Neo Privacy Policy

Last updated: 18 May 2020

Your privacy is important to us. The personal information Neo Financial Technologies Inc. (“Neo”, “us” and “we”) collect about you is managed in accordance with this Privacy Policy (“Policy”).

1. Privacy Commitment and Personal Information

We collect, use and disclose personal information to operate our business and as required by law. Personal information is information about an identifiable individual, as defined in the Personal Information Protection and Electronic Documents Act and in any applicable provincial legislation, including the Alberta Personal Information Protection Act (PIPA).

2. Changes to Privacy Policy

This Policy describes our current privacy practices. We update this Policy on an ongoing basis to ensure consumers, applicants, customers, third party program merchants, and service providers, are aware of updates to our privacy practices, to streamline those practices and to comply with applicable laws. Consumers are individuals who are not currently our customers; applicants are individuals who apply to become our customers; and customers are individuals who have been approved, use or have used our products and services in the past. Please visit this site regularly for updates. We will also notify individuals with whom we have a relationship of any material changes that may impact them.

3. Accountability

Our Privacy Officer is responsible for ensuring that we comply with this Policy and applicable privacy laws.

We are responsible for personal information in our possession or custody, as well as personal information transferred to a third party for processing. More details on our third parties are provided below under “Limiting Use, Disclosure and Retention”.

4. Information We Collect, and Limiting Collection

Except where information is required to fulfill an identified purpose, you get to decide what information you want to share with us.

Contact details. We may collect information you provide, such as your name, phone number, address, city, email address, and marketing preferences if you visit or use our website or app, register or apply for one of our products or services, interact with us through social media or online ads, participate in surveys, or engage with us in any way. We may collect that information for uses as described in this Policy.

Information about you. If you apply or sign up for one of our products or services, depending on the product or service, we may collect information about you, including your name, date of birth, contact details, employment and occupation details, tax residency details, living situation, and financial information. We may collect information from credit reporting agencies and other outside sources to verify financial information about you, such as your employment and credit history. If you give us your SIN, we may use it to identify you with credit reporting agencies and, where applicable, governments for tax reporting purposes. When you provide authorized user information, we expect that you have the authority to consent to its collection, use, and disclosure as outlined in this Policy. We may keep the information described above along with other information about you in our records, even after your account is closed.

Digital and online information. We may collect information from your mobile and online activity; for example, information about your web browser, time zone, Internet Protocol (IP) address, mobile device ID, application and website use, and history. Cookies (small computer files that a website’s server places on your computer) collect information about your online behaviour. You can set your browser to reject cookies, but this may impair our ability to customize and test your experience, like remembering your preferred language or present location-specific information to you.

Transaction information. If you sign up for one of our products or services, depending on the product or service, we may collect information about your transactions, including purchases, account balances, fees, payment history, parties to transactions, card usage, and account usage. If you consent and provide account details for card or bank accounts with other providers, we may also collect and store transaction information from these accounts.

Usage information. If you sign up for one of our products or services, depending on the product or service, we may collect information regarding the use of our website and application, including screens visited and in-app behavior in order to monitor and improve the app.

Third party service providers. We may collect information about you from third parties that we have contracted with, such as credit reporting agencies or affiliates. We may collect publicly available information about you from online sources, or from surveys that you participate in. You may also enter into various services, agreements and reward and loyalty programs operated by third parties. The privacy policies of such third parties will apply to such transactions with third parties, and not this Policy.

Communication. When you have a telephone and online chat conversation with one of our representatives, your call and chat may be recorded for quality and training purposes, as well as to resolve concerns. If you choose to contact us by email or mail, we may retain your email address, the content of your communication and our responses.

5. Identifying Purposes

We will clearly identify the purposes for which personal information is collected, used or disclosed prior to, or at the time of, collection, and as in our customer agreements and disclosures.

We may use your information to contact you. Your information allows us to contact you by various methods, including mail, email, SMS message, app push notification, and telephone at the contact points you’ve provided to us. We will contact you to respond to your questions, proactively provide you with information about your accounts with us, inform you about our products and services, and update you on changes to our website, mobile app, and other digital services we provide. We may use your information to send you important updates about your application status and account opening disclosures, and important or useful messages about your accounts. When you communicate online or by email, you should be aware that sending information over the internet isn’t secure, as it can be intercepted or manipulated and retransmitted.

We may use your information to authenticate you. With your information, we can confirm your identity by sharing your information with credit agencies as well as third party identity verification providers to authenticate you when you apply for a product or service, to verify that it’s you we are speaking with when you call into our Customer Service to discuss your account, or identify you when you visit us online or on our mobile app.

We may use your information to assess your creditworthiness. With your information, we can assess your creditworthiness to determine your eligibility for products and services, and process your applications. This information is helpful for us to offer you product choices that are suitable for you. In order to do this, we will provide your information to, and collect information about you from credit reporting agencies (refer to section 7 (Limiting Use, Disclosure and Retention) for information on third party sharing).

We may use your information to service you. Your information may be used to maintain, service, process, analyze, audit and collect on your accounts. We may use your information to service your mobile account, optimize our website, perform analytics, and provide you with a unique user experience. We may also send notifications and support mobile payments with this information. When we issue you a new card, we may provide your new account information to facilitate your payments, pursuant to industry standards (refer to section 7 (Limiting Use, Disclosure and Retention) for information on third party sharing).

We may use your information to make improvements. We may use your personal information to evaluate existing products and services, develop new products and services, drive strategy and improve the customer experience we offer. Information we collect is also valuable for our quality and servicing training programs.

We also customize our website and mobile applications based on information collected, and use that information to understand and deliver products and services that you, and others who are similar to you, may find useful. The information is used to better understand our website and mobile application activity, and how users interact with our digital sites. It’s also used to monitor and improve our website and mobile applications.

We may use your information to prevent fraud. We may use your information to assess fraud and other risks to you and us, and to protect consumers, applicants, customers and providers from identity theft, fraud and unauthorized account access. When investigating fraud, we may ask for identification documents (such as a Canadian driver’s licence, Canadian passport, birth certificate, utility bill or bank statement, or other forms of identification).

We may use your information to provide you with offers, advertising and marketing. Elements of your personal information may be used to determine your suitability, or to directly communicate with you, for targeted advertising, marketing, promotions, rewards programs, research or contests. You may see advertisements for our products and services on our website, mobile applications or on third-party websites, based on your online or mobile activity and information you’ve shared with third parties.

We may use your personal information to identify you on third-party platforms you already use (such as Facebook and Twitter) and serve you ads through their marketing platforms. We may also use your information to identify you on third-party platforms (such as Facebook and Google), and then use the algorithms of those platforms to find other people with similar characteristics.

We may use your personal information to identify you on our third-party platforms you already use (such as Neo’s partnered merchant platforms) to attribute rewards redemptions to your respective third-party account.

Where your credit score is used for the purposes of advertising, express opt-in consent will be captured from you at the time of collection.

We may prevent you from seeing offers that are unsuitable for you, based on the information we know about you. For example, if you are already a customer, we don’t want to serve you ads for products and services you already have with us.

You can opt out of offers, advertising and marketing uses of your information, and opt out of the use of cookies by following the instructions in section 6 (Consent) below.

We may use your information to report. We may share application, transaction, authentication and “know your client” information with our banking partners, consumer reporting agencies, credit reporting agencies and other regulatory agencies as required by law.

6. Consent

If you apply for a product or service, communicate with us or provide personal information to us in any way, you acknowledge your consent for personal information collection, use and disclosure as set out in this Policy, applicable laws and industry standards. If we want to use your information for a purpose that was not disclosed at the time of initial consent, consent will be sought at the time of this new purpose.

Updating consent. Subject to legal and contractual restrictions, you can, with reasonable notice to us, withdraw your consent for use and disclosure of your personal information, other than that which is required for us to maintain your account and to provide services for which you were approved.

Opt out of mail, email and phone marketing. You can request that we don’t contact you for advertising, marketing, promotions, rewards programs, research or contests, by updating your privacy preferences. You should know that withdrawing your consent in these instances may result in you missing out on offers specific to your account, like credit limit increases.

To opt out of our email marketing list after you have opted in, you may use the unsubscribe link provided in any email marketing material you receive.

To update your privacy preferences outside of email marketing, please do so by emailing privacy@neofinancial.com.

You must opt out of the use of cookies separately.

Opt out of cookies used for Online Behavioural Advertising (“OBA”) You can adjust your browser to reject cookies by clicking on the “AdChoices” link embedded in many of our ads. We subscribe to the Digital Advertising Alliance of Canada’s Self-Regulatory Principles for OBA. These principles promote consumers’ awareness and choice about how their information is used for OBA. You can opt out of the use of your browsing habits for OBA – just visit the AdChoices website provided by the Digital Advertising Alliance of Canada, and use the opt-out mechanism.

7. Limiting Use, Disclosure and Retention

We limit use, disclosure and retention of personal information to the purposes we identify, and as required by applicable laws.

Third parties. We do not sell or rent customer lists or personal information to others. We may share your personal information with service providers who perform services for your account on our behalf (such as credit reporting agencies, identity verification services, card manufacturers, print suppliers, payment processing businesses, marketing, research, call centres, collections agencies, and other services as required to service you). Additionally, we may share anonymized and aggregated information with our third party program merchants in order to provide insights and analytics on their respective rewards programs. Our contracts with third parties include obligations to protect your personal information, and third parties must meet our rigorous privacy standards. When you engage with other companies directly, or contact us through their platforms, their use of the information they collect from you is subject to the terms of their privacy policies. We may share your information with regulators, courts or other institutions as required by law.

In particular:

  • Credit card issuers – We may share your information with the principal issuers of our credit cards, including the Neo Financial Mastercard issued by ATB Financial, for the purposes of regulatory reporting and compliance. Please note that issuers collect, use, disclose and otherwise handle your personal information in their role as the issuer of the card. The card issuer’s handling of your personal information is subject to their own privacy policy and is not governed by this privacy policy. We encourage you to review the privacy policy of the issuer of your card. The privacy policy of ATB Financial, the issuer of the Neo Financial Mastercard, can be found here: ATB Privacy Statement
  • Credit Reporting Agencies – We may share your information with the credit agency/agencies to make a decision about your application and other decisions about your account. Information shared may include the following: name; address; SIN; phone; account numbers and terms; date of birth; transaction records; credit information; customer performance data. In addition, we may share your information, including but not limited to credit information, with credit agency/agencies on an ongoing basis in order for our credit agency providers to maintain accurate consumer credit information within their databases in accordance with applicable laws. These credit agencies may, in turn, verify this information and disclose such information in its discretion to cooperate with local, provincial and national authorities in the investigation of unlawful, improper or fraudulent activities.
  • Payment Processors – We may share your information with our third party payment processors in order to generate credit card details and maintain access to the Mastercard network. Information shared may include the following: name; address; account numbers and terms; date of birth; transaction records; and payment records.
  • Third party verification providers – We may share your information with third party verification service providers, including those who maintain records relating to you telecommunications service providers, for the purposes of identity validation, risk assessment, and maintaining accurate contact details for your account. Information shared may include the following: name; address; SIN; phone; device information; location information, identification details, and ‘selfie’ photos for identification validation purposes.
  • Plastic manufacturers – We may share your information with the plastic manufacturer to issue your credit cards. Information shared may include the following: credit card number and details; name; and address.
  • Print suppliers – We may share your information with print suppliers to print letters and statements pertaining to your account. Information shared may include the following: last four digits of your credit card plastic number; name; address; and previous period transactions.
  • Payment processing suppliers – We may share your information with our payments processing suppliers to process your transactions and payments. Information shared may include the following: transaction information; account number; bank from which monies were extracted; and the name on the account of the bank.
  • Collections and law firms – We may share your information to help us collect a debt owed to us by you. Information shared may include the following: contact details, communication history, account details, and financial information.
  • Fraud detection services – We may use third parties to monitor your transactions to identify fraudulent activity on your account.
  • Mastercard – As part of the payment network, and pursuant to the Mastercard Automatic Billing Updater (ABU), Identity Check, and SecureCode programs as amended from time to time, or pursuant to other industry standards, we may update or provide information regarding your credit card or account. ABU facilitates the secure transmission of account updates to card-on-file and recurring payments merchants. ABU helps reduce the number of declined transactions due to card expirations, lost or stolen cards, and other account changes. SecureCode and Identity Check programs help verify purchases are yours through further authentication using passwords, one-time passcodes or biometrics.
  • Call centres and quality assurance providers – We may share access to your account information maintained on our financial systems, with call centres to service your account and provide you with customer support. We may share your customer experience with a third party to evaluate how we are doing, and ensure we are complying with applicable laws and regulations.
  • Marketing and research companies – We may share your information to understand and deliver products, services and offers that you, and others who are similar to you, may find useful. We may also share your information to block offers that you won’t find useful. This includes digital affiliates.
  • Program Merchants – We may share anonymized and aggregated information to deliver personalized offers and experiences to you. We may also share your identifying information with program merchants to attribute rewards to your account in their platforms. We contractually require our program merchants to only use personal information in accordance with the terms of such offers and experiences and their privacy policies. Please consult the privacy policies of our program merchants for any offers and experiences offered by such merchants through our services, as those privacy policies and not this Policy will apply with regard to the merchant.
  • Regulators, courts, law enforcement and other government institutions – We may share your information to resolve concerns and as required by law.

Assignees. We may, at any time, sell, transfer or assign any or all of our rights to our Canadian business, including our interests, rights or obligations regarding your accounts with us. If we do so, we may share your personal information with prospective purchasers, transferees or assignees.

Information processed outside Canada. Your personal information may be stored and processed with approved third parties within Belgium, Germany, Ireland, the Netherlands, the United Kingdom, and the United States. If a third party processes or stores information outside Canada, foreign governments, courts or regulatory agencies may therefore be able to obtain such personal information through the laws of the foreign jurisdiction.

8. Accuracy

We take steps to ensure that your personal information is as accurate, complete and up to date as is necessary for the purposes for which it is to be used.

If you believe that the personal information we have about you isn’t accurate or complete, please contact us by updating your information through our web or mobile apps, by calling the customer service number on the back of your card, or by writing to the Privacy Office. If you move, change your phone number, or change your email address, you are required to update your information with us.

9. Safeguards

We use procedures and practices appropriate to the sensitivity of personal information to protect against loss, theft and unauthorized access. Access to your information is restricted to those individuals and parties who require access.

For example, we have physical security (such as restricted access to our offices and secure storage), electronic protection (such as passwords and encryption) and safe business practices (such as customer authentication when you call us). We also train our staff on how to safeguard personal information.

While we take all reasonable measures to protect data, there is always inherent risk when providing personal information. You can help us safeguard your information too. If you contact us through email or social media, you should avoid sending highly sensitive information, such as your banking information or full credit card number. If someone purporting to represent us contacts you and requests your personal or financial information, and you are suspicious, you can always contact us to confirm that the request was legitimate. We also recommend that you use unique and strong passwords for your online accounts and that you don’t share your passwords with anyone.

10. Openness, Individual Access and Challenging Compliance

You can write to our Privacy Office to request access to the personal information we have on file for you. We will provide you with the personal information we have, subject to certain considerations specified by law. Some of the information we have on you, like your contact information and transactions, is available on your account statements.

You can contact Customer Service for general privacy inquiries or concerns: privacy@neofinancial.com

For more information about our Policy, or to raise a privacy concern, please contact our Privacy Office at the following address:

Attention: Privacy Officer
Neo Financial Technologies Inc.
200 - 632 Confluence Way SE
Calgary, AB
T2G0G1