RFA Bank of Canada and its affiliates (”we”, “us,” the "Bank," or “RFA”) recognizes the importance of protecting individual privacy and the sensitivity and confidentiality of personal information. This Privacy Policy outlines how RFA manages customer personal information and safeguards individual privacy.

Our Privacy Code and Online Privacy Statement form part of this policy, and define our adherence to principles of personal information management.

To download a copy of our Privacy Code, please click here.

To download a copy of our Online Privacy Statement, please click here.

Collecting Your Personal Information
RFA collects personal information from you, from your interactions with us and from other sources in order to make credit decisions about potential customers, to confirm identity and to prevent fraud, money laundering and other criminal activity, to understand customer needs, to determine suitability or eligibility of products and services, comply with applicable laws, collect on outstanding debt as well as to administer or service our products and services.

As described in more detail in this policy, when you apply for, provide a guarantee in respect of, use any product or service or otherwise conduct business with us and while you are our current or former customer, we collect personal information about you such as:

  • Your name, address, occupation, date of birth and other information about you in order to confirm your identity
  • information about your credit history, financial affairs including sources and amount of your income, employment status, tax information, assets and liabilities
  • information concerning your current and prior dealings with us
  • information about your transactions, including payment history and account activity
  • information about your online presence as well as browsing activity, browser and device information
  • information about your tax status (to comply with regulatory requirements for deposit-related products)
  • information about beneficial owners, third party beneficiaries, intermediaries and other parties which is relevant to our dealings with your and otherwise as may be required by law
  • other information that we may need in order to provide you with a specific product or service
  • other information with your consent, or as permitted or required by law

We may also monitor and/or record communication between you and our representatives (e.g., telephone discussions, email conversations). We do this in order to ensure accuracy and for training purposes.

It is important to note that in connection with your application for a product or service as well as the ongoing administration and servicing of that product or service (and as further described in this policy) we may use, obtain, verify, share and exchange credit and other information about you with others (including by way of example credit bureaus, mortgage insurers, originating brokers, real estate appraisers, your employer, creditor insurers, registries, public and private databases and other persons with whom you may have financial dealings, as well as any other person as may be permitted or required by law) for the purposes of, among other things, evaluating your current and ongoing creditworthiness, maintaining your credit history and helping to detect and deter fraud or other illegal activity. We may verify your personal information both before and after you obtain a product or service from us.

Per our Privacy Code, we will seek consent before collecting personal information. Generally, you will be asked to provide written consent, but in some circumstances, we may accept verbal consent or determine that consent is implied through your conduct.

Use of Your Personal Information
We may use your personal information for the following purposes:

  • to verify your identity, including checking your name against national and international watch lists
  • to detect and protect against fraud and error
  • to evaluate your creditworthiness, including by obtaining information from credit agencies
  • to understand your product and service requirements or respond to an inquiry you have made concerning a product or service we offer
  • to evaluate and process your application for any product or service as well as other requests made by you
  • to provide you with products and services you have requested
  • to communicate with you including in connection with a request or inquiry you have made and process such request
  • in connection with the administration or servicing of products or services you obtain from us
  • to market a product or service to you whether directly, through an affiliate or through another institution with whom we have a strategic alliance
  • to determine your eligibility for our products and services and offer them to you
  • to help manage and assess our risks, operations and relationship with you
  • in order to help detect, prevent or deter money laundering, terrorist or other criminal activity
  • to maintain the accuracy and integrity of information held by us (or on our behalf) or a third party such as credit reporting agency
  • to comply with legal, regulatory, governmental and contractual requirements where it is necessary to establish or collect amounts owed to us

Sharing Your Personal Information

We may share your personal information:

  • with our employees, agents, administrators and service providers (some of whom may be located outside of Canada; as a result your personal information may be accessible to governmental, national security and regulatory authorities in accordance with the laws of these jurisdictions)
  • with other financial institutions to process payments or to verify information such as your identity
  • with payment card networks in order to operate or administer the payment card system that supports the products, services or accounts you may have with us
  • in response to a request from a governmental agency or regulatory body or to respond to a court order, search warrant or other demand or request we believe to be valid
  • to satisfy legal, audit, insurance and regulatory requirements applicable to us
  • with collection agencies, originating brokers or other third parties to help us collect a debt or enforce an obligation owed to us by you
  • with any person or organization, including an investigative body, in order to prevent, detect or suppress financial abuse, fraud, criminal activity, protect our assets and interests, assist us with any internal or external investigation into potentially illegal or suspicious activity or manage, defend or settle any actual or potential loss
  • if the information is already publicly known
  • if we sell, pledge or assign a mortgage or loan, or securitize it, sell parts of our business, or merge or amalgamate with other entities we may release the information we hold to the prospective purchaser or assignee as part of due diligence and on completion of the transaction, subject to confidentiality restrictions
  • with other lenders, mortgage insurers, originating brokers, credit reporting agencies and other third parties to support the credit process, product administration or servicing and, if necessary, our credit collection process

Updating Your Information
Since RFA uses personal information to provide its products and services, it is important that the information be accurate and up-to-date. If any information changes, you should inform us so that we can make any necessary changes.

Access to Personal Information
You may request access to or correction of the personal information we hold about you at any time by submitting a written request to the Chief Privacy Officer. We will respond to your access request within a reasonable time frame (i.e., 30 days) following receipt of all necessary information, or advise you if we require additional time. Summary information is available on request but more detailed requests, which may require archive or other retrieval costs, may be subject to a reasonable administration fee.

RFA may deny access to personal information in some circumstances including, but not limited to: when denial of access is required or authorized by law; when granting access would have an unreasonable impact on other people's privacy; when it is subject to solicitor- client privilege; when it has already been destroyed due to legal requirements or as provided for in this Privacy Policy; or to protect RFA's rights and property. If we are legally able to do so, we will inform you of the reasons that we were unable to provide you access.

Retention of Information
We have the right to retain personal information for as long as we reasonably believe it necessary to fulfill the purpose for which it was collected and to fulfill legal or business retention requirements. This may include customer service, legal or regulatory needs that require us to keep your Personal Information beyond the end of your relationship with us.

Protecting Your Personal Information
RFA endeavours to maintain adequate physical, procedural and technical security with respect to its offices and information storage facilities so as to prevent any loss, misuse, unauthorized access, disclosure or modification of personal information.

Authorized employees, agents, service providers, administrators and mandataries will have access to your personal information in order to perform their job functions.

If your personal information is shared with service providers, they will be bound by appropriate agreements with the Bank holding them to appropriate privacy standards.

Commercial Electronic Messages
We may market or offer you new and existing products and services by email or other electronic means. You may opt out of receiving these kinds of messages, but it is important note that we may still send you electronic messages concerning your dealings with us and the ongoing administration or servicing of products and services you have already obtained from us.

Contact Us
If you have any concerns regarding this Privacy Code or have any further questions, you may bring them to our attention as follows:

Office of the Chief Privacy Officer
RFA Bank of Canada
Suite 2401, 1 Yonge Street
Toronto, Ontario
M5E 1E5

If your concern remains unresolved by the Office of the Chief Privacy Officer, you may contact the Office of the Privacy Commissioner of Canada (OPC). The OPC oversees compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s private sector privacy law. You have the right to complain at any time to the OPC about any alleged mishandling of your personal information under PIPEDA.

Office of the Privacy Commissioner of Canada
3rd Floor, Place de Ville
112 Kent Street
Ottawa, Ontario
K1A 1H3
Call: 1.800.282.1376

We retain the right to amend this Policy from time to time. We encourage you to review our Privacy Policy whenever you interact with us to stay informed about our information practices, as your continued use of our services or provision of personal information constitutes your acceptance of any changes made to the Policy.


To download a copy of the Customer Privacy Policy as described on this page, please click here.