Skip Navigation

Our Privacy Commitment to You


At the OTIP Group of Companies1 (“OGC”), respecting your privacy and protecting your personal information is an important part of how we do business. We value the trust you have in us, and we are committed to protecting your privacy.

OGC's Privacy Policy

Accountability

We are accountable for all personal information in our possession or control, including any personal information transferred to third parties for processing.
 

Identifying the purposes for which information is collected

We will identify the type of personal information OGC collects, uses, and discloses and the reasons for collecting personal information before or at the time of collection. We will collect information for reasonable purposes as outlined in this policy as well as purposes described in the terms and conditions of any product, service, program, contest, promotion, or event. In addition to the member’s name, address, email, and telephone number, we may require information to:

  • establish one’s identity
  • understand one’s needs and eligibility for products, services and benefits
  • recommend products, services and coverage to meet one’s needs
  • make individuals aware of new products, services and benefits
  • provide individuals with ongoing services, establish and maintain communications and respond to enquiries
  • train employees and monitor for quality assurance
  • enable us to acquire or renew an insurance policy
  • provide rehabilitation recommendations and services
  • draft billings and conduct accounting services related to our products, services and benefits
  • conduct research and statistical analysis
  • investigate, evaluate, negotiate and settle claims
  • protect individuals and us from error or fraud
  • comply with legal requirements
 

Obtaining consent

We will obtain consent for the collection, use and disclosure of personal information, subject to certain legal, medical or security exceptions which may make it impracticable to seek consent. Individuals can provide consent to the collection, use and disclosure of their personal information expressly (oral, written, or electronic) or it may be implied depending on circumstances and sensitivity of the information. Consent may be given by the individual or by an authorized representative (such as a person having power of attorney, or a legal guardian). We may verify authorization by requesting identification of the representative and the reason for representation.
 
When quoting or issuing a policy, it is our understanding that in addition to the individual insured providing their consent, they have obtained consent from all persons named in the insurance policy for the collection, use and disclosure of their personal information, for the purposes outlined above.
 
Individuals can withdraw consent at any time. If this should happen, we will explain the implications of withdrawing consent.
 

Limiting the collection of personal information

We will limit the collection of personal information to only that which is needed to properly provide products, services, and benefits and to fulfill legal or regulatory requirements. Information will be collected by fair and lawful means. If a member’s information is being collected by telephone, the call may be recorded for the following reasons:

  • To establish a record of the information provided;
  • To verify instructions;
  • To maintain quality service;
  • To assist in staff training.


The information we gather about our members varies, depending on the request and/or the service provided and may be collected verbally, electronically or in writing. Examples of the types of information we may collect directly or indirectly include but is not limited to:

  • name, address, telephone number and e-mail address
  • date of birth, sex, and marital status
  • driving record, driver’s license number, vehicle information and proof of ownership
  • previous insurance history and claims experience
  • details of the property being insured
  • details related to any loss or injury
  • medical and health information
  • employment and income information
  • banking information and credit rating
  • identification numbers (including Social Insurance Number when legally required for financial and/or tax reporting reasons)

 
In most cases, we will collect the information directly from the individual, or from their authorized representative(s). In some cases, and with the individual’s consent, we may need to ask an independent source to verify or provide supplemental information. These sources could include service providers we retain, other insurance companies or financial institutions, employers, benefit administrators or credit reporting agencies. In the case of medical or health-related information, additional sources could include doctor(s), other healthcare providers or facilities. In some circumstances, we may collect personal information from public sources such as the internet or third-party service providers.

 

Limiting the use, disclosure, and retention of personal information

We will use or disclose personal information only for the purpose for which the information was collected, unless an individual gives consent to use or disclose it for another reason. Information may be disclosed to service providers and authorized agents/representatives who perform various functions for us. Individuals’ personal information may be disclosed to third parties in certain circumstances:

  • To employees, agents and representatives who need the information in the performance of their duties
  • To service providers, including third party administrators and insurers, who need the information in the performance of their duties for us, to provide service to the member, to resolve an individual’s concern, and to satisfy their obligations to us
  • To any person or organization an individual has provided consent to
  • To any person or organization authorized by law
  • To comply with laws, regulations, subpoena, or court order
  • To investigate and/or prevent fraud
  • To protect the personal safety of employees, members, or other third parties


In some cases, service providers may be located in other provinces or jurisdictions outside of Canada and personal information may be subject to the laws of those jurisdictions. When information is provided to our service providers, we will require them to protect the information in a manner that is consistent with our Privacy Policy, practices, and applicable laws.
 
We may, where not prohibited by law, consolidate, and share member personal information within the OTIP Group of Companies to better manage our business and the relationship we have with our members for the purposes described in this policy. Sensitive personal information, such as health and medical information, will never be shared or used for a purpose other than the original purpose for which it was collected without the individual’s consent.
 
As part of a business transaction, including the purchase or sale, merger or amalgamation or a financing arrangement pertaining to OGC’s business assets, we may be required to share members’ personal information with applicable third parties to complete such a transaction. 
 
We will keep personal information for as long as necessary for the identified purposes or as required by law.
 

Keeping personal information accurate

We will keep the personal information in our possession or control accurate, complete, current, and relevant based on the most recent information available to us. Individuals may challenge the accuracy and completeness of personal information about them and have it amended as appropriate. Depending on the nature of the information challenged, amendment involves the correction, deletion, or addition of information. Where appropriate the amended information will be transmitted to third parties having access to the information in question.
 

Safeguarding information

We will protect personal information within our custody with safeguards appropriate to the sensitivity of the information. We use reasonable physical, organizational, and technological safeguards and appropriate training of employees, to prevent the theft, loss, misuse, alteration, unauthorized access, or disclosure of personal information under our control. 
 
OGC uses emails, facsimiles, and other electronic transmissions (collectively “email”). Email cannot be guaranteed to be secure, unchanged, error free, or safe because such transmissions can be intercepted, diverted, altered, lost, or destroyed, and could arrive late or otherwise be adversely affected during initiation. OGC is not responsible for damages related to e-mail messages sent by individuals or e-mail messages sent by OGC to individuals at their request.
 

Openness

We will be open about the procedures used to manage personal information and upon request, we will provide specific information about our practices relating to the management of personal information.

Providing access to personal information

Upon request, we will advise individuals of the existence, use and disclosure of their personal information. Individuals can request to have their information amended or corrected. We will respond to an access to information request within the timelines prescribed by each province’s privacy legislation. It is important to verify that the individual requesting the information is in fact the person whom the information belongs to. For this reason, we require that all inquiries be in writing and that our responses, in writing, are sent to the address we have on file. Access to information will be provided at minimal cost.
 
We are unable to provide access to information in certain circumstances including:

  • if doing so would likely reveal personal information about a third party; however, if the third-party information can be removed, the remainder of the record can be provided
  • if the information is subject to lawyer client privilege or another form of privilege
  • if revealing the information would reveal confidential commercial information
  • if revealing the information could reasonably be expected to threaten the life or security of another individual
  • if providing access is prohibitively costly
  • if the information relates to the actual or suspected breach of a policy or other agreement or the breach of a Canadian law
  • if the information was generated in the course of a formal dispute resolution process

 

Questions and/or complaints about privacy

Individuals may challenge our information handling practices and/or our compliance with privacy legislation. Privacy complaints and inquiries should be directed to OGC’s Privacy Officer as outlined in the complaints process.
 

Privacy Complaint Process

If an individual has a privacy related concern or complaint, the employee will listen to the individual’s concerns, identify the problem, and offer solutions. If the situation cannot be resolved, the individual will be directed to contact OGC’s Privacy Office either by telephone or in writing.
 
Head Office
OGC Privacy Officer
P.O. Box 218
Waterloo ON  N2J 3Z9
1-800-267-6847
privacy@otip.com
 
Depending on the nature of the inquiry or complaint, we will:

  • acknowledge the inquiry
  • investigate the situation
  • respond in a timely manner
  • answer any questions related to our privacy policy
  • take measures to modify our personal information handling practices if necessary

______________________________________________________________________________________________________

1The OTIP Group of Companies includes:

  • Ontario Teachers Insurance Plan                                    

  • OTIP/RAEO Benefits Incorporated                                  

  • OTIP/RAEO Insurance Brokers Inc.                                                                                

  • Curo Claims Services Inc.

  • TW Insurance Services Ltd. (“Orbit Insurance Services”)

  • Assurance Jean Claude Leclerc Inc. (Orbit Insurance Services”) 


Updated June 1, 2023

Need help?
x
How can we help?