Our Privacy Commitment to You

At the OTIP Group of Companies1 (“OGC”), respecting your privacy and protecting your personal information is an important part of how we do business. We value the trust you have in us and we are committed to protecting your privacy.

OGC’s Privacy Policy


We are accountable for all personal information in our possession or control, including any personal information transferred to third parties for processing.

Identifying the purposes for which information is collected

We will identify the reasons for collecting personal information before or at the time of collection. We will collect information for reasonable purposes as outlined in this policy as well as purposes described in the terms and conditions of any product, service, program, contest, promotion or event. In addition to the member’s name, address, email and telephone number, we may require information to: 

  • establish one’s identity
  • understand one’s needs and eligibility for products, services and benefits
  • recommend products, services and coverage to meet one’s needs
  • make individuals aware of new products, services and benefits
  • provide individuals with ongoing services, establish and maintain communications and respond to enquiries
  • train employees and monitor for quality assurance 
  • enable us to acquire or renew an insurance policy
  • provide rehabilitation recommendations and services
  • draft billings and conduct accounting services related to our products, services and benefits
  • conduct research and statistical analysis
  • investigate, evaluate, negotiate and settle claims
  • protect individuals and us from error or fraud
  • comply with legal requirements

Obtaining consent

We will obtain consent for the collection, use and disclosure of personal information, subject to certain legal, medical or security reasons which may make it impracticable to seek consent. Individuals can provide consent to the collection, use and disclosure of their personal information expressly (oral, written or electronic) or it may be implied depending on circumstances and sensitivity of the information. 

When quoting or issuing a policy, it is our understanding that in addition to the individual insured providing their consent, they have obtained consent from all persons named in the insurance policy for the collection, use and disclosure of their personal information, for the purposes outlined above.

Individuals can withdraw consent at any time. If this should happen, we will explain the implications of withdrawing consent.

Limiting the collection of personal information

We will limit the collection of personal information to only that which is needed to properly provide products, services and benefits and to fulfill legal or regulatory requirements. Information will be collected by fair and lawful means. If a member’s information is being collected by telephone, the call may be recorded for the following reasons: 

  • To establish a record of the information provided;
  • To verify instructions;
  • To maintain quality service;
  • To assist in staff training.

The information we gather about our members varies, depending on the request and/or the service provided and may be collected verbally, electronically or in writing. Examples of the types of information we may collect directly or indirectly include but is not limited to:

  • name, address, telephone number and e-mail address
  • date of birth, sex, and marital status
  • driving record, driver’s license number, vehicle information and proof of ownership
  • previous insurance history and claims experience
  • details of the property being insured
  • details related to any loss or injury
  • medical and health information
  • employment and income information
  • banking information and credit rating
  • identification numbers (including Social Insurance Number when legally required for financial and/or tax reporting reasons)

In most cases, we will collect the information directly from the individual, or from their authorized representative(s). In some cases, and with the individual’s consent, we may need to ask an independent source to verify or provide supplemental information. These sources could include service providers we retain, other insurance companies or financial institutions, employers, benefit administrators or credit reporting agencies. In the case of medical or health-related information, additional sources could include doctor(s), other healthcare providers or facilities. In some circumstances, we may collect personal information from public sources such as the internet or third-party service providers.

Limiting the use, disclosure and retention of personal information 

We will use or disclose personal information only for the purpose for which the information was collected, unless an individual gives consent to use or disclose it for another reason. Information may be disclosed to service providers and authorized agents/representatives who perform various functions for us. Individuals’ personal information may be disclosed to third parties in certain circumstances:

  • to employees, agents and representatives who need the information in the performance of their duties
  • to service providers who need the information in the performance of their duties for us, to resolve an individual’s concern, and to satisfy their obligations to us
  • to any person or organization an individual has provided consent to
  • to any person or organization authorized by law
  • To comply with laws, regulations, subpoena, or court order
  • To investigate and/or prevent fraud
  • To protect the personal safety of employees, members, or other third parties

In some cases, service providers may be located in other provinces or jurisdictions outside of Canada and personal information may be subject to the laws of those jurisdictions. When information is provided to our service providers, we will require them to protect the information in a manner that is consistent with our Privacy Policy and practices. 

We may, where not prohibited by law, consolidate and share member personal information within the OTIP Group of Companies to better manage our business and the relationship we have with our members for the purposes described in this policy. Sensitive personal information, such as health and medical information, will never be shared or used for a purpose other than the original purpose for which it was collected. 

As part of a business transaction, including the purchase or sale, merger or amalgamation or a financing arrangement pertaining to OGC’s business assets, we may be required to share members’ personal information with applicable third parties to complete such a transaction. 

We will keep personal information for as long as necessary for the identified purposes or as required by law. 

Keeping personal information accurate

We will keep the personal information in our possession or control accurate, complete, current and relevant based on the most recent information available to us. Individuals may challenge the accuracy and completeness of personal information about them and have it amended as appropriate. Depending on the nature of the information challenged, amendment involves the correction, deletion or addition of information. Where appropriate the amended information will be transmitted to third parties having access to the information in question.

Safeguarding information

We will protect personal information within our custody with safeguards appropriate to the sensitivity of the information. We use reasonable physical, organizational and technological safeguards and appropriate training of employees, to prevent the theft, loss, misuse, alteration, unauthorized access or disclosure of personal information under our control.  

Any unprotected e-mail message may be subject to interception, loss or alteration. We are not responsible for damages related to e-mail messages sent by members or e-mail messages sent by us to individuals at their request. 


We will be open about the procedures used to manage personal information and upon request, we will provide specific information about our practices relating to the management of personal information.

Providing access to personal information

Upon request, we will advise individuals of the existence, use and disclosure of their personal information. Individuals can request to have their information amended or corrected. We will respond to an access to information request within the timelines prescribed by each province’s privacy legislation. It is important to verify that the individual requesting the information is in fact the person whom the information belongs to. For this reason, we require that all inquiries be in writing and that our responses, in writing, are sent to the address we have on file. Access to information will be provided at minimal cost. 

We are unable to provide access to information in the following circumstances:

  • if doing so would likely reveal personal information about a third party; however, if the third-party information can be removed, the remainder of the record can be provided
  • if the information is subject to solicitor-client privilege
  • if revealing the information would reveal confidential commercial information
  • if revealing the information could reasonably be expected to threaten the life or security of another individual
  • if providing access is prohibitively costly
  • if the information relates to the actual or suspected breach of a policy or other agreement or the breach of a Canadian law
  • if the information was generated in the course of a formal dispute resolution process

Questions and/or complaints about privacy

Individuals may challenge our information handling practices and/or our compliance with privacy legislation. Privacy complaints and inquiries should be directed to OGC’s Privacy Officer as outlined in the complaints process.

Privacy Complaint Process

If an individual has a privacy related concern or complaint, the employee will listen to the individual’s concerns, identify the problem and offer solutions. If the situation cannot be resolved, the individual will be directed to contact OGC’s Privacy Office either by telephone or in writing.

Quebec – TW Insurance Services (Orbit)

Lucie Frechette

230 Boulevard Saint-Joseph O.

Drummondville QC  J2E 0G3



Head Office

OGC Privacy Officer 

PO Box 218

Waterloo ON  N2J 3Z9



Depending on the nature of the inquiry or complaint, we will:

  • acknowledge the inquiry
  • investigate the situation
  • respond in a timely manner
  • answer any questions related to our privacy policy
  • take measures to modify our personal information handling practices if necessary

1The OTIP Group of Companies includes:

  • Ontario Teachers Insurance Plan             
  • OTIP/RAEO Benefits Incorporated             
  • OTIP/RAEO Insurance Brokers Inc.                     
  • Curo Claims Services Inc.
  • TW Insurance Services (Orbit)
  • Assurance Jean Claude Leclerc Inc. (Orbit)