Last Updated: April 26, 2021

Northlake Financial ULC is committed to protecting the privacy and security of your personal information and wants you to be familiar with how we collect, use and disclose personal information.

This Privacy Policy describes how Northlake and its subsidiaries, affiliates and related entities (collectively, “Northlake“, “we” or “us”) collects, uses and discloses personal information in connection with our commercial activities in Canada and through the following website[s]: https://northlakefinancial.ca/. This Privacy Policy does not apply to personal information relating to an employee of Northlake, as their personal information is dealt with in the Northlake “Employee Privacy Policy.”

If you are unsure if or how this Privacy Policy applies to you, please contact our [Privacy Officer] using the contact information at the end of this Privacy Policy for more information.

What is personal information?

Privacy laws in Canada generally define “personal information” as any information about an identifiable individual, which includes information that can be used on its own or with other information to identify, contact, or locate a single person.

Types of personal information we collect.

We collect and maintain different types of personal information in respect of individuals with whom we interact. This includes, but is not limited to: 

  • contact information, such as your name, address, telephone number and e-mail address;
  • identification information such as your driver’s license number, Social Insurance Number and photograph;
  • product and service related information concerning the products and services that we provide to, or receive from, you;
  • credit and financial information such as your banking information, payment methods and preferences, and billing and credit history;
  • business relationship information, including information related to your agreements, preferences, advisors and decision-makers; and
  • customer relationship information such as customer service requests and feed-back and information requested or provided by or from you.

In connection with the financing of a vehicle, Northlake may collect personal information such as your name, address, birth date, Social Insurance Number, marital status, living arrangement (rent or own), employment situation (past and present), banking information, and credit information. While disclosing your social insurance number to us is not mandatory, we ask that you provide your social insurance number to assist us in identifying you and your credit records. Northlake may also require the same information from any spouse, partner, or co-signer. We may collect personal information directly from you, or from third parties such as credit bureaus or credit reporting agencies or your vehicle dealer, employer, bank, references, landlord or mortgage holder. We may also collect insurance information from your insurer in order to verify compliance with insurance requirements under a Conditional Sales Contract (“Contract”). If you are in default under your Contract, we may also track the location of your vehicle in accordance with the terms of that Contract. 

The choice to provide Northlake with personal information is always yours. However, your decision to withhold particular details may limit our ability to provide our credit services to you. If we are unable to accommodate your request based on the information that has been provided to us, we may ask for additional details in order to identify other ways to be of assistance. In some instances, Northlake may also maintain a file containing contact history that is used for customer inquiry purposes. To help us better understand our markets, we may also gather information for analytical purposes by extracting demographic information from existing files.

Where permitted or required by applicable law or regulatory requirements, we may collect information about you without your knowledge or consent. 

Why we collect your personal information.

We collect your personal information so that we can communicate with you, process your application, and provide you with the services you have requested. Northlake also collects personal information to enable us to manage and develop our business and operations, including: 

  • to determine your ongoing financial, personal and professional situation;
  • to determine, on an ongoing basis, whether or not you meet our credit and other requirements;
  • to establish, maintain and manage our relationship with you, including to collect amounts owing by you to us;
  • to provide you with, or receive from you, the products and services that have been requested;
  • to be able to inform you about other products and services that may be of interest to you;
  • to be able to review the products and services that we provide to you so that we may understand your requirements for our products and services and so that we may work to improve our products and services;
  • to be able to review the products and services that we obtain from you so that we may work with you and so that you may understand our requirements for such products and services and work to improve the products and services that you provide to us;
  • to be able to comply with your requests (for example, preferred method of communication);
  • to protect you and us against error, fraud, theft and damage to our goods and property;
  • in the event of default under a Contract, to enable us to collect on any amounts owing under the Contract and take such further enforcement steps as are outlined in the Contract;
  • to enable us to comply with applicable law or regulatory requirements; and
  • any other reasonable purpose to which you consent. 

We may also use your personal information without your knowledge or consent where we are permitted or required by applicable law or regulatory requirements to do so.

Who we share your personal information with.

We may share personal information with our affiliated companies in order to meet legal, regulatory and compliance requirements, including relating to the detection and prevention of money laundering, terrorist financing, fraud and other unlawful activities.

We share your personal information with: (i) our employees, contractors, consultants and other parties (including affiliates) who require such information to assist us with establishing, maintaining and managing our relationship with you, including third parties that provide services to us or on our behalf; (ii) third parties that collaborate with Northlake in the provision of services to you; and (iii) third parties whose services we use to perform our services. These services may include mailing, call center, billing, payment processing, marketing, information technology and/or data hosting or processing services. Some of these third parties may be located outside of Canada and as a result, your personal information may be transferred, stored and processed outside of Canada for the purposes described in this Privacy Policy. While outside of Canada, personal information will be subject to applicable foreign laws, which may permit government, national security or regulatory authorities to access personal information in certain circumstances.

We may disclose your personal information on an ongoing basis to credit bureaus and credit reporting agencies for the purposes of maintaining your credit history. These organizations may also verify and ensure the completeness of the information, and share the information with local, provincial and national authorities in the investigation of unlawful or improper activities in order to protect you and us from fraudulent transactions.

We may share your personal information, including contact information and information about your payment history, with your automotive dealer so that the dealer may market new products or services to you. 

In addition, personal information may be disclosed or transferred to another party in the event of a change in ownership of or the grant of security in all or a part of Northlake through, for example, an asset sale, or some other form of business combination, merger or joint venture, provided that such party is bound by appropriate agreements or obligations and required to use or disclose your personal information in a manner consistent with the use and disclosure provisions of this Privacy Policy, unless you consent otherwise.

Further, your personal information may be disclosed:

  • as permitted or required by applicable law or to comply with regulatory requirements. In such a case, we will endeavor to not disclose more personal information than is required under the circumstances;
  • to comply with valid legal processes such as search warrants, subpoenas or court orders;
  • to protect the rights and property of Northlake, including to collect a debt that is owed to us;
  • during emergency situations or where necessary to protect the safety of a person or group of persons;
  • in the event of default under a Contract, to the appropriate government registries for the purpose of obtaining updated demographic information; or
  • with your consent. 
Your consent.

We collect, use or disclose your personal information with your consent, except where collection, use or disclosure without consent is permitted or required by law. Depending on the sensitivity of the personal information, your consent may be implied or expressed, or may be obtained using an opt-out mechanism.

Typically, we will seek your consent at the time that we collect your personal information. In certain circumstances, your consent may be obtained after collection but prior to our use or disclosure of your personal information. If we plan to use or disclose your personal information for a purpose not previously identified (either in this Privacy Policy or separately), we will endeavour to advise you of that purpose before such use or disclosure.

We assume that, unless you advise us otherwise, by receiving a copy of this Privacy Policy or by continuing to deal with us, you have consented to the collection, use and disclosure of your personal information as explained in this Privacy Policy.

As we have described above, we may collect, use or disclose your personal information without your knowledge or consent where we are permitted or required to do so by applicable law or regulatory requirements.

You may change or withdraw your consent at any time, subject to legal or contractual obligations and reasonable notice, by contacting our [Privacy Officer] using the contact information at the end of this Privacy Policy. For example, at any time you can withdraw your consent to our use or sharing of your personal information for marketing purposes. In some circumstances, a change in or withdrawal of consent may severely limit our ability to provide products or services to, or acquire products or services from, you.

In addition, we may have legal, regulatory or contractual obligations to collect, use or disclose certain of your personal information, in which case you may not withdraw your consent. For example, during the term of a Contract, you may not withdraw your consent to our ongoing collection, use or disclosure of your personal information in connection with the Contract you have with us. You also cannot refuse to consent to our collection, use and disclosure of personal information required by our regulators, including self-regulatory organizations.

All communications with respect to such withdrawal or variation of consent should be in writing and addressed to our [Privacy Officer]. We will act on your instructions as quickly as possible but there may be certain uses of your information that we may not be able to stop immediately.

Safeguarding your information.

Northlake endeavours to maintain physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal information in question. These safeguards are designed to prevent loss and unauthorized access, copying, use, modification or disclosure of personal information.  

Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Under some circumstances we may anonymize your personal information so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.

Online security.

When you visit the Northlake website, we do not collect information that could identify you personally unless you choose to provide it voluntarily. You are welcome to browse the website at any time without revealing any personal or financial information about yourself.

We endeavour to manage our server environment appropriately and to ensure firewall infrastructure is adhered to. Our security practices are reviewed on a regular basis and we endeavour to employ current technologies to protect the confidentiality and privacy of your information.

The Northlake website uses [Secure Socket Layer (SSL) technologies] to enhance security when you visit the secured areas of these sites. When you access your accounts or send information from secured areas of these sites, encryption will scramble your data into an unreadable format to inhibit unauthorized access by others. 

[To safeguard against unauthorized access to the Northlake website, you are required to “sign-on” to certain secured areas of the Northlake website using a user ID and a password. Both the user ID and password are encrypted when sent over the Internet.

The Northlake website may contain links to other third-party sites that are not governed by this Privacy Policy. Although we endeavour to only link to sites with high privacy standards, our Privacy Policy will no longer apply once you leave the Northlake website. Additionally, we are not responsible for the privacy practices employed by other third-party websites. Therefore, we suggest that you examine the privacy statements of those sites to learn how your information may be collected, used, shared and disclosed.

How to access and correct your personal information.

The file containing your personal information will be maintained on our servers or those of our service provider. At Northlake, decisions are made based on the information we have. Therefore, it is important that your personal information is as accurate, up to date, and complete as possible. To make a change to the personal contact information contained in your file, you may do one of the following:

  • use the various online options available within the Northlake Account Management Site to request updates;
  • call our account management department at 1-888-652-5320, where one of our account managers will be available to receive your request for a change in your personal contact information; or
  • send a facsimile to us 1-888–652-0030 to request a change in your personal contact information.

You can ask to see the personal information that we hold about you, or to make any corrections in that information. If you want to review, verify or correct your personal information, please contact our [Privacy Officer] using the contact information set out below. Please note that such communication must be in writing.

When requesting an amendment in, or access to, your personal information, please note that we may request specific information from you to enable us to confirm your identity and right to amend or access, as well as to search for and provide you with the personal information that we hold about you. We may charge you a reasonable fee to access your personal information; however, we will advise you of any fee in advance. If you require assistance in preparing your request, please contact the office of our [Privacy Officer].

Your right to access the personal information that we hold about you is not absolute. There are instances where we may not be able to provide you with access to your personal information, such as where your request includes personal information about a third party that cannot be removed, or when the information you are requesting is protected by legal privilege. In addition, the personal information may have been destroyed, erased or made anonymous in accordance with our record retention obligations and practices. In the event that we cannot provide you with access to your personal information, we will endeavour to inform you of the reasons why, subject to any legal or regulatory restrictions.

Northlake may charge you a nominal access fee depending on the nature of your request. We will advise you of the fee, if any, prior to proceeding with your request.

If you have a sensory disability, you may request that your personal information be made available in an alternative format.

Changes to our Privacy Policy.

This Privacy Policy may be updated or revised from time to time to reflect changes in our personal information practices. We will make reasonable efforts to notify you of any changes to this Privacy Policy, such as by posting the updated Privacy Policy on our website at https://northlakefinancial.ca/privacy-policy. By continuing to use our services after we post any such changes, you accept the Privacy Policy as modified. You may determine when this policy was last updated by referring to the modification date found at the beginning of this Privacy Policy.

Questions, concerns and complaints.

We welcome your questions, comments, and requests regarding this Privacy Policy and our privacy practices. If you have questions or concerns regarding our privacy policies and practices, please call us at 1-888-652-5320.

If you have a concern or complaint about privacy, confidentiality or the personal information handling practices of Northlake, our employees or service suppliers, please contact:

Northlake [Privacy Officer]
49 High Street, 3rd Floor
Barrie, Ontario L4N 5J4

Phone: 1-888-652-5320
Fax: 1-888-652-0030

Email: privacy.officer@northlakefinancial.ca