Updated: October 3, 2023
Reviewed by: Fundserv Chief Privacy Officer
Reviewed: June 2023
Fundserv has established practices and procedures to ensure the protection of personal information. Specifically, Fundserv maintains policies, and procedures according to our obligations as per applicable privacy laws, including the Personal Information Protection and Electronic Documents Act (Canada) (“PIPEDA”).
What is personal information?
Personal information is information about you, which could be used to identify you directly or indirectly.
Personal information can include a name, contact information, health information, social insurance number, banking information, driver’s license number, health card number, passport information, financial transactions — basically any information about you.
Personal information typically does not include business contact information such as business address, business title, business email, business phone number – this also applies if you use your residence as your address for your business.
Fundserv is the indispensable connectivity hub for the Canadian investment industry. Headquartered in Toronto, we electronically connect Manufacturers, Distributors, and Intermediaries (our members), enabling them to buy, sell, and transfer investment funds. With more than 100 employees, Fundserv serves hundreds of members and provides online access to more than 95,000 investment fund products.
Fundserv processes data and transfers for members as a centralized data sharing hub, sending fund transaction information seamlessly between members. Members act as data controllers directing Fundserv, who acts as a data processor, to provide a platform and services for those members, who include Distributors, Intermediaries and Carrying Brokers, and Manufacturers.
Fundserv processes data on behalf of:
Distributors are financial institutions with advisors who buy, sell and transfer investment funds on behalf of investors. Through our network, they have access to products from more than 400 institutions who manufacture funds for the Canadian investment industry.
Intermediaries and Carrying Brokers:
Intermediaries and Carrying Brokers are organizations that offer services to Distributors who outsource management of certain accounts to other Distributors.
Manufacturers are investment fund companies that develop the products sold by Distributors in the Canadian investment industry. These organizations join Fundserv to make their products available to the more than 300 Distributors on the network.
What does this mean to me as an individual investor?
Fundserv acts as the intermediary between members to help flow financial transactions, facilitate money movement for financial transactions, flow account updates, and communicate transaction/account reconciliation files between members. You as the investor meet with a financial advisor to help you achieve your goals, like buying a house or retiring. Often the financial plan includes mutual funds. Transaction requests for mutual funds are sent from the financial advisor company to Fundserv and we route the order on to the appropriate fund company. We also support the moving of your money from your account to fund companies.
Does that mean Fundserv has copies of my investment information and access to my personal information?
Fundserv does not directly collect personal information from individual investors. Your personal information is submitted by members, i.e., your service provider, and is packaged in a file. Limited employees have access to this file to confirm that transactions have been processed correctly.
Fundserv generally retains a copy of your file for a period of less than 90 days. This is to confirm that transactions have been processed correctly.
Once your personal information has met its retention period, it will be securely destroyed or de-identified. Fundserv may retain de-identified information for business purposes; however, through a rigorous process, we ensure that the information cannot be used to re-identify you.
There may be circumstances required by law where Fundserv needs to keep your information for a longer period in accordance with our record retention policies.
How does Fundserv use personal information?
Fundserv uses data received from members, which may include personal information, to provide services to members. More specifically, we may use personal information to:
- Process transactions and enable the use of Services;
- Conduct audits, including of transactions and network activity;
- Provide technical support and respond to inquiries, including from members or individuals to whom information relates;
- Store data, which may include personal information, and keep records of our processing activities;
- Comply with any legal obligations that apply to Fundserv in connection with our Services and websites;
- Provide notices and updates about our services or send other communications that are relevant to the use of our services; and
- Protect members and individuals by enhancing our ability to detect and prevent fraud and potentially unlawful activities in connection with our services and to enforce our rights.
Does Fundserv share my personal information with third-party organizations?
There are limited circumstances where Fundserv may share your personal information with third parties. This includes:
- Situations where Fundserv is required or permitted by law to share the information, for example, in connection with a law enforcement investigation or under the authority of a court order or for other legal purposes.
- Disclosures to a regulatory agency, such as the Office of the Privacy Commissioner of Canada.
- Fundserv may use sub processors to use their third-party tools and expertise to operate or improve our services.
- Purposes related to insurance coverage.
- If Fundserv was ever in the process of being sold or experiencing a reorganization in the type of business that we perform.
How does Fundserv protect my personal information?
Fundserv uses a variety of industry standard technical, physical, and administrative safeguards to protect confidential information including personal information. Technical safeguards refer to network security protections like firewalls, physical safeguards refer to physical protections like locked doors and security cameras, and administrative safeguards refers to policies and procedures like mandatory training and password policies. All mobile devices are encrypted, and password protected. Fundserv limits access to personal information to only those employees who require access. All employees receive privacy training. There are policies and procedures which address confidentiality incidents, data protection, right of access and data retention. Fundserv completes an annual external audit to review our security/privacy policies, practices, and other safeguards.
I am a member of Fundserv. Where do I find information on Fundserv privacy practices?
In the Getting Started Package, you will find a copy of the Data Protection Schedule which provides information on privacy practices employed by Fundserv to protect member information and provides information on compliance with applicable privacy laws. Fundserv completes an annual external audit to review our security/privacy policies, practices, and other safeguards. As a member you may request a copy of the audit by contacting our Privacy Office email@example.com.
Who can I contact with privacy questions, comments, and concerns?
Please contact the Fundserv Privacy Office with any questions, concerns, or comments on our privacy practices.
To submit a request for any rights you may have under applicable privacy legislation, such as the right to request access to or correction of your personal information, please submit these requests to your service provider (Fundserv member). To discuss this process with Fundserv or receive clarification on where to submit your request, please contact our Privacy Office. We would be happy to assist.
Our offices are located:
Attn: Privacy Office
333 Bay St., Suite 2600
M5H 2R2 Canada
Updated: June 12, 2023
Reviewed by: Fundserv Chief Privacy Officer
Reviewed: June 2023
Cookies are a specific technology that store information between website visits. They are used in numerous ways, such as:
- supporting users to log into a website;
- analyzing website traffic; or
- tracking users’ browsing behaviour.
Cookies can be useful because they help a website remember information about your visit, which can both make it easier for you to visit the website again and make it more useful to you. Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the website owners. Without cookies, or any other similar method, websites would have no way to ‘remember’ anything about visitors, such as whether they are logged in or their language preference when navigating a website.
You can choose to have your computer warn you each time a cookie is being sent or you can choose to disable all cookies. You do this through your Internet browser (for example, Microsoft Edge or Chrome) settings. Most browsers are initially set up to accept cookies. Each browser is slightly different, therefore please check your browser’s Help menu to learn how to modify your cookie settings.
What are session and persistent cookies?
Cookies that expire at the end of a browser session (normally when a user exits their browser) are called session cookies. Cookies that can be stored for longer are called persistent cookies, such as if a login page ‘saves’ a username so that the visitor does not have to enter their username each time they interact with the login page.
What are first-party and third-party cookies?
Whether a cookie is first, or third party refers to the website or domain placing the cookie.
First-party cookies are set directly by the website the user is visiting, i.e., the URL displayed in the browser’s address bar.
Third-party cookies are set by a domain other than the one the user is visiting. This typically occurs when the website incorporates elements from other websites, such as images, social media plug-ins or advertising. When the browser or other software retrieves these elements from the other websites, it can set cookies as well.
What cookies does Fundserv use and how does Fundserv use these cookies?
The specific information that Fundserv uses from Google Analytics is:
- number of visitors to the fundserv.com Website
- session statistics, i.e., how long an individual spends on the fundserv.com Website
- approximate geolocation of the visitor
- browser and device information, i.e., whether the visitor is using a mobile or desktop and if they are using Chrome or Microsoft Edge
For more information, please visit the Google analytics support site.
The Fundserv Connect portal collects one persistent cookie for a period of one year. This is to ‘store’ the visitor’s username so that they do not have to enter their username each time they visit the portal. This is not a mandatory cookie.
Non-identifiable information collected from the Website may be disclosed to others where required or permitted by applicable law, for example if requested by a regulator, and may be permanently archived for future use.
Can I opt-out of cookies?
If you wish to opt-out of the use of Google Analytics, please visit Google Analytics Opt-out Browser Add-on.
You may choose to decline cookies if your browser permits, but doing so may affect your use of the Website and your ability to access certain features of the Website.
For any questions or concerns, please contact the Fundserv Privacy Office by email at firstname.lastname@example.org.
OneTrust. (2023). Cookie notice. OneTrust. Retrieved March 16, 2023, from https://www.onetrust.com/cookie-policy/