We have detected that you are using an unsupported browser. To ensure the security of your account, you must update your browser to the latest version.
Nous avons détecté que vous utilisez un navigateur qui n’est pas pris en charge. Pour assurer la protection de votre compte, vous devez mettre votre navigateur à jour avec la dernière version.
Your first-party cookies are currently disabled. You will not be able to access all of the functionalities on this website. To enable your first-party cookies, please follow the directions at https://www.whatismybrowser.com/guides/how-to-enable-cookies/auto.
Vos cookies internes sont actuellement désactivés. Ces cookies sont requis pour accéder à toutes les fonctionnalités de ce site web. Pour activer vos cookies internes, veuillez suivre les directives à l'URL suivante: https://www.whatismybrowser.com/guides/how-to-enable-cookies/auto.

MD Privacy Agreement

MD Financial Management (MD) recognizes the importance of your personal information and we never take for granted the trust that you — as a client or a business partner — have placed in us to protect that information.

MD values transparency. With this Privacy Agreement, along with our Digital Privacy and Interest-Based Advertising Policy, we are striving to provide you with a good understanding of why we collect and use your personal information, how your information is shared, retained and protected, and how you can exercise your personal choices. We will also explain how you can find out what personal information we hold about you. When you apply or sign-up for a product or service that requires further explanation about how we use your personal information, we will explain that to you.

This Privacy Agreement and our Digital Privacy and Interest-Based Advertising Policy applies to MD (“we” or “us”).

Our privacy framework

We have established a privacy framework that sets out the structure and accountability for the secure and respectful treatment of personal information. Our privacy framework is overseen by a dedicated Privacy Officer, led by our Global Privacy Officer.

You can contact our Privacy Office using the contact information at the end of this Privacy Agreement.

What is personal information?

“Personal information” generally means any information that can be used, either alone or in combination with other information, to identify an individual. This includes information such as your name, mailing address, e-mail address, telephone number, or any other contact details. It may also include other types of more technical information, but only when this information can identify you as an individual, such as your IP address, the device you use to access our website or app and details on your usage of our website or app. Information that is anonymized and cannot be associated with an identifiable individual is not considered to be personal information.

Why we collect and use personal information

We collect and use personal information to establish and manage our relationship with you, provide you with personalized products and services, manage our business, and comply with legal and regulatory requirements. We will give you some examples to explain each one of these purposes.

To establish and manage our relationship

We collect and use personal information to establish and maintain our relationship and provide you with the products and services you have requested.

  • We need to confirm who you are and verify the information you have provided to us: We will ask for your name, address, telephone numbers (including mobile), email address, and date of birth, and may ask for other forms of identification such as a valid driver’s licence, passport or a recent utility bill. We may also ask for certain biometric information, like a fingerprint or a voiceprint to securely verify your identity. We may ask you for your SIN to confirm your identity and ensure we obtain accurate information from credit reporting agencies. Providing your SIN for these identity verification purposes is optional. To withdraw your consent for the use of your SIN for identity verification purposes, you may contact us under “How to refuse or withdraw your consent” as set out below. For corporate clients, we need to collect the signing officers’ names and other personal details.
  • We need to assess your eligibility and suitability for our products and services: When you apply for a product such as a line of credit,1 or investment product, or agree to act as a guarantor, we may ask about your credit and payment history, education, employment, annual income, assets and liabilities. We may need information about how you intend to use the product or service and the source of any incoming funds or assets or the source of any down payment.
  • We need to communicate with you: We may communicate with you by phone, fax, mail, email, SMS text message or other electronic means to provide you with information related to the products and services you hold with us, or to collect on a debt owed to us. You can also choose to sign-up to receive alerts (including push notifications) regarding your account, in addition to electronic alerts we may send you to comply with regulatory requirements.
  • We may need information about related parties to establish and manage our relationship with you: In some circumstances, we may need information about your spouse, legal guardian, beneficiaries or personal representatives.
  • We may need certain credit-related information: We obtain credit and other information about you from credit reporting agencies on an ongoing basis. We use this information to assess your application, verify your identity and your current and ongoing creditworthiness, update our records, and help us to determine your eligibility for other products and services, to manage and assess our risks and to help us help you manage your credit responsibly. Your consent is effective for as long as you have the product or service with MD. The information we obtain from credit reporting agencies may include the types and amounts of credit advanced to you, payment histories, collection actions, legal proceedings, previous bankruptcies and other information reported by your creditors.

    We obtain your credit information from the following credit reporting agencies, and you can contact them to obtain a copy of your credit report:

  • We may need additional information for insurance services:2 When you apply for or accept insurance offered by us, we collect additional personal information. We and our insurance providers require this personal information to assess insurance risk and to establish and administer the insurance coverage, including the assessment of claims. For certain insurance products and services, we may ask for some health information.

To provide you with personalized products and services

We collect and use personal information to provide you with personalized products and services and information about products and services that may be of interest to you.

  • We collect and use information to personalize your experience with us, including: to better understand your needs and preferences including through data analytics; to personalize your experience on our websites and mobile applications; to provide you with tailored communications and offers.
  • We collect and use information to provide you with marketing communications: We may contact you by phone, fax, mail, email, SMS text message or other electronic means about new products and services, offers, events and promotions. Our communications may be tailored based on information that we have about you. If you do not wish to receive these communications, you can withdraw your consent at any time by following the instructions under “How to update your marketing choices” below.

    If you sign-up to receive electronic messages (such as emails and SMS text messages) from the MD, or the Scotiabank group of companies, we will each send you communications about our products and services, offers, events, and other valuable information. We may also send you information about the products and services of Scotiabank’s trusted partners that may be of interest to you.

    Scotiabank is present on social media platforms, such as Facebook, Instagram, and X (Twitter). When you interact with our social media accounts, for example, if you “like” our page or make comments, we may collect certain information about you, such as any information you may provide in the comments you publish on our account page and the direct messages you send us. The information we collect depends on what these social media platforms share with us based on the privacy settings you have selected. We suggest you consult the privacy policies of these social media platforms to learn more.

    We may also use services provided by third-party platforms (such as social networking and other websites) to serve relevant advertisements on such platforms to you and others. We may provide a de-identified version of your email address to the platform provider for such purposes. To opt-out of the use of your information for these purposes, you can unsubscribe from receiving email marketing communications by following the instructions under “How to update your marketing choices” below.

  • We collect and use information when you participate in a contest, survey, or promotion: If you participate in a contest, survey or promotion, we may collect your name, address, phone number, email address, and other information or responses you provide. We use this information to administer your participation in the contest or promotion and as otherwise described to you when you enter. The information obtained through our surveys is used in an aggregated form, unless you provide us with your consent. We use this information to help us understand our clients and to improve our products and services. If a contest or promotion is administered by a third party (such as a loyalty program partner), we may share information with the third party as described to you at the time of entry into the contest or promotion.

To manage our business

We collect and use personal information to operate and manage our business and business relationships.

  • We collect and use information to prevent and detect fraud and criminal activity and secure our premises: We may ask you for any additional information required to investigate matters, settle any claim or report a matter to the appropriate authorities. We also conduct video surveillance in and around our offices and other locations for the purpose of safeguarding our clients and employees and protecting against theft, fraud and vandalism.
  • We collect and use information when you contact us: We record telephone calls for training and quality assurance purposes. We will tell you when we are recording a call.
  • We collect and use information to collect debts, enforce obligations and to manage and assess risk.
  • We collect and use information to manage our business relationships: For example, we collect personal information from employees or other representatives of our suppliers and contractors that is necessary for them to do business with us.
  • We use and analyze the information we collect to better understand our clients, improve our products and services, and to prevent and detect fraud.

To comply with legal and regulatory requirements

We are required to collect and use personal information to meet legal and regulatory requirements.

  • We collect and use personal information that may be required for anti-money laundering and “know your client” requirements and other applicable legal or regulatory requirements.
  • We also need to collect, use and disclose your SIN for income tax reporting purposes and to fulfil other regulatory requirements, as required by law.

Why we use automated processing and decision making

The way we analyze your personal information may involve automated decisions. That is, we may process your personal information using software that can evaluate your personal circumstances and other factors to address risks or outcomes. We may use such methods to make decisions about you relating to credit checks, identity and address checks, monitoring your account for fraud or other financial crime, or for other reasons that we’ll disclose to you. We may use automated decision making if it’s necessary for us to provide you with a particular product (for example, we may use it to decide on the types of services that are suitable for you), to prevent fraud or financial crime, or if it’s reasonable to ensure that we’re treating our customers fairly.

Why we share your personal information

MD may share your personal information with third parties for the purposes described below.

  • We may share information with members of the Scotiabank group of companies: We may share personal information with members of the Scotiabank group of companies who provide operational, administrative and support services on our behalf, to meet legal and regulatory obligations, for fraud prevention purposes, and to perform analytics.

    Members of the Scotiabank group of companies may be located outside of your province of residence or outside of Canada, and your personal information maybe accessed or processed in the United States or other jurisdictions. For a list of Scotiabank’s principal affiliates and subsidiaries enterprise-wide, please refer to the most recent Annual Report.

    We may share your personal information with other members of the Scotiabank group of companies so that they may contact you for the purposes of marketing, including telemarketing, or to help you manage your credit responsibly. You can withdraw your consent to the disclosure of your personal information to other Scotiabank companies for marketing at any time. See “How to update your marketing choices” for more information.

  • We may share information with our service providers: We may use third party service providers to process or handle personal information on our behalf. Our service providers assist us with various services such as printing, postal and electronic mail distribution, marketing (including by telephone and electronic means), advertising, analytics, customer service, and processing, authorizing and authenticating your transactions.

    When personal information is provided to our service providers, we will require them to protect the information in a manner that is consistent with MD privacy and security policies, practices and standards.

    Some of our service providers are located outside of your province of residence or outside of Canada and your personal information may be accessed or processed in the United States or other jurisdictions.

  • We may share information with other trusted business partners: We may share information with our partners for marketing or other servicing purposes. For example, if you sign-up to receive communications from our trusted business partners, we share your personal information with our trusted partners so that they may contact you for the purposes of marketing, including telemarketing. You can withdraw your consent to the disclosure of your personal information with these partners at any time. See “How to update your marketing choices” below for more information.
  • We may share information with your joint account holders, representatives, executors and beneficiaries: We share personal information with joint account holders or representatives (such as a legal guardian, power of attorney, procuration or lawyer). Joint account holders will each have access to all of the account history and transaction details for the account. We may also share personal information with your (or your joint account holder’s) estate representatives or beneficiaries where reasonably necessary to administer the estate.
  • We may share information with third parties in connection with a prospective business transaction: If we sell a company or a portion of the business or assets of a Scotiabank company, or in the event we sell, assign or securitize your loan, mortgage or other debt, we may provide information we hold about you to the prospective purchaser or investor. The personal information we disclose in such circumstances may include financial information obtained in support of your loan, mortgage or other debt.
  • We may share information to meet legal requirements: MD may disclose personal information where we are required or permitted to do so by applicable law. This may be:
    • To other organizations for the purposes of investigating a breach of an agreement or contravention of law or to detect, suppress or prevent fraud.
    • to establish, exercise or defend legal claims;
    • to protect the rights, property and safety of MD, Scotiabank and others.
    • to courts, law enforcement and regulatory authorities in the jurisdictions in which we or our service providers operate, including to respond to a local or foreign court order, search warrant or other demand or request which we believe to be valid.
    • to comply with the rules of production of a local or foreign court.
    • to satisfy legal and regulatory requirements that we believe are applicable to us, including the requirements of any self-regulatory organizations to which we belong.
  • We may share information in accordance with your requests or as you otherwise consent. In some cases, your consent may be “implied”, meaning that your agreement is assumed based on your action or inaction at the point of processing your personal data. You may withdraw your consent to our collection, use or disclosure of your personal information under “How to refuse or withdraw your consent” as set out below.

How we protect and retain personal information

We have implemented measures designed to safeguard the personal information in our custody and control against theft, loss and unauthorized access, use, and disclosure.

We restrict access to personal information to employees and authorized service providers who require access to fulfil their job requirements.

We may keep and use information about you in our records for as long as it is needed for the purposes described above, or to otherwise meet our legal obligations, even if you are no longer a client.

How we maintain accurate personal information

We require accurate, complete and up-to-date records to provide our products and services, and we have implemented processes to help ensure this.

We also rely on you to provide us with information that is true and complete. If any personal information changes or becomes inaccurate or out of date, please contact your MD Advisor3 or advise us using the contact information set out below so we can update our records.

How to refuse or withdraw your consent

You can refuse to consent to our collection, use or disclosure of personal information, or you may withdraw your consent to our further collection, use or disclosure of your personal information at any time by giving us reasonable notice, subject to limited exceptions. This includes withdrawing your consent for MD to use your SIN to verify credit information to confirm your identity.

If you wish to withdraw consent, you may do so at any time by contacting the MD Chief Privacy Officer as set out at the end of this Privacy Agreement.

Depending on the circumstances, your withdrawal of consent may prevent us from providing you, or continuing to provide you, with some products and services, the ability to access certain products and services, or information that may be of value to you.

In addition, we may have legal, regulatory or contractual obligations to collect, use or disclose certain of your personal information, in which case you may not withdraw your consent. For example, during the term of a loan, you may not withdraw your consent to our ongoing collection, use or disclosure of your personal information in connection with the loan you have with us or have guaranteed.

You also cannot refuse to consent to our collection, use and disclosure of personal information required by our regulators, including self-regulatory organizations.

We will act on your instructions as quickly as possible but there may be certain uses of your information that we may not be able to stop immediately.

How to update your marketing choices

You can update your marketing communication preferences at any time by contacting the office you deal with or call us toll free at 1 800 267-2332.

You can also withdraw your consent to receive specific types of communications as set out below:

  • To opt-out of email communications, click on the “update preferences” link included in each of our communications.
  • To opt-out of receiving SMS text messages, respond to any message by texting “STOP”.
  • You may also adjust your InfoAlert settings within our mobile app or the MD OnLine portal (note we may still send you electronic alerts to comply with regulatory requirements).
  • To opt-out of interest-based advertising, see our Digital Privacy and Interest-Based Advertising Policy.
  • To opt-out of the sharing of your personal information with trusted partners or members of the Scotiabank group of companies, contact us using the contact information set out above.
  • To opt-out of direct mail and phone marketing communications, contact us using the contact information set out above.

You may continue to receive certain types of communications, including electronic messages or offers from MD, even after you have withdrawn your consent or unsubscribed to emails, for example: messages sent from the MyMD portal, messages sent in response to specific inquiries, or messages to satisfy a legal obligation or for debt collection purposes or to enforce or provide you with notice of an existing or pending right. In addition, if you visit your MD Advisor at the office or contact us by telephone or online (including through the MyMD portal), we may make certain offers to you.

How to access or update your personal information

You can request to access or update the personal information we hold about you. Much of this information is already accessible by you, for example: through your account statements; by contacting your MD Advisor; by accessing your account online; or through the MD Client Services Centre. However, to access any other personal information about you, please send a request in writing to the MD Privacy Office using the contact information included at the end of this Agreement.

To process your request, we may ask you for information to validate your identity and confirm the scope of your request, such as your office and account number, and clarification on the specific information or time period you are requesting.

We may not be able to provide you with access to your personal information in certain circumstances, such as where your request includes personal information about a third party that cannot be removed, or when the information you are requesting is protected by legal privilege.

MD may charge you a nominal access fee depending on the nature of your request. We will advise you of the fee, if any, prior to proceeding with your request.

If you have a sensory disability, you may request that your personal information be made available in an alternative format.

How we notify you of changes to this privacy agreement

We may amend this Agreement from time to time to reflect changes in our personal information practices. We will post the revised Agreement on our website and make it available at our offices.

We may also notify you of any changes to this Agreement in any of the following ways:

  • A digital channel such as a mobile app or email;
  • A notice on the MD website or your MyMD portal.

Policies & Procedures Regarding Personal Information

We have established and implemented governance policies and procedures approved by the Global Privacy Officer and owned by the Enterprise Privacy Office regarding personal information to ensure its protection. These documents provide a framework for the retention and destruction of the information, define the roles and responsibilities of personnel, and provide a process for responding to inquiries regarding the protection of the information. A list of the policies and procedures is below:

  • Privacy Risk Management Framework - Provides an overview of the key governance components for the oversight and management of Privacy Risk. Serves as an overarching framework for material elements of Privacy Risk management activities and is a source document to which all other Privacy Risk policies and procedures are aligned.
  • Privacy Risk Management Policy - Provides a description of the general policies and principles applicable to Privacy Risk Management. It is part of the effective management and mitigation of Privacy Risk.
  • Roles and Responsibilities Matrix of the Privacy Risk Management Program - This tool identifies roles and responsibilities associated with tasks.
  • Access to Personal Information Procedures – Sets out the framework for handling access requests and requests to amend personal information pursuant to applicable laws. The Procedures are part of the Privacy Risk Management Program.
  • Privacy Case Management Tool Governance Procedures – A privacy case management tool is a system used to track privacy-related incidents in a centralized location and to report that data to the relevant personnel. The governance procedures outline the structure and process for decision-making, accountability, and control relating to the relevant privacy-related incidents tracked by the tool.
  • Guidelines for Use of PII in Digital Initiatives - Provides an overview of the privacy implications that must be considered when devising a digital initiative involving personal information. These Guidelines assist employees to distinguish between permissible and impermissible uses of personal information.
  • Incident & Breach Management Procedures – Provides steps for handling Privacy Concerns that impact the company and its customers, employees or other individuals.
  • Privacy Impact Assessment Procedures - Outlines the processes involved to complete a Privacy Impact Assessment. These Procedures are part of the Company’s Privacy Risk Management Program.
  • Employee Privacy Policy - Sets out how the Company collects, uses, discloses and otherwise manages personal information of its employees while administering and managing the employment relationship.
  • Enterprise Records Management Policy — Establishes foundational principles applied across the Company to facilitate the creation, retrieval, use, maintenance, retention, and disposition of records in a manner consistent with the Company’s business priorities and applicable legal and regulatory requirements.

For more information on how we protect your information, please refer to our Cyber Security and Fraud Hub and Code of Conduct.

How to contact us

If you have an inquiry about MD’s privacy practices or how we and our service providers treat your personal information, please contact your MD Advisor or call us toll free at 1 800 265-4022. If your office is not able to resolve your concern to your satisfaction, you can contact the MD Privacy Office :

Tel.: 1 800 267-4022
Email: Privacy-MD@md.ca
Letter: Privacy Office 1870 Alta Vista Dr.
Ottawa ON K1G 6R7

MD has policies and procedures to receive, investigate, and respond to your privacy complaints and questions. We will investigate all complaints we receive and if we find a complaint justified, we will try to resolve it.

If you are not satisfied, you may file a complaint with the Office of the Privacy Commissioner of Canada:

30 Victoria St.
Gatineau QC K1A 1H3
Toll-free: 1 800 282-1376
Phone: 819 994-5444
TTY: 819 994-6591
www.priv.gc.ca

Language

Quebec Residents Only / Résidents du Québec seulement: You acknowledge that the French and English versions of this agreement were remitted to you. You expressly request and agree to be bound exclusively by the English version of this agreement and that all related documents, including any notices, be drafted in English only. Vous reconnaissez que les versions française et anglaise de cette convention vous ont été remises. Vous demandez et acceptez expressément d'être lié exclusivement par la version anglaise de cette convention et que tous les documents qui s’y rattachent, y compris tous avis, soient rédigés en anglais seulement.

1 Banking and credit products and services are offered by The Bank of Nova Scotia “Scotiabank”. Credit and lending products are subject to credit approval by Scotiabank

2 All insurance products are sold through Scotia Wealth Insurance Services Inc., an insurance agency and subsidiary of Scotia Capital Inc., a member of the Scotiabank group of companies. When discussing life insurance products, advisors are acting as Insurance Advisors (Financial Security Advisors in Quebec) representing Scotia Wealth Insurance Services Inc.

3 MD Advisor refers to an MD Management Limited Financial Consultant or Investment Advisor (in Quebec), or an MD Private Investment Counsel Portfolio Manager.

MD Financial Management provides financial products and services, the MD Family of Funds and investment counselling services through the MD Group of Companies and Scotia Wealth Insurance Services Inc. For a detailed list of the MD Group of Companies visit md.ca and visit scotiawealthmanagement.com for more information on Scotia Wealth Insurance Services Inc.