we implemented to protect your Personal Information?

We have implemented physical, organizational, contractual and technological security measures to protect your Personal Information from loss or theft, unauthorized access, disclosure, copying, use or modification. The only employees, who are granted access to your Personal Information, are those with a business ‘need-to-know’ or whose duties reasonably require such information.

16. How do you contact us regarding access to your Personal Information or our privacy practices?

All comments, questions, concerns or complaints regarding your Personal Information, this Privacy Statement or our privacy practices, should be forwarded to our Privacy Officer at the following email address: help@nowly.ca


Or by mail to: Privacy Officer nowly, 50 Burnhamthorpe Road West, Suite 703, Mississauga, ON L5B 3C2

magnifiercross