|
|
|
|
Introduction
Mint Technology Corp. and its subsidiaries (collectively
“Mint”) are committed to protecting the privacy and
security of individuals’ personal information. This Privacy
Policy (“Policy”) explains Mint’s
personal information handling practices. We encourage you to also read
Mint’s Terms of Use and Disclaimer, and the
Cardholder’s Agreement that is included with the delivery of
a prepaid card, as these documents work in conjunction with, and form a
part of this Policy. Our personal information handling practices comply
with Canada’s privacy legislation, such as the Personal
Information Protection and Electronics Documents Act
(“PIPEDA”). In this regard, privacy legislation
specifies a code of conduct for private sector organizations ensuring
that personal information is handled appropriately in observance of
internationally recognized privacy principles.
Definitions
Consent: A
voluntary agreement for the collection, use and/or disclosure of
personal information for identified purposes. To ensure meaningful
consent is obtained in accordance with applicable privacy legislation
from individuals (or the individual’s authorized
representative), Mint will provide individuals with reasonable notice
ensuring that individuals’ consents are provided to Mint on
an informed basis. There are two types of Consents that are obtained by
Mint.
- Explicit
Consent is clear, definite, direct and unmistakeable; it
does not require any inference on the part of Mint. Such consent may be
given orally or in writing.
- Implicit
Consent is reasonably inferred from the circumstances and is
manifested by action, inaction, facts, or silence which gives rise to a
presumption or inference that consent has been given. Such presumption
or inference arises from a course of conduct or relationship between
the parties, in which there is mutual acceptance or a lack of objection
under the circumstances signifying assent.
Personal Information:
Information about an identifiable individual. Such information may
include, but is not limited to an individual’s credit card
information, home address, personal email address, home phone number
and resume information. Note: Business
contact information (except work email address) and information
generally available to the public are not considered to be Personal
Information.
Third Party or Third Parties:
Individual or organization other than a customer, customer’s
agent or Mint.
Transfer(s):
Unlike disclosing Personal Information to a Third Party for that Third
Party’s use, Transfer of Personal Information involves an
agency relationship where a Third Party steps into the role of Mint to
carryout a function that would have otherwise been performed by Mint.
Management
Mint defines, documents, communicates and assigns accountability for
its privacy policies and procedures. Mint takes responsibility for
Personal Information under its custody and/or control and has
designated an individual as the Chief Privacy Officer who is
accountable for Mint's compliance with this Policy. Mint will make
readily available to individuals specific information about its
policies and procedures relating to the management of Personal
Information. If you have any questions relating to the management of
Personal Information by Mint and/or this Policy, please contact:
Mint
25 The Esplanade, STN A
P.O. Box 993
Toronto, ON M5W 1G5
ATTN: Customer Service Tel.:
416. 581. 0001 x200
Fax:
1.800.960.5385
Email: support@mintinc.com
Mint has implemented policies and procedures to give effect to this
Policy, including training and communicating to employees about
Mint’s policies and procedures. If Customer Service is unable
to satisfy your concerns about your Personal Information or this
Policy, Customer Service will escalate your concerns to
Mint’s Chief Privacy Officer.
Mint Transfers Personal Information to Third Parties for processing and
storage purposes. Such Personal Information may be Transferred across
provincial and national borders, in which case, the Personal
Information may become subject to the legislation of that jurisdiction.
Mint will only Transfer Personal Information upon Third Parties
executing agreements with Mint requiring them to protect the privacy
and confidentiality of the Personal Information provided to them for
purposes of performing their function(s) for Mint.
Mint’s website may from time to time contain links to Third
Party sites that are not governed by this Policy. Although Mint
endeavours to only link to websites with high privacy standards, this
Policy does not apply once you leave Mint’s website.
Additionally, we are not responsible for privacy procedures employed by
Third Party websites. Therefore, it is suggested that you review the
privacy policies of Third Party websites to learn how your Personal
Information may be collected, used and disclosed.
Notice
Mint provides notice about its privacy policies and procedures. Mint
identifies the purpose for which Personal Information is collected,
used and disclosed. Mint will identify the purpose for which Personal
information is collected at the time of collection, before collection
or as soon as practically able. Mint collects Personal Information for
the following reasons:
- To
establish and maintain reasonable commercial relations with Customers
to provide ongoing services associated with prepaid cards or gift
cards. For example, when an individual applies for a prepaid card
product from Mint or Mint’s card program partners, Mint
collects Personal Information to validate the individual’s
identity.
- To
understand Customers’ needs and preferences. For example,
Mint collects and maintains records of Mint services that individuals
have used in the past.
- To
Develop and enhance market services. For example, based on an
individual’s usage pattern of Mint services and products,
Mint may notify you about other Mint services and products that may be
of interest to you.
- To
meet legal and regulatory requirements. For example, Mint may be
required to disclose and/or retain Personal Information that was
collected to satisfy legislative requirements, such as the Proceeds
of Crime (Money Laundering) and Terrorist Financing Act.
- To
evaluate candidates and applicants who have submitted Personal
Information to Mint for employment consideration purposes.
Unless required or permitted by law, Mint will not use or disclose
Personal Information for a purpose not previously identified and
consented to by individuals.
Mint may share Personal Information with Third Parties so that they may
offer goods and services that may be of interest to individuals.
Individuals may modify or withdraw their consents to this practice by
contacting Mint’s Customer Service at the contact information
provided in this Policy.
Mint may update this Policy, including the Terms of Use and Disclaimer
from time to time. As such, Mint encourages individuals to review these
documents periodically which are available on Mint’s website.
Individuals may determine when this Policy was last updated by
referring to the “Revision Date” found at the top
of this webpage.
Choice and Consent
Prior to obtaining an individual’s Consent, Mint will
describe the choices available to the individual. Further to such
description about the choices, Mint will obtain Implicit or Explicit
Consent with respect to the collection, use and disclosure of Personal
Information except in special circumstances, such as during a fraud
investigation, investigation by the police, or in situations otherwise
permitted by law.
In most circumstances, Mint relies on Explicit Consent received
directly from an individual. In this respect, if the Personal
Information is of a sensitive nature, such as financial information,
Mint will obtain written, electronic, or oral Consent from the
individual before collecting, using or disclosing the Personal
Information. Mint may from time to time rely on Implicit Consent when
Consent may be reasonably inferred from the action or inaction of the
individual.
Mint will only require individuals to Consent to the collection, use
and disclosure of Personal Information as a condition of supplying the
requested goods and/or services only if such collection, use and
disclosure is required to fulfill the identified purposes. Mint will
not unreasonably withhold good and/or services or information from
individuals who refuse or withdraw their Consents.
An Individual may withdraw or modify his or her Consent at any time,
subject to legal and contractual restrictions, provided that reasonable
notice is given to Mint. However, if an individual withdraws or
modifies his or her Consent, the individual may not be made aware of
certain goods, services, events and promotions offered by Mint.
Consent may be withdrawn or modified by simply contacting
Mint’s Customer Service at the contact information provided
in this Policy. Upon receipt of an individual’s request to
modify or withdraw his or her consent, Mint may require up to 30 days
to complete the individual’s request. Some of
Mint’s promotions and marketing programs may already be in
progress when an individual submits his or her request. Therefore, the
individual may still be contacted during this time.
Collection
Mint collects Personal Information only for identified purposes. Mint
will only collect Personal Information by equitable and lawful means.
Individuals provide their Personal Information to Mint on a voluntary
basis. Upon providing Mint with Personal Information, individuals may
limit how Mint uses and discloses their Personal Information.
Mint also collects “cookies.” A cookie is a small
file created by a web server on your computer that can be referenced
when the website is visited or when a page on the website is visited.
Cookies cannot access files or other information stored on your
computer. Mint uses cookies to customize visitors’ experience
to its website; however, Mint never stores personal financial
information in cookies or uses cookies to track individuals’
Internet use after they leave Mint’s websites.
Use and Retention
Mint limits the use of Personal Information to the purposes identified
in this policy and at the time of collection for which the individual
has provided Explicit or Implicit Consent. In accordance with
established policies and procedures, Mint retains Personal Information
for only as long as necessary to fulfill the stated purposes, except
with the Consent of the individual or as required by law.
In accordance with established policies and procedures, Mint will
destroy or erase any Personal Information that is no longer required.
When Personal Information is destroyed or erased, Mint takes reasonable
steps to prevent unauthorized access.
Access
Mint provides individuals with access to their Personal Information for
review, update and correction. Upon request, Mint will inform an
individual about the existence, use and disclosure of his or her
Personal Information in the possession or control of Mint and shall
give access to that Personal Information. An individual may challenge
the accuracy and/or completeness of his or her Personal Information and
have it amended as appropriate. Individuals may access their Personal
Information by contacting Customer Service in writing to the contact
information provided in this Policy. Such access shall be provided in
accordance with Mint policies and procedures.
There is no cost for reasonable access to Personal Information, unless,
for example, an individual requires photocopies of Mint’s
records containing his or her Personal Information. Mint shall advise
individuals the cost, if any, prior to satisfying the access request.
Furthermore, prior to providing individuals with access to their
Personal Information, Mint will require additional Personal Information
to validate individuals’ entitlement to the information being
requested. Such information, including Personal Information will only
be used to determine individuals’ entitlement to the
requested information.
Mint will assist any individual who needs help preparing an access
request to his or her Personal Information. If the individual has a
sensory disability and upon request, Mint will give the individual
access to his or her Personal Information in an alternative format that
is suitable to the individual.
Mint will provide access to Personal Information or a response to an
individual’s access request with 30 days of receiving the
written request. In the event that access to Personal Information is
denied, Mint will explain the reason(s) for the denial and any recourse
that may be available to the individual, except where prohibited by
law.
Upon providing access to Personal Information, Mint shall provide an
accounting of the uses and disclosures of the Personal Information and
where reasonably able, shall state the source(s) of the Personal
Information. In providing an accounting of the disclosures, Mint shall
provide a list of organizations to which the Personal Information was
or may have been disclosed to.
Under certain circumstances, such as when Mint is unable to separate an
individual’s Personal Information from that of others, Mint
will not be able to provided access to such Personal Information.
If an individual is able to substantiate to Mint that an error or
incompleteness exists in his or her Personal Information in the
possession or control of Mint, Mint will appropriately amend or update
such Personal Information. If Mint chooses to not update or amend an
individual’s personal information, Mint will make a record of
the individuals concerns in the copies of the individual’s
Personal Information. If Mint updates or amends the Personal
Information and if necessary, Mint will communicate the substance of
the update or amendment to those who the Personal Information was
previously disclosed to by Mint.
Depending on the circumstances, where Personal Information has been
used to make a decision about an individual, Mint will retain such
Personal Information for a period of time that is reasonably sufficient
to allow the individual to access his or her Personal Information.
Disclosure
Mint discloses Personal Information to Third Parties only for purposes
identified herein and/or the purpose identified at the time of
collection. Such disclosures are made only with the Implicit or
Explicit Consent of the individual, except where required or permitted
by law.
Although highly unlikely, in some cases, such legal proceedings or
court orders, Mint may be required to disclose certain Personal
Information to authorities. Only Personal Information that is
specifically requested is disclosed and Mint shall take precautions to
satisfy itself that the authorities who are making the request have
legitimate grounds to do so.
In the event that Mint is merged with or is acquired by another
organization, Mint will ensure that such organization agrees to comply
with this Policy for the handling of Personal Information.
Additionally, where appropriate, Mint will make reasonable efforts to
notify you about the merger or the acquisition of Mint.
Security
Mint protects Personal Information against unauthorized access. In
accordance with established policies and procedures, Mint has security
safeguards in place to protect Personal Information. Personal
Information shall be protected by security safeguards appropriate to
the sensitivity of the Personal Information.
Security safeguards implemented by Mint include:
- Physical:
Locked doors and filing cabinets. Secure destruction of Personal
Information, regardless of the format;
- Technological:
Password protected computer systems and files; and
- Organizational:
Employees trained to understand the importance of safeguarding Personal
Information from loss and unauthorized access.
Notwithstanding that Mint has security safeguards in place
to protect Personal Information, individuals are encouraged to also
implement measures to protect themselves against unintended intrusions
to their personal privacy (e.g.: maintain access pass codes and/or PINs
in a confidential manner).
Quality
Mint maintains accurate, complete and relevant Personal Information for
the purposes identified. Accuracy of Personal Information will be
maintained so as to minimize the possibility that inappropriate
information may be used to make a decision about an individual.
Mint allows individuals to access, verify, update and correct their
Personal Information. Such access to Personal Information can be gained
by writing to Customer Service at the contact information provided in
this Policy. Mint encourages Customers to keep Mint posted with any
changes to their Personal Information that may be relevant to Mint for
the purposes for which it was collected.
If the Personal Information has been provided to a Third Party by Mint,
Mint will convey the corrected information to them, if necessary.
In accordance with established policies and procedures, Mint does not
routinely update individuals’ Personal Information unless
such process is necessary to fulfill the purposes for which the
Personal Information was collected.
Monitorign and Enforcement
Mint monitors its compliance with this Policy and has procedures in
place to address privacy related complaints and disputes. In this
regard, individuals may address their privacy related concerns to
Customer Service at the contact information provided in this Policy.
Mint’s Customer Service personnel are trained to handle most
day to day privacy related issues; however, if necessary, privacy
related issues may be escalated by Customer Service to Mint’s
Chief Privacy Officer who is accountable for Mint’s
compliance with this Policy.
Mint will respond to all inquiries, concerns and/or complaints about
its Personal Information handling practices. The regulatory body that
oversee Mint’s handling of Personal Information is the Office
of the Privacy Commissioner of Canada. For more information, please
visit www.privcom.gc.ca.
Every privacy related complaint will be acknowledged, recorded and
investigated and the results of the investigation will be provided to
the complainant. If the complaint is found to be justified, appropriate
measures will be taken, including, if necessary, amending
Mint’s policies and procedures relating to the handling of
Personal.
|
|
|
Overview