Nesto is provided by Nesto Inc. (formerly 10319376 Canada Inc), Ontario Mortgage Brokerage licence number 13044
This Policy is incorporated into, and is subject to, our Terms of Service. Capitalized terms used but not defined in this Policy have the meaning ascribed in our Terms of Service.
This Policy applies to the Services, including to your interactions in the course of your use thereof whether by phone, email, online chat or otherwise. This Policy does not extend to websites, mobile applications or other services of third parties. We are therefore not liable for their privacy policies, procedures and practices.
By using the Services, by communicating with us or by agreeing to receive communications from us such as our newsletter and commercial electronic messages, you accept the terms and conditions of this Policy. If you do not agree with the terms and conditions of this Policy, or if you lack the capacity or authority to agree to these terms and conditions, do not install the App, browse the Site, or otherwise access or use the Services.
- Changes to this Policy
Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Site and the App, indicate the date of the latest version, and comply with applicable laws. Your continued use of the Site and the App after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy. If you disagree with any changes made to the Policy, please uninstall the App and cease to use the Services. Additionally, if you reinstall the App or restart using the Services, you are considered to have accepted the Policy then in effect.
- How we Collect Information
Some personal information is provided to us voluntarily by you (for example, when you create an account in order to use the Services) while some personal information is collected automatically (for example, when your browse the Site, cookies are placed on your Device (as defined in Section 3 below).
More precisely and without limitation, we collect your personal information in the following circumstances:
- When you create an account in order to use the Services;
- When you request our Services, such as when you request information about mortgages, or when you upload documents or information to your account;
- When you communicate with us by phone, email, online chat or otherwise;
- When you schedule a meeting with one of our representatives or advisors with regards to the Services;
- When you sign-up to our newsletter;
- When you interact with the digital content on the Site or on the App;
- When you participate in a contest or in a survey;
- When you post comments on the Site or on the App; and
- When you choose to give us permission to access your personal information from third party websites (for example, by linking to social media networks). When you do so, you allow us to collect information based on your settings and in accordance with the privacy policies of such Third Party Services. It is your responsibility to control your settings and to read and understand those policies.
- What Information Is Collected
- Personal Information
For the purpose of this Policy, “personal information” means information about an identifiable individual pursuant to the Personal Information Protection and Electronic Documents Act S.C. 2000, c.5.
For example and without limitation, we consider your given name, surname, date of birth, postal address, telephone number, mobile phone number and email address as personal information.
In order to provide you with the Services, we may be required to obtain from you sensitive information such as financial information (for example, your income, your assets, and your indebtedness), information from your employer (for example, an employment statement). We may also ask for your Social Insurance Number (SIN) so that we can provide your information to a credit reporting agency in order to perform a credit analysis. The SIN is the best way to ensure that the information we are provided by the reporting agency actually refers to you. Providing your SIN assists us with accurate and timely processing of your application.
- Information Collected Automatically
A cookie is an alphanumeric online identifier that is set on your computer, tablet or mobile (“Device”)when you use the Site or the App.
Cookies can be set by us on your Device or by a third party (such as our partners).
The Site and the App contain content from and hyperlinks to certain third parties’ websites, locations, platforms, and services (“Third Party Services”). In addition, the Site and the App contain cookies operated by third parties. For example, we use certain third party analytics services, such as Google Display Network Impression Reporting, Google Analytics Demographics and Interest Reporting and other integrated services that require Google Analytics to collect information, including the collection of information via cookies. Similarly, ad serving services, advertisers, and other third parties may use tracking technologies on the Site and on the App and on the Third Party Services to track your activities across time and services, and tailor ads to you based on your activities, which may include sending you an ad on a Third Party Service or third party device after you have left the Website.
In general, the information collected by cookies is not considered personal information since it cannot be used to identify you. You may set your Internet browser to reject cookies if desired; however, this may result in loss of functionality of certain features of the Site and the App.
- Information About Someone Else
- Children’s Information
We do not knowingly collect personal information from children through our Services. If you are a minor under the laws applicable to your place of residence, please do not submit to us any personal information without the express consent of a parent or guardian.
- How we Use Information
We take steps designed to ensure that only those employees who need access to your personal information to fulfill their employment duties will have access to it. We may use your personal information to:
- Manage the account creation process on the Site or on the App and, more generally, manage your account;
- Deliver the products and services you have requested through the Services;
- Design, maintain, analyze, manage, improve, market and provide products and services via the Site or the App;
- Help us perform transactions and verify your identity with the transaction you have requested;
- Provide access to the Site and the App;
- Respond to your queries, questions and comments;
- Perform quality assurance, marketing and other business analysis;
- Organize contests and other promotional activities;
- Contact you in connection with products and services you have requested;
- Communicate with you about changes to our policies;
- Send you surveys with regards to the Services, namely satisfaction surveys, in accordance with applicable laws or with your consent (if required);
- Understand your needs and interests and provide you with optimal services and personalized advertisements, services and products by performing profiling, where permitted under applicable laws or with your consent (if required);
- Improve the Site and the App performance, respond to your requests regarding the Site and the App, remember your preferences/settings with regards to the Site and the App;
- Send you specific information, promotional and marketing communications about us or third party products and services (for example, offers, discounts, newsletters and birthday communications), where permitted under applicable laws or with your consent (if required);
- Protect against error or fraud;
- Comply with legal and auditing requirements;
- Investigate breaches of the Terms of Service or the Policy; and
- Collect debts owed to us by you.
- Disclosure of Personal Information
In certain circumstances or in order to perform the Services, we may disclose your personal information with:
- Financial Institutions:
In order to provide you with the Services and the products and services that you have requested, we may share your personal information with financial institutions;
- Promotional Partners
We may share your personal information with third parties who may associate themselves with us for any activities such as contest and other promotions;
- An Acquirer, Successor or Assignee
In the event of change of ownership, sale, merger, liquidation, reorganization, acquisition of Nesto, in whole or in part, or in the event of any other business transactions or bankruptcy, your personal information may be transferred as part of the transaction;
- Law Enforcement, Governmental and Administrative Entities
We may disclose your personal information with law enforcement, government and administrative entities if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facility valid court order, judicial or other governmental subpoena or warrant, or to otherwise cooperate with law enforcement, governmental and administrative entities;
- Social Media Networks or other Service Providers
We may share your personal information with social media networks and other service providers to use their marketing tools for the purposes of target and look alike marketing. For example, we may use Customer Audiences from Facebook to match the people on our customer list with people on Facebook. This enables us to target our advertisements on Facebook to the audience that has been created by Facebook through its Customer Audiences tool.
Please note that once we share your personal information with a third party, it may become subject to such third party’s privacy practices. Please note that we make commercially reasonable efforts to have your personal information used by third parties in a manner that is consistent with this Policy.
- Storage of your Personal Information
While your personal information will be collected and stored on servers in Canada, it may be disclosed to, stored and/or otherwise processed by third parties who are located in other countries. For example, some of the service providers that process or handle personal information on our behalf are located outside of Canada. Regardless of where the processing of your personal information takes place, we will take steps to protect your personal information in accordance with this Policy, data protection laws, and where required by applicable laws, recognized data transfer mechanisms. While we use reasonable means to safeguard your personal information, it is subject to the legal requirements and governmental authorities of the foreign jurisdictions in which it is located. For example, we may be legally required to disclose personal information to a governmental authority of a foreign jurisdiction in which your personal information is located.
- Personal Information Security
We have adopted reasonable security procedures to help protect against loss or theft, unauthorized access, disclosure, copying, use, or modification to the personal information you provide to us. While we strive to protect your personal information, we cannot guarantee or warrant the security of any personal information you disclose or transmit via our Services and cannot be responsible for the loss, theft, unauthorized access, disclosure, copying, use, or modification of your personal information, unless such acts are the result of our gross negligence or wilful misconduct or unless otherwise provided by law.
- Retention Period
We will retain your personal information only as long as is necessary for the fulfillment of the purposes outlined in this Policy or for a longer period if required or permitted under applicable laws. Please note that if you merely unsubscribe from marketing communications such as the newsletter, we may nonetheless continue to use your personal information for marketing and business analytics purposes, unless you withdraw your consent to this activity by following the procedure set out in the “Withdrawal of Consent” section of this Policy.
- Right to Consult and Correct Personal Information
You have the right to consult all personal information that relates to you and that is held by us, and to correct any such personal information that is inaccurate or outdated.
Information stored in your account profile may be consulted through our Site or App and corrected directly by you if necessary.
Information collected by cookies is stored in cookie files located on your device, and thus can be accessed or modified by you without involving us.
For all other privacy-related requests, you may contact us via email using the contact information in the “Contact Us” section of this Policy. Depending on the nature of your request, a reasonable fee may be required before we transcribe, reproduce, or transmit your personal information.
- Withdrawal of Consent
You may withdraw your consent to our collection, use or disclosure of your personal information at any time by contacting us via email using the contact information in the “Contact Us” section of this Policy. However, before we implement the withdrawal of consent, we may require proof of your identity or quality.
In some cases, withdrawal of your consent to our collection, use or disclosure of personal information may mean that we will no longer be able to provide certain products or services to you, including access to the Site or the App.
- Anti-Spam Policy
We are committed to complying with Canada’s Anti-Spam Law as it may be amended from time to time, and any other applicable rules and regulations under or relating to Canada’s Anti-Spam Law.
Commercial Electronic Messages (CEMs)
All electronic messages that encourage participation in a commercial activity (CEMs) sent to you from us will be in compliance with the requirements of Canada’s Anti-Spam Law, including, without limitation:
- Sender identification and sender contact information;
- Any unsubscribe mechanism;
- The processing requests to no longer receive CEMs; and
- Ensuring that any CEM you receive from us includes a descriptive subject line consistent with the purpose for our contacting you.
In most cases, our CEMs provide you with the ability to unsubscribe or opt out of receiving our CEMs. Any “unsubscribe” link in our CEMs will remain operational for 60 days following the sending of the CEMs. When you unsubscribe using the links provided in our CEMs, your request will be processed as soon as possible, and no later than 10 business days after you send the request. Please note that even if you unsubscribe, there are certain contexts in which we can still send you messages.
We do not knowingly do business with any company that participates in sending spam.
Changes to this Anti-Spam Policy
We may amend this policy at any time by publishing a new version of it on this website.
If you have any questions or comments about this Policy or your personal information, or to make a request to access your personal information or have it corrected, please communicate with our Privacy Officer by email using the following contact information: firstname.lastname@example.org
[Last update: February 2020]