Introduction PensionCover (“PensionCover Insurance Services Ltd.,” “we,” “our,” “us”) is a Canadian digital platform that lets retirees and near-retirees compare, purchase, and manage life and supplemental health-care insurance tailored to later-life needs. This Privacy Policy explains how personal information is collected, used, retained, and disclosed when policy-holders, applicants, beneficiaries, brokers, or website visitors interact with pensioncover.ca, our mobile application, or any related customer-support channels.
Privacy Policy (collection, processing, storage)
• Information we collect
(a) Identity & contact — full name, mailing address, email, phone, preferred language, date of birth, government-issued ID, Social Insurance Number (for tax slips).
(b) Insurance application data — medical questionnaire answers, prescription history (with consent), lifestyle disclosures, beneficiary designations, existing policy details.
(c) Policy & claim records — coverage selection, premium payment schedule, claim forms, physician attestations, reimbursement receipts.
(d) Financial data — tokenised card reference, banking information for premium debits or claim payouts, GST/HST allocation, invoice history.
(e) Preference data — notification channels, paperless statement choice, product-update subscriptions.
(f) Technical telemetry — IP address, browser build, mobile OS, multi-factor authentication token, session duration, crash traces. (g) Support artefacts — chat transcripts, call recordings, secure-message threads.
• Purposes
– verify identity and assess eligibility under provincial insurance statutes;
– underwrite policies, calculate premiums, and issue electronic contracts;
– collect premiums, process claims, and deposit reimbursements;
– send renewal reminders, tax documents (T4A, RL-2), and security alerts;
– generate de-identified analytics that improve product pricing, fraud detection, and customer experience;
– investigate fraud, comply with the Insurance Companies Act, FINTRAC anti-money-laundering rules, and the Income Tax Act; – maintain archival records required by provincial insurance regulators.
• Retention Underwriting files and claim archives are retained for the longer of ten years after policy termination or the limitation period mandated by the applicable province. Tax slips are stored for a minimum of seven years. Encrypted backups purge on a 35-day rolling cycle.
• Access & correction
Policy-holders or their authorised representatives may review or amend personal information at any time via Dashboard → Profile or by emailing privacy@pensioncover.ca. Health data supplied by physicians can be corrected only through an updated medical statement.
• Consent Express consent is obtained when you complete an application, authorise a medical release, enrol a payment method, or name a beneficiary. Implied consent applies to operational and security logs essential for service integrity. Withdrawal of consent may prevent us from administering coverage; we outline consequences before fulfilling such requests.
• Accountability A designated Privacy Officer conducts annual compliance audits, oversees employee privacy training, and responds to written inquiries within 30 days.
GDPR (where applicable)
Although PensionCover serves Canada, some customers or beneficiaries may reside in the European Economic Area (EEA). When the EU General Data Protection Regulation applies, we act as controller for profile and billing data and processor for health documents you provide. Processing bases: performance of a contract (Art. 6 (1)(b)), legitimate interest in risk management and fraud prevention (Art. 6 (1)(f)), and legal obligation (Art. 6 (1)(c)). EEA residents may exercise rights to access, rectify, erase, restrict, port, or object via dpo@pensioncover.ca and may lodge complaints with their supervisory authority.
Cookie Policy
4.1. Types of cookies
• Essential — session tokens, CSRF guards, load-balancer cookies that secure login and claims-submission flows.
• Preference — stores language, font size, high-contrast mode, and default dashboard tab.
• Analytics — first-party Matomo cookies with IP truncation that measure page latency and feature adoption. • Marketing — optional cookies announcing new riders or partner pharmacy discounts; never shared with third-party ad networks.
4.2. How to disable cookies
Most browsers allow you to block or delete cookies. Essential cookies are required for account access; disabling them prevents login. Preference and analytics cookies can be declined via our banner or by enabling “Do Not Track.” Marketing cookies load only after explicit opt-in and can be turned off under Account → Privacy.
Transfer to third parties
We do not sell personal information. Limited disclosures occur only to:
• Canadian cloud hosts operating encrypted servers in Toronto and Calgary;
• PCI-DSS Level 1 payment processors and Schedule I banks;
• Licensed reinsurers, medical-information bureaus, and healthcare providers involved in underwriting or claims (limited to necessary fields);
• Canada Revenue Agency and Revenu Québec for tax-reporting slips;
• Legal counsel, regulators, or courts when compelled by law or to defend claims;
• Law-enforcement agencies where disclosure is necessary to investigate fraud or protect public safety. All vendors sign Data Processing Agreements imposing safeguards equal to PIPEDA and, where relevant, EU Standard Contractual Clauses.
Data-security measures
• AES-256-GCM encryption at rest with tenant-scoped keys stored in FIPS 140-2 Level 3 Hardware Security Modules.
• TLS 1.3 with Perfect Forward Secrecy for data in transit.
• Zero-trust segmentation isolating each policy-holder vault.
• Role-based access control enforced by hardware-backed multi-factor authentication.
• Hourly incremental and nightly full backups replicated across two Canadian regions (RPO 15 min, RTO 4 h).
• Continuous vulnerability scanning, quarterly penetration tests, and annual SOC 2 Type II audit. • Incident-response plan that notifies affected users within 72 hours of a confirmed breach and provides remediation updates.
Effective Date This Privacy Policy is effective as of 20 June 2025 and supersedes all previous versions. Material updates will be announced by e-mail and in-app notice at least 30 days before enforcement.