What is the purpose and scope of this Privacy Statement?
Your privacy is important to the Board of Trustees of the Ontario Public Service Employees’ Union Pension Plan (“OPTrust”, “we”, “our”, “us”). This Privacy Statement (“Statement”) is designed to help explain our privacy practices, including why we collect personal information (as defined below), what we do with that information, and how we protect it. This Statement applies to the personal information that OPTrust collects and uses, including the personal information of the members and retirees of the Ontario Public Service Employees’ Union Pension Plan (the “OPSEU Pension Plan” or simply, the “Plan”). The OPSEU Pension Plan consists of two schedules of benefits: the original schedule of benefits, referred to as the primary schedule of benefits, and OPTrust Select (i.e. OPTrust Select is not a separate pension plan).
This Statement applies to wherever we collect personal information, including online collection from optrust.com and optrustselect.com.
What is personal information?
Personal information is any information about an identified or identifiable individual. Information that cannot be reasonably associated with specific identifiable individuals (e.g. a statistic about our members, etc.), is not considered to be personal information, and is thus outside of the scope of this Statement.
References in this Statement to “processing” personal information should be understood to refer to anything done to the personal information (e.g. collection, use, sharing, destroying, etc.).
Accountability
We are responsible for personal information under our control. OPTrust identifies – in this Statement and elsewhere – the reasons (purposes) why we collect personal information.
We collect, use and disclose your personal information to achieve these purposes and as otherwise required or permitted by law. We do not sell any personal information. We do not disclose your personal information to third parties without your consent, except as set forth below or as required or permitted by law. Please see the notices set out here for further details about the personal information we collect from you and how we use and share such personal information.
Safeguards
We have implemented reasonable organizational, technical and physical measures designed to safeguard the personal information in our custody and control against theft, loss and unauthorized access, use, modification and disclosure. We restrict access to personal information on a need-to-know basis to employees and authorized service providers who require access to fulfil their job requirements.
Access to information
You can request access to, update and (if necessary) correct your personal information in our custody or control by emailing or writing to us at the contact information set out below. We may request certain additional personal information from you for the purpose of verifying your identity.
Artificial Intelligence
OPTrust and our service providers may enter your personal information into (or collect your personal information from) generative artificial intelligence tools to fulfill our purposes as expressed in this Statement or elsewhere. These tools help us and our service providers in internal business activities, such as evaluating data, identifying and limiting risks, automating tasks, developing new products or services, securing business systems, and other business purposes. OPTrust is committed to protecting your personal information in accordance with our Privacy Policy.
We are also dedicated to the ethical use of your personal information in the context of generative AI tools. To that end, we have developed processes to manage the use of these tools. If the content created by a generative AI tool has a significant impact on individuals, we may be required to evaluate the tool for its appropriateness, the sensitivity of the personal information being processed, the impact on individuals’ rights relating to their personal information, and the potential for bias in the tool.
Transfers outside of country
OPTrust and our service providers may transfer personal information collected in Canada outside of Canada. Before a transfer takes place, we will take reasonable steps to protect it from unauthorized uses and disclosures while it is in the hands of the third-party processor. This includes using contracts to provide a comparable level of protection.
Updates to this Privacy Statement
We will review this Statement annually and may update it periodically to reflect changes to our privacy practices or obligations. We encourage you to regularly review this page to ensure you are familiar with any such changes. We will indicate at the top of this Statement when it was most recently updated.
Contact Us
If you have any questions or comments about this Statement or how we process your personal information, or to request access to your personal information, please contact us at:
Privacy Officer 1-800-906-7738 Email
Please note, we specifically discourage the posting of any personal information on any OPTrust social media channels such as addresses, phone numbers, email addresses or other content relating to yourself or other individuals. We also discourage the use of unsecure email to send us personal information. Instead, we recommend that individuals who need to send us personal information do so using the secure email capability built into the “Contact Us” pages on optrust.com and optrustselect.com.
NOTICE TO MEMBERS / RETIREES / BENEFICIARIES OF THE PLAN
OPTrust collects various types of personal information from members, retirees and beneficiaries (referenced in this section as “you” or “your”) to administer the Plan. Collecting this personal information helps us better understand your needs, allows us to communicate more effectively with you and enables us to provide you with the services you want and the benefits to which you are entitled. We limit the collection of personal information to what is reasonably necessary to fulfill the purposes set forth in this section or to facilitate OPTrust’s compliance with legal or regulatory requirements. On becoming a member or retiree or beneficiary, you are deemed to provide your permission for OPTrust to obtain and use your personal information (in accordance with this Statement) to enable us to administer your pension benefits.
OPTrust collects personal information from various sources:
From you: You may provide personal information to us by mail, by email, over the telephone, through one of our websites, including your Online Services account, or through other communication channels.
From your participating employer(s): Your employer(s) provides OPTrust with various types of personal information when you first become a member, including your name, address, date of birth, SIN and salary information. This information is used to enroll you in the Plan. Periodically, employer(s) provide OPTrust with additional information about your salary, contributions, service and other applicable events, such as leaves of absence, termination, long-term disability, retirement date, and other information that OPTrust and employers must coordinate and share for the proper administration of your pension.
Other sources: On occasion, we may collect personal information about you from other sources, including from the Ontario Public Service Employees Union (if you are a member) with your consent or when authorized by law. We also collect personal information from certain other pension plans if members transfer from those plans to the Plan.
The personal information OPTrust collects varies depending on your relationship with us (e.g. member, beneficiary, spouse, etc.). Personal information we collect may include your:
Name
Contact information (e.g. home address, phone number, email address, etc.)
Government-issued identification (e.g. driver’s license) and identifiers (e.g. Social Insurance Numbers [SIN])
Date of birth
Employment information
Demographic information (e.g. biological sex), as needed for actuarial calculations related to your pension
Information about your marital status and relevant documents to verify marital status
Banking information (e.g. your bank account number and other account details to facilitate direct deposit payments)
OPTrust ID (internally generated unique account number associated with a single member)
Beneficiary information, including name, relationship to member/retiree, date of birth
Pension payment amount
Plan membership date
Power of attorney and/or other legal documents relating to the appointment of a substitute decision-maker
Health/medical information (e.g. information related to eligibility for long-term disability and other plan options or benefits based on your medical condition)
Information from a death certificate, divorce/settlement agreement, or a will
If you provide us, our service providers or our agents with personal information about another person (e.g. a spouse, a beneficiary, a power of attorney, etc.), you represent that you have all necessary authority (e.g. as a parent of a minor) and/or have obtained all necessary consents from all individuals so as to enable us to process the personal information of that individual for the purpose(s) specified in this Privacy Statement or as otherwise provided to you.
We use personal information for purposes related to the administration of your pension and the operations of the Plan, for communicating with you to discuss your pension or to update or supplement your personal information, to provide you with services you request or that you may be interested in or otherwise in accordance with your consent.
In addition to the information supplied above, some additional examples of how we use personal information about you include to:
Determine your eligibility for membership in the Plan.
Provide pension payments (or lump sums where applicable) and/or other benefits to you.
Verify your identity and membership status.
Produce and issue various personalized pension statements, notices and retirement or termination options documents to you.
Calculate your contributions, average annual salary, length of contributions to the Plan, pension payment amounts, pension service and determine eligibility for options/benefits, if any, that you are eligible to receive if you leave the Plan before retirement.
Contact you, if necessary, to discuss your pension or to update or supplement your personal information (e.g. requesting your current address).
With respect to SIN: Report income and information on forms to the Canada Revenue Agency (CRA), as required by law.
Determine spouse’s/beneficiary’s eligibility for and to provide eligible benefits.
Enable you to identify a third party to make decisions regarding your pension on your behalf and enable us to ensure we have proper authorization to take instructions from and communication with your designated third party.
Provide you with the services you have requested or that you may be interested in (e.g. in response to a question that you ask us).
Research, develop, manage and improve our services to you.
Perform functions required or authorized by law, including meeting our statutory and regulatory requirements.
Notify you of changes to your pension entitlement, your online portal profile or our website services, terms, conditions or policies and to provide you administrative messages, updates, legal notices, technical notices or security alerts.
Protect us and third parties from errors and fraud.
Monitor and investigate incidents and manage claims.
With respect to health information: Administer disability benefits.
If you decide to leave employment with an employer that participates in the Plan, we will continue to collect, use and disclose your personal information as necessary for fulfilling our contractual obligations with participating employers as well as with you to the extent permitted by applicable law, or as otherwise required or permitted by applicable law.
OPTrust collects various types of personal information from members, retirees and beneficiaries (referenced in this section as “you” or “your”) to administer the Plan. Collecting this personal information helps us better understand your needs, allows us to communicate more effectively with you and enables us to provide you with the services you want and the benefits to which you are entitled. We limit the collection of personal information to what is reasonably necessary to fulfill the purposes set forth in this section or to facilitate OPTrust’s compliance with legal or regulatory requirements. On becoming a member or retiree or beneficiary, you are deemed to provide your permission for OPTrust to obtain and use your personal information (in accordance with this Statement) to enable us to administer your pension benefits.
OPTrust collects personal information from various sources:
From you: You may provide personal information to us by mail, by email, over the telephone, through one of our websites, including your Online Services account, or through other communication channels.
From your participating employer(s): Your employer(s) provides OPTrust with various types of personal information when you first become a member, including your name, address, date of birth, SIN and salary information. This information is used to enroll you in the Plan. Periodically, employer(s) provide OPTrust with additional information about your salary, contributions, service and other applicable events, such as leaves of absence, termination, long-term disability, retirement date, and other information that OPTrust and employers must coordinate and share for the proper administration of your pension.
Other sources: On occasion, we may collect personal information about you from other sources, including from the Ontario Public Service Employees Union (if you are a member) with your consent or when authorized by law. We also collect personal information from certain other pension plans if members transfer from those plans to the Plan.
The personal information OPTrust collects varies depending on your relationship with us (e.g. member, beneficiary, spouse, etc.). Personal information we collect may include your:
Name
Contact information (e.g. home address, phone number, email address, etc.)
Government-issued identification (e.g. driver’s license) and identifiers (e.g. Social Insurance Numbers [SIN])
Date of birth
Employment information
Demographic information (e.g. biological sex), as needed for actuarial calculations related to your pension
Information about your marital status and relevant documents to verify marital status
Banking information (e.g. your bank account number and other account details to facilitate direct deposit payments)
OPTrust ID (internally generated unique account number associated with a single member)
Beneficiary information, including name, relationship to member/retiree, date of birth
Pension payment amount
Plan membership date
Power of attorney and/or other legal documents relating to the appointment of a substitute decision-maker
Health/medical information (e.g. information related to eligibility for long-term disability and other plan options or benefits based on your medical condition)
Information from a death certificate, divorce/settlement agreement, or a will
If you provide us, our service providers or our agents with personal information about another person (e.g. a spouse, a beneficiary, a power of attorney, etc.), you represent that you have all necessary authority (e.g. as a parent of a minor) and/or have obtained all necessary consents from all individuals so as to enable us to process the personal information of that individual for the purpose(s) specified in this Privacy Statement or as otherwise provided to you.
We use personal information for purposes related to the administration of your pension and the operations of the Plan, for communicating with you to discuss your pension or to update or supplement your personal information, to provide you with services you request or that you may be interested in or otherwise in accordance with your consent.
In addition to the information supplied above, some additional examples of how we use personal information about you include to:
Determine your eligibility for membership in the Plan.
Provide pension payments (or lump sums where applicable) and/or other benefits to you.
Verify your identity and membership status.
Produce and issue various personalized pension statements, notices and retirement or termination options documents to you.
Calculate your contributions, average annual salary, length of contributions to the Plan, pension payment amounts, pension service and determine eligibility for options/benefits, if any, that you are eligible to receive if you leave the Plan before retirement.
Contact you, if necessary, to discuss your pension or to update or supplement your personal information (e.g. requesting your current address).
With respect to SIN: Report income and information on forms to the Canada Revenue Agency (CRA), as required by law.
Determine spouse’s/beneficiary’s eligibility for and to provide eligible benefits.
Enable you to identify a third party to make decisions regarding your pension on your behalf and enable us to ensure we have proper authorization to take instructions from and communication with your designated third party.
Provide you with the services you have requested or that you may be interested in (e.g. in response to a question that you ask us).
Research, develop, manage and improve our services to you.
Perform functions required or authorized by law, including meeting our statutory and regulatory requirements.
Notify you of changes to your pension entitlement, your online portal profile or our website services, terms, conditions or policies and to provide you administrative messages, updates, legal notices, technical notices or security alerts.
Protect us and third parties from errors and fraud.
Monitor and investigate incidents and manage claims.
With respect to health information: Administer disability benefits.
If you decide to leave employment with an employer that participates in the Plan, we will continue to collect, use and disclose your personal information as necessary for fulfilling our contractual obligations with participating employers as well as with you to the extent permitted by applicable law, or as otherwise required or permitted by applicable law.
OPTrust shares your personal information with third parties when it is prudent to administer the Plan or to provide you with technical or other services related to your participation in the Plan (or as otherwise requested by you). These other third-party recipients may include:
Financial service providers (e.g. banks and payment service providers, payroll service providers): To facilitate pension payments, survivor/beneficiary benefits and other disbursements.
Medical advisors: OPTrust may disclose your personal information to medical advisors and/or other third-party administrators to assess eligibility for disability benefits and other Plan options and features based on your medical condition(s).
Engagement and marketing service providers (e.g. online analytics service providers, etc.): OPTrust may provide third-party survey services with members’ names and contact information to deliver or administer surveys relating to the Plan’s administration activities, and to collect, aggregate and analyze survey responses for OPTrust.
Information Technology Service Providers (e.g. information technology providers such as cloud hosting service providers, etc.): OPTrust uses various service providers in order to provide efficient and effective services to members and retirees. Due to the nature of certain services, this may require OPTrust to upload member personal information into software operated by those service providers (such as the company that manages OPTrust’s member web portal, etc.).
Our professional service providers (e.g. outside legal counsel, actuarial advisors, auditors, locator services, consultants, mailing services, etc.): To facilitate their work in supporting the administration of the Plan.
Other Canadian pension plan administrators: If needed, to facilitate transfer of assets to/from such other pension plan administrators and to determine eligibility for transfer.
Your employer: At times, OPTrust has to disclose certain personal information to your employer in order to administer your pension. In these circumstances, we only share personal information back to the employer that the employer originally provided to us.
Your legal representative: Your personal information may be disclosed to your designated legal guardian, appointed substitute decision maker, power of attorney or someone otherwise authorized by law, where such disclosure is necessary to administer the Plan or your services.
OPSEU/SEFPO: For those members who are in OPSEU/SEFPO, OPTrust may engage OPSEU/SEFPO to act as a service provider for the collection and processing of certain information either on a temporary or ongoing basis.
Judicial or regulatory governmental entities: Certain laws may permit or require the disclosure of personal information to assist governmental and law enforcement agencies.
One of the reasons that we process personal information is to communicate important information to members and retirees. Some of those communications are legally required, such as annual statement of benefits and notices of Plan amendments. You cannot opt out of receiving such communications. You may, however, select the method of receiving this information by writing to us (email@optrust.com), calling us toll-free (within Canada) at 1-800-906-7738, or contacting us through your Online Services account.
If you do not wish to receive optional communications, such as annual reports, you can simply select not to receive such communications or withdraw your consent by emailing email@optrust.com or calling us toll-free (within Canada) at 1-800-906-7738 or within your Online Services account. It is important to note, however, that if you do unsubscribe, there may be effects of that decision (e.g. you may not receive timely and important information).
OPTrust shares your personal information with third parties when it is prudent to administer the Plan or to provide you with technical or other services related to your participation in the Plan (or as otherwise requested by you). These other third-party recipients may include:
Financial service providers (e.g. banks and payment service providers, payroll service providers): To facilitate pension payments, survivor/beneficiary benefits and other disbursements.
Medical advisors: OPTrust may disclose your personal information to medical advisors and/or other third-party administrators to assess eligibility for disability benefits and other Plan options and features based on your medical condition(s).
Engagement and marketing service providers (e.g. online analytics service providers, etc.): OPTrust may provide third-party survey services with members’ names and contact information to deliver or administer surveys relating to the Plan’s administration activities, and to collect, aggregate and analyze survey responses for OPTrust.
Information Technology Service Providers (e.g. information technology providers such as cloud hosting service providers, etc.): OPTrust uses various service providers in order to provide efficient and effective services to members and retirees. Due to the nature of certain services, this may require OPTrust to upload member personal information into software operated by those service providers (such as the company that manages OPTrust’s member web portal, etc.).
Our professional service providers (e.g. outside legal counsel, actuarial advisors, auditors, locator services, consultants, mailing services, etc.): To facilitate their work in supporting the administration of the Plan.
Other Canadian pension plan administrators: If needed, to facilitate transfer of assets to/from such other pension plan administrators and to determine eligibility for transfer.
Your employer: At times, OPTrust has to disclose certain personal information to your employer in order to administer your pension. In these circumstances, we only share personal information back to the employer that the employer originally provided to us.
Your legal representative: Your personal information may be disclosed to your designated legal guardian, appointed substitute decision maker, power of attorney or someone otherwise authorized by law, where such disclosure is necessary to administer the Plan or your services.
OPSEU/SEFPO: For those members who are in OPSEU/SEFPO, OPTrust may engage OPSEU/SEFPO to act as a service provider for the collection and processing of certain information either on a temporary or ongoing basis.
Judicial or regulatory governmental entities: Certain laws may permit or require the disclosure of personal information to assist governmental and law enforcement agencies.
One of the reasons that we process personal information is to communicate important information to members and retirees. Some of those communications are legally required, such as annual statement of benefits and notices of Plan amendments. You cannot opt out of receiving such communications. You may, however, select the method of receiving this information by writing to us (email@optrust.com), calling us toll-free (within Canada) at 1-800-906-7738, or contacting us through your Online Services account.
If you do not wish to receive optional communications, such as annual reports, you can simply select not to receive such communications or withdraw your consent by emailing email@optrust.com or calling us toll-free (within Canada) at 1-800-906-7738 or within your Online Services account. It is important to note, however, that if you do unsubscribe, there may be effects of that decision (e.g. you may not receive timely and important information).
NOTICE TO JOB APPLICANTS
OPTrust collects various forms of personal information for various purposes to help ensure that job applicants (referred to as “you” or “your” in this section) receive appropriate consideration for positions at OPTrust. This personal information includes:
Name and contact information: To communicate with you and provide you with updates about your application and potentially to request additional information.
Prior employment experience and educational history, as well as other information provided to OPTrust (including attachments): To verify your qualifications meet position requirements and to assess your suitability for the identified role(s) at OPTrust.
Information included within background credit, criminal, education, employment and reference checks: To verify and vet your application for employment.
Proof of eligibility to work: To ensure that you are eligible to work in the country, as required by law.
Government identification: To verify identity.
We limit the collection of personal information to what is required to fulfill the purposes identified above, or otherwise in accordance with your consent, or as required by law.
OPTrust collects personal information regarding job applicants from several sources.
From the applicants themselves: Most of the personal information that OPTrust collects about applicants comes from the applicants themselves. This could be from materials submitted as a part of a job application, or from statements made during job interviews or as otherwise communicated to us. We may also collect personal information that you provide during assessments that you may complete as a part of the application process.
From third parties to whom you provided consent to share such information: References that you provide to OPTrust may be contacted to gather additional information about your performance, skills and knowledge.
From third-party service providers: Various third-party service providers, such as background check firms, will provide personal information relating to criminal, credit, education, employment and reference background checks in order to verify your suitability for a position at OPTrust.
Public sources of information: Information locatable online to review applicants’ profiles and past employers.
By applying for a position at OPTrust, you consent to OPTrust processing your personal information (as supplied by you or by others) for the purposes listed above.
If you are offered and accept employment with OPTrust, all personal information collected during the application and recruitment process will become part of your employment file. OPTrust retains such personal information as necessary to achieve the purposes for which it is collected in accordance with our internal policies.
If you are not offered, or do not accept an offer of employment with OPTrust, your personal information is retained to consider you for current or future positions, as well as for defense against potential legal challenges in light of a recruitment decision. Such information is retained for designated periods of time in accordance with our internal policies.
OPTrust collects various forms of personal information for various purposes to help ensure that job applicants (referred to as “you” or “your” in this section) receive appropriate consideration for positions at OPTrust. This personal information includes:
Name and contact information: To communicate with you and provide you with updates about your application and potentially to request additional information.
Prior employment experience and educational history, as well as other information provided to OPTrust (including attachments): To verify your qualifications meet position requirements and to assess your suitability for the identified role(s) at OPTrust.
Information included within background credit, criminal, education, employment and reference checks: To verify and vet your application for employment.
Proof of eligibility to work: To ensure that you are eligible to work in the country, as required by law.
Government identification: To verify identity.
We limit the collection of personal information to what is required to fulfill the purposes identified above, or otherwise in accordance with your consent, or as required by law.
OPTrust collects personal information regarding job applicants from several sources.
From the applicants themselves: Most of the personal information that OPTrust collects about applicants comes from the applicants themselves. This could be from materials submitted as a part of a job application, or from statements made during job interviews or as otherwise communicated to us. We may also collect personal information that you provide during assessments that you may complete as a part of the application process.
From third parties to whom you provided consent to share such information: References that you provide to OPTrust may be contacted to gather additional information about your performance, skills and knowledge.
From third-party service providers: Various third-party service providers, such as background check firms, will provide personal information relating to criminal, credit, education, employment and reference background checks in order to verify your suitability for a position at OPTrust.
Public sources of information: Information locatable online to review applicants’ profiles and past employers.
By applying for a position at OPTrust, you consent to OPTrust processing your personal information (as supplied by you or by others) for the purposes listed above.
If you are offered and accept employment with OPTrust, all personal information collected during the application and recruitment process will become part of your employment file. OPTrust retains such personal information as necessary to achieve the purposes for which it is collected in accordance with our internal policies.
If you are not offered, or do not accept an offer of employment with OPTrust, your personal information is retained to consider you for current or future positions, as well as for defense against potential legal challenges in light of a recruitment decision. Such information is retained for designated periods of time in accordance with our internal policies.
Applicants’ personal information may be shared with third parties when deemed necessary to progress the hiring process. Some types of third parties with whom we share personal information include:
Background check firms: Third-party service providers who perform criminal, credit, education, employment and reference checks to assist in OPTrust’s verification and vetting of applicants.
Applicants’ personal information may be shared with third parties when deemed necessary to progress the hiring process. Some types of third parties with whom we share personal information include:
Background check firms: Third-party service providers who perform criminal, credit, education, employment and reference checks to assist in OPTrust’s verification and vetting of applicants.
NOTICE TO WEBSITE VISITORS
OPTrust operates several websites, including optrust.com and optrustselect.com, and our member/retiree portal at onlineservices.optrust.com (hereinafter collectively referred to as “OPTrust websites” or “our websites”).
In general, you can visit our websites without telling us who you are or submitting any personal information. However, we may collect certain types of information (which may include personal information) electronically when you interact with our websites or through the use of our – or a third party’s – technologies, which include cookies, web beacons or analytics services to our websites and other related information such as page requests, browser type, operating system and average time spent on our website. Such tools enable us to have a better understanding of your browsing behaviours by providing data such as the pages you visited and the events you viewed, clickstream data, online portal profile login events, opt-out preferences, and your IP address. This information supports the functioning of our websites and helps us understand what actions you take on our websites and whether our websites are working properly.
More specifically, OPTrust uses our websites to collect various forms of personal information, which can include, among other things:
Name, contact information, OPTrust ID and any other personal information individuals may submit via our “Contact Us” page on optrust.com: This personal information is used to respond to questions submitted to OPTrust via a secure email functionality built into that page.
IP addresses (Google Analytics): Google Analytics is a web analytics service offered by Google that tracks and reports website traffic and user interactions. This service allows OPTrust to track website activity such as session duration and pages per session, along with information on the source of the traffic. We use reports provided by Google Analytics to help us understand our website traffic and webpage, and to improve the services and features we offer.
Cookies: Our websites use a technology called “cookies.” A cookie is a small data packet that our website sends to a user’s browser, which may then be stored on the user’s hard drive so that we can recognize the user’s computer or device when they return. You may set your browser to notify you when you receive a cookie or to not accept certain cookies. Please note: if you block cookies from our website(s), some features may not be accessible or function as intended.
Any other personal information you provide to us: OPTrust may use other personal information you provide to us to help us better serve you.
OPTrust operates several websites, including optrust.com and optrustselect.com, and our member/retiree portal at onlineservices.optrust.com (hereinafter collectively referred to as “OPTrust websites” or “our websites”).
In general, you can visit our websites without telling us who you are or submitting any personal information. However, we may collect certain types of information (which may include personal information) electronically when you interact with our websites or through the use of our – or a third party’s – technologies, which include cookies, web beacons or analytics services to our websites and other related information such as page requests, browser type, operating system and average time spent on our website. Such tools enable us to have a better understanding of your browsing behaviours by providing data such as the pages you visited and the events you viewed, clickstream data, online portal profile login events, opt-out preferences, and your IP address. This information supports the functioning of our websites and helps us understand what actions you take on our websites and whether our websites are working properly.
More specifically, OPTrust uses our websites to collect various forms of personal information, which can include, among other things:
Name, contact information, OPTrust ID and any other personal information individuals may submit via our “Contact Us” page on optrust.com: This personal information is used to respond to questions submitted to OPTrust via a secure email functionality built into that page.
IP addresses (Google Analytics): Google Analytics is a web analytics service offered by Google that tracks and reports website traffic and user interactions. This service allows OPTrust to track website activity such as session duration and pages per session, along with information on the source of the traffic. We use reports provided by Google Analytics to help us understand our website traffic and webpage, and to improve the services and features we offer.
Cookies: Our websites use a technology called “cookies.” A cookie is a small data packet that our website sends to a user’s browser, which may then be stored on the user’s hard drive so that we can recognize the user’s computer or device when they return. You may set your browser to notify you when you receive a cookie or to not accept certain cookies. Please note: if you block cookies from our website(s), some features may not be accessible or function as intended.
Any other personal information you provide to us: OPTrust may use other personal information you provide to us to help us better serve you.
Your personal information may also be shared with third parties who provide services on OPTrust’s behalf. These may include:
Analytics providers: OPTrust may share relevant personal information of website visitors to such providers to help OPTrust better understand and track usage of our websites.
Social engagement tool providers: OPTrust may disclose to such entities the personal information of individuals who opt in to receiving email updates from our websites to facilitate communication between OPTrust and those individuals. Individuals who consented to receive such communications can withdraw their consent by unsubscribing to the communications via the “unsubscribe” button at the bottom of any email.
Your personal information may also be shared with third parties who provide services on OPTrust’s behalf. These may include:
Analytics providers: OPTrust may share relevant personal information of website visitors to such providers to help OPTrust better understand and track usage of our websites.
Social engagement tool providers: OPTrust may disclose to such entities the personal information of individuals who opt in to receiving email updates from our websites to facilitate communication between OPTrust and those individuals. Individuals who consented to receive such communications can withdraw their consent by unsubscribing to the communications via the “unsubscribe” button at the bottom of any email.
Our websites may contain links to other websites that OPTrust does not own or operate (e.g. social media websites). We provide links to third-party websites as a convenience to the user. These links are not intended as an endorsement of or referral to the linked websites. The linked websites have separate and independent privacy policies, notices and terms of use. We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat personal information. We encourage you to read the privacy policy of websites you visit.
Our websites may contain links to other websites that OPTrust does not own or operate (e.g. social media websites). We provide links to third-party websites as a convenience to the user. These links are not intended as an endorsement of or referral to the linked websites. The linked websites have separate and independent privacy policies, notices and terms of use. We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat personal information. We encourage you to read the privacy policy of websites you visit.
NOTICE TO VISITORS TO THE OPTRUST OFFICE
We may collect several types of personal information from visitors to our offices, including:
Photo/video via our CCTV system: To monitor certain areas of our offices in order to protect our staff and our physical assets.
Name/email address/affiliation: To notify relevant staff of a visitor’s arrival.
In all cases we limit collection of personal information to what we feel necessary to achieve the purposes for which the personal information is collected, or what is required by law.
We may collect several types of personal information from visitors to our offices, including:
Photo/video via our CCTV system: To monitor certain areas of our offices in order to protect our staff and our physical assets.
Name/email address/affiliation: To notify relevant staff of a visitor’s arrival.
In all cases we limit collection of personal information to what we feel necessary to achieve the purposes for which the personal information is collected, or what is required by law.
With respect to visitors, we may disclose video surveillance footage to law enforcement or other government agencies where we believe such disclosure is: (i) permitted or required by law; (ii) necessary to protect our properties, visitors, members/retirees and employees; or (iii) reasonable in connection with a law enforcement investigation. We also disclose the personal information to our third-party CCTV service provider, who solely has access to the system to maintain the system.
We record visitor name, business contact information and certain non-personal information (e.g. which OPTrust staff member(s) the visitor is scheduled to meet) within a third-party software we use to keep track of our visitors. Such information is retained in accordance with our internal policies.
With respect to visitors, we may disclose video surveillance footage to law enforcement or other government agencies where we believe such disclosure is: (i) permitted or required by law; (ii) necessary to protect our properties, visitors, members/retirees and employees; or (iii) reasonable in connection with a law enforcement investigation. We also disclose the personal information to our third-party CCTV service provider, who solely has access to the system to maintain the system.
We record visitor name, business contact information and certain non-personal information (e.g. which OPTrust staff member(s) the visitor is scheduled to meet) within a third-party software we use to keep track of our visitors. Such information is retained in accordance with our internal policies.
NOTICE TO PARTIES TO INVESTMENT TRANSACTIONS
We may collect several types of personal information reasonably necessary to facilitate our due diligence requirements associated with investment transactions, including name, affiliation, job title and business contact information to facilitate communications related to potential investment transactions, as well as background check information (including criminal checks).
We may collect several types of personal information reasonably necessary to facilitate our due diligence requirements associated with investment transactions, including name, affiliation, job title and business contact information to facilitate communications related to potential investment transactions, as well as background check information (including criminal checks).
With respect to individuals associated with investment transactions, we may share personal information disclosed to us with various third parties, including:
Government regulators (if required).
Third-party providers of background check services.
Service providers engaged by OPTrust to store digital information pertaining to potential/actualized investment transactions.
Banks and other sources of financing.
Our investment advisors.
With respect to individuals associated with investment transactions, we may share personal information disclosed to us with various third parties, including:
Government regulators (if required).
Third-party providers of background check services.
Service providers engaged by OPTrust to store digital information pertaining to potential/actualized investment transactions.
Banks and other sources of financing.
Our investment advisors.
NOTICE TO RESIDENTS OF THE UNITED KINGDOM RELATING TO OPTRUST’S SUBSIDIARY’S COLLECTION AND USE OF PERSONAL DATA
OPTrust has a wholly owned subsidiary based in London, UK called Canuck Capital Limited (“CCL”). CCL is a data controller for the purposes of UK data protection laws and regulations. This means that CCL determines the purposes and means of processing personal data that it collects as a part of its operations.
Privacy Officer Canuck Capital Limited 7 Cavendish Place, 2nd Floor, London W1G 0QB, UK Email
Privacy Officer Canuck Capital Limited 7 Cavendish Place, 2nd Floor, London W1G 0QB, UK Email
The United Kingdom’s General Data Protection Regulation defines personal data as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier.” CCL uses personal data for various purposes:
To conduct due diligence on businesses with whom or in whom CCL or OPTrust is considering investing;
To engage with vendors and service providers to support our business operations;
To hire new employees as needed, including conducting certain checks on you (such as employment references for anti-fraud or criminal record checks).
The United Kingdom’s General Data Protection Regulation defines personal data as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier.” CCL uses personal data for various purposes:
To conduct due diligence on businesses with whom or in whom CCL or OPTrust is considering investing;
To engage with vendors and service providers to support our business operations;
To hire new employees as needed, including conducting certain checks on you (such as employment references for anti-fraud or criminal record checks).
We only collect personal data when it is necessary and, in those circumstances, only require the minimal amount of personal data necessary to achieve the stated purposes. The types of personal data we collect may include (but is not limited to) personal data relating to:
Due diligence on enterprises in which CCL or its parent organization OPTrust is considering investing. This is often obtained from the employer of organisations in which CCL is considering investing. For the purposes of conducting investment due diligence: name, business contact information, role, compensation information and other information in employment agreements, and identification of individuals as key employees.
Running business operations: We regularly engage service providers, vendors and professionals (e.g. external counsel). This is often obtained from the employer of organisations which CCL has obtained as a service provider. For the purposes of such engagements: name, business contact information.
When we hire new positions:
Information included within background credit, criminal, education, employment and reference checks: To verify and vet your application for employment.
Information obtained from references/referees.
We have a separate Employee Privacy Statement which details information relating to what personal data CCL processes on our current employees.
We only collect personal data when it is necessary and, in those circumstances, only require the minimal amount of personal data necessary to achieve the stated purposes. The types of personal data we collect may include (but is not limited to) personal data relating to:
Due diligence on enterprises in which CCL or its parent organization OPTrust is considering investing. This is often obtained from the employer of organisations in which CCL is considering investing. For the purposes of conducting investment due diligence: name, business contact information, role, compensation information and other information in employment agreements, and identification of individuals as key employees.
Running business operations: We regularly engage service providers, vendors and professionals (e.g. external counsel). This is often obtained from the employer of organisations which CCL has obtained as a service provider. For the purposes of such engagements: name, business contact information.
When we hire new positions:
Information included within background credit, criminal, education, employment and reference checks: To verify and vet your application for employment.
Information obtained from references/referees.
We have a separate Employee Privacy Statement which details information relating to what personal data CCL processes on our current employees.
We receive personal data primarily from the individuals (“data subjects”) themselves. In certain situations, however, we do collect personal data from other sources, including:
An individual’s employer (e.g. in the case of investment due diligence, or vendors, etc.)
Job applicant references/referees
Background check companies (e.g. for job applicants)
If the purpose(s) we identify before/when collecting personal information is initially unclear, we will give you an indication of what we are going to do with your personal information later on and we will update this document accordingly.
We receive personal data primarily from the individuals (“data subjects”) themselves. In certain situations, however, we do collect personal data from other sources, including:
An individual’s employer (e.g. in the case of investment due diligence, or vendors, etc.)
Job applicant references/referees
Background check companies (e.g. for job applicants)
If the purpose(s) we identify before/when collecting personal information is initially unclear, we will give you an indication of what we are going to do with your personal information later on and we will update this document accordingly.
We base our use of personal data in legal requirements (called “lawful bases”). This helps to ensure that we are compliant with the law.
Specifically, we use the following lawful bases: (1) that the data subject has consented to the particular processing; or (2) that the data is necessary to perform a contract we have with the data subject’s employer (as is the case when we process the personal data of data subjects employed by the vendors and service providers with whom CCL contracts); (3) that the processing is necessary for our legitimate interests or the legitimate interests of the party we disclose the personal data to and the data subject’s interests do not override our legitimate interests; or (4) we collect the personal data to fulfillment of a legal obligation. Regarding (3), our legitimate interests relate to our operations of a business.
With respect to the personal data we process to manage recruitment (including assessing candidacy when applying for employment), our lawful bases are: contract performance/employment legal obligations and rights, legitimate interests (to enable us to effectively recruit staff). For special category data collected as a part of the job application process, the Article 9 conditions are: explicit consent, or employment, social security and social protection law.
With respect to conducting certain checks on you (such as employment references for anti-fraud or criminal record checks or personal data collected as a part of our due diligence), our lawful bases are: legal obligation/employment legal obligations and rights, legitimate interests (to assist with the prevention of crime and fraud). For special category data collected as a part of these efforts, our Article 9 conditions are: explicit consent.
In situations where we base our processing of personal data or sensitive personal information on consent, individuals will be notified about that consent. In such situations, data subjects have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
We base our use of personal data in legal requirements (called “lawful bases”). This helps to ensure that we are compliant with the law.
Specifically, we use the following lawful bases: (1) that the data subject has consented to the particular processing; or (2) that the data is necessary to perform a contract we have with the data subject’s employer (as is the case when we process the personal data of data subjects employed by the vendors and service providers with whom CCL contracts); (3) that the processing is necessary for our legitimate interests or the legitimate interests of the party we disclose the personal data to and the data subject’s interests do not override our legitimate interests; or (4) we collect the personal data to fulfillment of a legal obligation. Regarding (3), our legitimate interests relate to our operations of a business.
With respect to the personal data we process to manage recruitment (including assessing candidacy when applying for employment), our lawful bases are: contract performance/employment legal obligations and rights, legitimate interests (to enable us to effectively recruit staff). For special category data collected as a part of the job application process, the Article 9 conditions are: explicit consent, or employment, social security and social protection law.
With respect to conducting certain checks on you (such as employment references for anti-fraud or criminal record checks or personal data collected as a part of our due diligence), our lawful bases are: legal obligation/employment legal obligations and rights, legitimate interests (to assist with the prevention of crime and fraud). For special category data collected as a part of these efforts, our Article 9 conditions are: explicit consent.
In situations where we base our processing of personal data or sensitive personal information on consent, individuals will be notified about that consent. In such situations, data subjects have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
If necessary, personal data may be transferred outside of the UK. In each case, CCL will ensure that such transfers will be performed in accordance with legal requirements. The recipients to whom CCL discloses personal data include our parent company OPTrust located in Canada (e.g. so OPTrust can assist CCL in assessing job applicants), as well as to another OPTrust wholly owned subsidiary located in Australia (e.g. so employees in that office can assist CCL employees with conducting due diligence). Moreover, personal data is also stored within the European Union, where our Human Resources Information System stores personal information, including information relating to job applicants.
If necessary, personal data may be transferred outside of the UK. In each case, CCL will ensure that such transfers will be performed in accordance with legal requirements. The recipients to whom CCL discloses personal data include our parent company OPTrust located in Canada (e.g. so OPTrust can assist CCL in assessing job applicants), as well as to another OPTrust wholly owned subsidiary located in Australia (e.g. so employees in that office can assist CCL employees with conducting due diligence). Moreover, personal data is also stored within the European Union, where our Human Resources Information System stores personal information, including information relating to job applicants.
We hold personal data for as long as it is necessary to achieve the purposes for which we collected it. More specifically, we have specific data retention periods tied to each type of personal data we hold, which are outlined in our internal policies. Our retention periods are based on legal requirements, industry standards and the purposes for which the personal information was collected.
We hold personal data for as long as it is necessary to achieve the purposes for which we collected it. More specifically, we have specific data retention periods tied to each type of personal data we hold, which are outlined in our internal policies. Our retention periods are based on legal requirements, industry standards and the purposes for which the personal information was collected.
At this time, we do not engage in any automated decision making or profiling as defined by the United Kingdom General Data Protection Regulation.
At this time, we do not engage in any automated decision making or profiling as defined by the United Kingdom General Data Protection Regulation.
The existence of the rights to access, correct, erase, suppress or object to the processing, as well as the right to data portability; the right to lodge a complaint with the ICO.
In the UK, data subjects have various rights relating to the personal information under CCL’s or OPTrust’s control. These include the right to:
Be informed: Be provided with information (at/before the time of collection) about the collection of their personal data. This includes information about our purposes for processing their personal data, our retention periods for that personal data, and who it will be shared with. Part of this purpose of this Policy is to provide this information.
Subject access: Be provided access to any data we hold about them generally within one (“1”) month of the verification of their identity and scope of their request. Subject to statutory exceptions, the information that must be provided includes details of the purposes of the processing, the categories of the personal data, the categories of recipients of the data, the storage period or criteria used to determine that period, the existence of any wholly automated decision making, the source of the data and the appropriate safeguards that have been put in place if the personal data has been transferred outside the UK. In addition, the individual must be informed they have a right to request rectification or erasure of personal data or restriction of the processing of personal data concerning the data subject, or to object to the processing of such personal data and also the right to lodge a complaint to a data protection regulator. The information needs to be provided in a commonly used electronic form.
Correct incorrect/inaccurate personal data: The requirement to have incomplete or inaccurate personal data amended or corrected.
Erasure: Require Canuck Capital Limited to erase personal data in certain circumstances and where the data has been made public to take reasonable steps to inform other controllers that are processing the data that the data subject has requested its erasure of any links to, copies or replication of it.
Restriction: Require the processing of personal data to be restricted in certain circumstances.
Portability: Have personal data transmitted to the data subject or another controller in a commonly used machine-readable format.
Raise a complaint: You can raise a complaint about our processing of your personal data with the Privacy Officer or, if you do not feel as though your complaint was sufficiently addressed, to the UK Information Commissioner’s Office (https://ico.org.uk/) or 0303 123 1113 or registration@ico.org.uk.
Object: Require OPTrust to prevent processing their personal data for certain purposes. You have absolute right to stop your data being used for direct marketing. In other cases where the right to object applies, we may be able to continue processing if we can show that we have a compelling reason for doing so.
Automated decision making: Currently CCL does not engage in automated decision making. Should CCL engage in automated decision making in the future which has legal or similarly significant effects, you will be notified about any such use of automated decision making and provided with the right to object to such automated decision making.
The existence of the rights to access, correct, erase, suppress or object to the processing, as well as the right to data portability; the right to lodge a complaint with the ICO.
In the UK, data subjects have various rights relating to the personal information under CCL’s or OPTrust’s control. These include the right to:
Be informed: Be provided with information (at/before the time of collection) about the collection of their personal data. This includes information about our purposes for processing their personal data, our retention periods for that personal data, and who it will be shared with. Part of this purpose of this Policy is to provide this information.
Subject access: Be provided access to any data we hold about them generally within one (“1”) month of the verification of their identity and scope of their request. Subject to statutory exceptions, the information that must be provided includes details of the purposes of the processing, the categories of the personal data, the categories of recipients of the data, the storage period or criteria used to determine that period, the existence of any wholly automated decision making, the source of the data and the appropriate safeguards that have been put in place if the personal data has been transferred outside the UK. In addition, the individual must be informed they have a right to request rectification or erasure of personal data or restriction of the processing of personal data concerning the data subject, or to object to the processing of such personal data and also the right to lodge a complaint to a data protection regulator. The information needs to be provided in a commonly used electronic form.
Correct incorrect/inaccurate personal data: The requirement to have incomplete or inaccurate personal data amended or corrected.
Erasure: Require Canuck Capital Limited to erase personal data in certain circumstances and where the data has been made public to take reasonable steps to inform other controllers that are processing the data that the data subject has requested its erasure of any links to, copies or replication of it.
Restriction: Require the processing of personal data to be restricted in certain circumstances.
Portability: Have personal data transmitted to the data subject or another controller in a commonly used machine-readable format.
Raise a complaint: You can raise a complaint about our processing of your personal data with the Privacy Officer or, if you do not feel as though your complaint was sufficiently addressed, to the UK Information Commissioner’s Office (https://ico.org.uk/) or 0303 123 1113 or registration@ico.org.uk.
Object: Require OPTrust to prevent processing their personal data for certain purposes. You have absolute right to stop your data being used for direct marketing. In other cases where the right to object applies, we may be able to continue processing if we can show that we have a compelling reason for doing so.
Automated decision making: Currently CCL does not engage in automated decision making. Should CCL engage in automated decision making in the future which has legal or similarly significant effects, you will be notified about any such use of automated decision making and provided with the right to object to such automated decision making.
In certain situations, you may be under a legal requirement or a contractual obligation to provide personal data to CCL.
In those situations, you will be advised about such a requirement or obligation.
If you would like a hard copy form of this website privacy statement, it can be requested by emailing privacy@optrust.com.
In certain situations, you may be under a legal requirement or a contractual obligation to provide personal data to CCL.
In those situations, you will be advised about such a requirement or obligation.
If you would like a hard copy form of this website privacy statement, it can be requested by emailing privacy@optrust.com.
NOTICE TO RESIDENTS OF AUSTRALIA RELATING TO OPTRUST’S SUBSIDIARY’S COLLECTION AND USE OF PERSONAL INFORMATION
OPTrust has a wholly owned subsidiary in Sydney, Australia called Maple Leaf Management (hereinafter “MLM”). This notice relates to how that subsidiary collects and uses personal information in accordance with the Australian legal requirements (including but not limited to the Australia Privacy Act (“Privacy Act”), OPTrust global policies, and MLM management policies and procedures. This notice serves as MLM’s APP Privacy Policy and details our management of personal information.
For the purposes of this notice, personal information is defined by the Australia Privacy Act as information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.
Privacy Officer c/o MLM Level 32 126 Phillip Street Sydney NSW 2000, Australia +61-2-9121-1800 Email
Privacy Officer c/o MLM Level 32 126 Phillip Street Sydney NSW 2000, Australia +61-2-9121-1800 Email
The Privacy Act requires that MLM only collect personal information (not including sensitive information – the collection of which has additional restrictions) if it is reasonably necessary for one or more of MLM’s functions or activities and by fair and lawful means. Personal information collected by MLM may include:
Personal details such as an individual’s name, date of birth, residential and business contact information (e.g. where a person is an officer or director of a firm which is in a business relationship with MLM, a work electronic mail address or work telephone number).
Government identifiers such as a tax file number, TFN, Medicare card number, driver’s licence number or passport number (e.g. to verify an identity if an individual applies for a position with MLM). MLM does collect TFNs for payroll purposes (e.g. to withhold income tax and pay it to the tax office).
Employment details such as role, compensation information, information in employment agreements, identification of whether the individual is a key employee (for due diligence).
Information about security holdings in companies in which we are invested or conduct due diligence upon, including the name, address, contact details and shareholdings of shareholders, option holders, etc. in the business.
General background and sanctions checks on key personnel as part of investment due diligence.
Sensitive information, including place of birth or nationality, membership of a professional or trade association, criminal record check information and health information (e.g. if a person is a staff member, collection may include medical certificates and health related information associated with leave applications, workers’ compensation matters, injury incidents and rehabilitation, or other information used when booking travel arrangements).
Other details relating to a relationship and/or dealing with MLM (e.g. if a person has applied for a position with MLM, pre-employment history, income, results of aptitude and other tests, contact and emergency details, pension and health insurance details).
The Privacy Act requires that MLM only collect personal information (not including sensitive information – the collection of which has additional restrictions) if it is reasonably necessary for one or more of MLM’s functions or activities and by fair and lawful means. Personal information collected by MLM may include:
Personal details such as an individual’s name, date of birth, residential and business contact information (e.g. where a person is an officer or director of a firm which is in a business relationship with MLM, a work electronic mail address or work telephone number).
Government identifiers such as a tax file number, TFN, Medicare card number, driver’s licence number or passport number (e.g. to verify an identity if an individual applies for a position with MLM). MLM does collect TFNs for payroll purposes (e.g. to withhold income tax and pay it to the tax office).
Employment details such as role, compensation information, information in employment agreements, identification of whether the individual is a key employee (for due diligence).
Information about security holdings in companies in which we are invested or conduct due diligence upon, including the name, address, contact details and shareholdings of shareholders, option holders, etc. in the business.
General background and sanctions checks on key personnel as part of investment due diligence.
Sensitive information, including place of birth or nationality, membership of a professional or trade association, criminal record check information and health information (e.g. if a person is a staff member, collection may include medical certificates and health related information associated with leave applications, workers’ compensation matters, injury incidents and rehabilitation, or other information used when booking travel arrangements).
Other details relating to a relationship and/or dealing with MLM (e.g. if a person has applied for a position with MLM, pre-employment history, income, results of aptitude and other tests, contact and emergency details, pension and health insurance details).
MLM collects personal information from the individual, unless it is unreasonable or impractical to do so, in which case it may collect personal information from a third party, including the individual’s employer. For example, where as part of assessing business acquisition opportunities, where we are provided personal information as part of our due diligence processes. MLM may also need to obtain personal information from a third party to verify information an individual has provided or to enable OPTrust to locate or communicate with that person. Personal information is typically collected electronically (e.g. via email) when it is required by MLM to perform its underlying business function (e.g. conducting due diligence on an enterprise, etc.).
MLM holds personal information in secure third-party cloud storage environments protected by appropriate safeguards including (but not limited to) access controls and multi-factor authentication.
MLM collects personal information from the individual, unless it is unreasonable or impractical to do so, in which case it may collect personal information from a third party, including the individual’s employer. For example, where as part of assessing business acquisition opportunities, where we are provided personal information as part of our due diligence processes. MLM may also need to obtain personal information from a third party to verify information an individual has provided or to enable OPTrust to locate or communicate with that person. Personal information is typically collected electronically (e.g. via email) when it is required by MLM to perform its underlying business function (e.g. conducting due diligence on an enterprise, etc.).
MLM holds personal information in secure third-party cloud storage environments protected by appropriate safeguards including (but not limited to) access controls and multi-factor authentication.
MLM collects personal information for various purposes, including:
recruitment and employment purposes;
due diligence on directors, officers, shareholders, employees, key counterparties and senior management in relation to assessing business acquisition or investment opportunities;
engaging service providers, contractors or suppliers relating to the operation of its business;
dealing with complaints;
performing investment support and other services for OPTrust and its other wholly owned subsidiaries;
meeting legal and regulatory requirements.
MLM collects personal information for various purposes, including:
recruitment and employment purposes;
due diligence on directors, officers, shareholders, employees, key counterparties and senior management in relation to assessing business acquisition or investment opportunities;
engaging service providers, contractors or suppliers relating to the operation of its business;
dealing with complaints;
performing investment support and other services for OPTrust and its other wholly owned subsidiaries;
meeting legal and regulatory requirements.
You have a right to request access to the personal information that MLM holds about you, subject to certain exemptions under the Privacy Act.
Access requests may be made by contacting the OPTrust Privacy Officer at privacy@optrust.com or by calling +61 414 916 956. In the event that we refuse you access to your personal information, we will provide you with an explanation for that refusal (e.g. if we are prevented by law from disclosing information or providing access).
Additionally, OPTrust takes all reasonable steps to ensure that the personal information it collects, uses or discloses is accurate, complete, up-to-date and relevant to the products or services provided to you or the nature of the relationship with you. If you believe that this is not the case in relation to any personal information OPTrust holds about you, you have the right to request that OPTrust correct your personal information. If you would like to request correction of your personal information, please email the OPTrust Privacy Officer at privacy@optrust.com or call +61 414 916 956.
You have a right to request access to the personal information that MLM holds about you, subject to certain exemptions under the Privacy Act.
Access requests may be made by contacting the OPTrust Privacy Officer at privacy@optrust.com or by calling +61 414 916 956. In the event that we refuse you access to your personal information, we will provide you with an explanation for that refusal (e.g. if we are prevented by law from disclosing information or providing access).
Additionally, OPTrust takes all reasonable steps to ensure that the personal information it collects, uses or discloses is accurate, complete, up-to-date and relevant to the products or services provided to you or the nature of the relationship with you. If you believe that this is not the case in relation to any personal information OPTrust holds about you, you have the right to request that OPTrust correct your personal information. If you would like to request correction of your personal information, please email the OPTrust Privacy Officer at privacy@optrust.com or call +61 414 916 956.
If you believe your personal information has not been treated consistently with the Privacy Act, please contact privacy@optrust.com or call +61 414 916 956.
OPTrust will investigate your privacy complaint and respond to you as soon as practicable.
Where OPTrust finds that your complaint is justified, it will resolve the complaint. Where it disagrees with your complaint OPTrust will provide you with its reasons.
If you are unhappy with the handling of your complaint you also have the right to complain to the Office of the Australian Information Commissioner (visit www.oaic.gov.au for more information).
If you believe your personal information has not been treated consistently with the Privacy Act, please contact privacy@optrust.com or call +61 414 916 956.
OPTrust will investigate your privacy complaint and respond to you as soon as practicable.
Where OPTrust finds that your complaint is justified, it will resolve the complaint. Where it disagrees with your complaint OPTrust will provide you with its reasons.
If you are unhappy with the handling of your complaint you also have the right to complain to the Office of the Australian Information Commissioner (visit www.oaic.gov.au for more information).
Some of the recipients to whom MLM discloses personal information in order to satisfy the purposes for which the personal information was collected are based overseas. In this instance it would include Canada where the OPTrust home office is located (e.g. for the purpose of sharing due diligence information), the United Kingdom (where Canuck Capital Limited, another wholly owned subsidiary of OPTrust, is located), as well as the European Union (where our Human Resources Information System, which stores personal information, including information relating to job applicants, is hosted).
Information that OPTrust sends in most cases would be to and from its offices and is primarily employee personal information required to maintain the employer-employee working relationship, employee benefits, etc.
Some of the recipients to whom MLM discloses personal information in order to satisfy the purposes for which the personal information was collected are based overseas. In this instance it would include Canada where the OPTrust home office is located (e.g. for the purpose of sharing due diligence information), the United Kingdom (where Canuck Capital Limited, another wholly owned subsidiary of OPTrust, is located), as well as the European Union (where our Human Resources Information System, which stores personal information, including information relating to job applicants, is hosted).
Information that OPTrust sends in most cases would be to and from its offices and is primarily employee personal information required to maintain the employer-employee working relationship, employee benefits, etc.
The consequences associated with failure to provide personal information that is requested vary by the situation, but may include a failure to consummate a particular engagement (whether that relates to the failure of MLM to engage a particular service provider/vendor, or the failure of MLM to invest in/with a particular entity) or a failure to hire a job applicant (e.g. if a job applicant does not provide the requested personal information as a part of a job application).
The consequences associated with failure to provide personal information that is requested vary by the situation, but may include a failure to consummate a particular engagement (whether that relates to the failure of MLM to engage a particular service provider/vendor, or the failure of MLM to invest in/with a particular entity) or a failure to hire a job applicant (e.g. if a job applicant does not provide the requested personal information as a part of a job application).