Privacy Policy | Honeybee Benefits

PRIVACY POLICY

PHILOSOPHY SURROUNDING PRIVACY
We, at GreenShield Administration, value the trust that you have shown in our business and we
are committed to maintaining the accuracy, confidentiality, and security of your personal
information. To that end, we have adopted this privacy policy.
This policy explains how GreenShield Administration collects, uses, discloses and safeguards
the personal information provided to us either directly by you or by a third party.
By providing, or authorizing a third party to provide, your personal information to us, you signify
your consent to GreenShield Administration’s collection, use and disclosure of your personal
information in accordance with this privacy policy.
For purposes of this privacy policy, “personal information” shall mean any information that can
identify an individual directly or through other reasonably available means.
As part of our commitment to treat your personal information with respect, we operate in
accordance with the following ten principles (the “Principles”):

Principle 1 – Accountability
Principle 2 – Identifying Purposes
Principle 3 – Consent
Principle 4 – Limiting Collection
Principle 5 – Limiting Use, Disclosure and Retention
Principle 6 – Accuracy
Principle 7 – Safeguards
Principle 8 – Openness
Principle 9 – Individual Access
Principle 10 – Handling Complaints and Inquiries
Page 1 of 10
PRINCIPLE 1 – ACCOUNTABILITY
We are responsible for personal information in our possession or custody, including personal
information that we may transfer to third parties for processing. The overall responsibility for
ensuring our compliance with data privacy laws and this privacy policy rests with the Executive
Vice President, who is our Privacy Officer, although other individuals within GreenShield
Administration have responsibility for the day-to-day collection and processing of personal
information and may be delegated to act on behalf of the Privacy Officer. Please see below for
the contact information of our Privacy Officer.
PRINCIPLE 2 – IDENTIFYING PURPOSES
The purposes for which personal information is collected by us will be identified to you before or
at the time the information is collected.
PRINCIPLE 3 – CONSENT
Personal information will only be collected, used, or disclosed with the consent of the individual,
except in certain circumstances permitted or required by law. The way in which we seek
consent may vary depending upon the sensitivity of the information. We will seek express
consent in cases where the personal information involved is considered sensitive, such as
income or health information.
Typically, we will seek consent for the use or disclosure of personal information at the time of
collection. However, additional consent will be sought after the personal information has been
collected, if it is required for a new purpose.
In certain circumstances, obtaining consent would be inappropriate. The federal Personal
Information Protection and Electronic Documents Act and provincial privacy laws provide for
exceptions where it is impossible or impractical to obtain consent.
PRINCIPLE 4 – LIMITING COLLECTION
The personal information collected by us shall be limited to those details necessary for the
purposes identified to you.
Page 2 of 10
PRINCIPLE 5 – LIMITING USE, DISCLOSURE AND RETENTION
We will not use or disclose personal information for purposes other than those for which it was
collected, except with the consent of the individual or as required or permitted by law. Subject
to any applicable business, legal, or regulatory requirements, we will ensure that the personal
information is destroyed in a secure manner, erased, or made anonymous when it is no longer
required to fulfil the purposes we have identified to you.
PRINCIPLE 6 – ACCURACY
We shall make every reasonable effort to ensure your personal information is maintained in an
accurate, complete and up-to-date form.
PRINCIPLE 7 – SAFEGUARDS
We shall utilize industry standard security safeguards to protect your personal information.
PRINCIPLE 8 – OPENNESS
If you would like a copy of our privacy policy we will provide one to you and if you have any
questions regarding same, we happy to discuss them with you.
PRINCIPLE 9 – INDIVIDUAL ACCESS
Upon your request, we shall inform you of (i) the type of personal information we have
collected, (ii) how we have used your personal information, and (iii) whether we have disclosed
your personal information to any third parties. Individuals may verify the accuracy and
completeness of their personal information, and may request that it be amended, if appropriate.
There may be circumstances where we are unable to provide access to all of your personal
information. We may deny access for legally permissible reasons, such as situations where the
information contains references to other individuals and is not reasonably severable, or where it
cannot be disclosed for legal, security, or commercial proprietary reasons. We will advise the
individual of any reason for denying an access request.
When an individual successfully demonstrates the inaccuracy or incompleteness of personal
information held by us, we will correct or update the information as required.
Please note that before we are able to provide you with any information or correct any
inaccuracies we will ask you to verify your identity and to provide other details to help us to
respond to your request.
Page 3 of 10
PRINCIPLE 10 – HANDLING COMPLAINTS AND INQUIRIES
Individuals may direct any questions or inquiries with respect to the Principles or about our
information handling practices by contacting:
GreenShield Administration Inc.
Privacy Officer
185 The West Mall, Suite 800
Etobicoke, ON M9C 5L5
Phone:1 (877) 797-7448 ext. 7400
Fax: 1 (416) 622-5312
Email: privacy@benecaid.com
SPECIFIC HANDLING PRACTICES
WHY WE GATHER PERSONAL INFORMATION:
At GreenShield Administration, we gather and use personal information to:
administer, arrange and maintain the products and services you may request;
authenticate, process and adjudicate (make determinations) benefit claims;
verify your identity and investigate your personal background for insurance purposes;
evaluate and underwrite insurance risk, and to determine your eligibility for insurance and
non-insurance products that we offer;
understand our customers, and prospective customers’ needs, and to offer products and
services to meet those needs;
conduct credit checks on prospective corporate customers (but not individuals) and meet
legal requirements;
communicate with you and respond to any special needs or enquiries you may have;
provide you with offers or information about other products and services that might
benefit you;
provide you with marketing offers from our third-party partners;
allow our third-party partners to contact you with marketing offers about employee
benefits;
help us better manage our business and your relationship with us;
de-identify your information and use it to compile statistics;
investigate and detect potentially fraudulent or questionable activities regarding your
benefit plan(s);
evaluate or complete an actual or potential sale, reorganization, consolidation, merger or
amalgamation of our business;
coordinate with your employer to set up, change or administer your employee benefit
plan;
Page 4 of 10
work with industry partners to underwrite, adjudicate or insure our suite of products;
use as required or permitted by law.
Some or all of the personal information we collect may be stored or processed in jurisdictions
outside of Canada. As a result, this information may be subject to access requests from
governments, courts, or law enforcement in those jurisdictions according to laws in those
jurisdictions. We only use personal information for the purposes that we have disclosed to you.
If for any reason your information is required to fulfill a different purpose, we will obtain your
consent before we proceed.
TYPES OF INFORMATION WE COLLECT:
The type of personal information we may ask for depends on and is related to the reason (or
purpose) such personal information was provided to us. For instance, for the purposes of
managing your Health Spending Account, we will collect information in respect of, and for the
purposes, of processing your claim. In addition to the foregoing, the following is a description of
the type of personal information that we may ask for:
name;
telephone number;
residential address;
email address;
date of birth;
employer name;
details about your occupation;
date, time, frequency and details in respect of claims made for medical or other benefit
appointments;
prescription information;
banking and bank account information;
information with respect to dependents covered by your employer’s benefit plan;
pre-existing medical conditions as they relate to products being purchased;
chat and messaging transcripts when you use our instant chat applications; and
information related to your browsing, purchasing and online behaviour and activities (see
our policy on How We Collect Information Through Technological Means below).
The choice to provide us with your personal information, either directly or through a third
party, is always yours. However, your decision to withhold particular information may limit our
ability to provide you with the services or products you requested.
Page 5 of 10
HOW WE COLLECT SUCH PERSONAL INFORMATION:
We may gather such personal information from you in person, via the Internet, via email,
over the telephone or by corresponding with you via mail, facsimile, or from third parties
who have your authority to disclose such personal information to us such as:
government agencies and registries, law enforcement authorities and public records;
any healthcare professional, medically-related facility, pharmacy, insurance company, or
other person who has knowledge of your information;
your employer;
other insurance companies;
other third-party service providers, agents, brokers and other organizations with whom
you make arrangements;
references you have provided; and
persons authorized to act on your behalf under a power of attorney or other legal
authority.
WHILE WE TRY TO ENSURE THAT EVERY THIRD PARTY WHO DISCLOSES PERSONAL
INFORMATION TO US HAS YOUR CONSENT TO DO SO, IF YOU BELIEVE THAT A THIRD
PARTY HAS INAPPROPRIATELY DISCLOSED YOUR PERSONAL INFORMATION TO US,
PLEASE CONTACT THAT THIRD PARTY. IF THEY DO NOT ADEQUATELY RESPOND TO YOUR
INQUIRIES, PLEASE LET US KNOW IMMEDIATELY.
For purposes of maintaining quality service, calls to our customer service lines may be
recorded. A recorded message given prior to your call being answered will let you know if your
call may be the subject of our random call recording quality assurance program.
HOW WE COLLECT INFORMATION THROUGH TECHNOLOGICAL MEANS
When you visit GreenShield Administration’s websites, we may collect information that is
automatically to us by your web browser. This information may include your domain name,
and your numerical IP address. We may also collect other information, such as the type of
browser you use, which pages you view, and the files you request.
We use this information to better understand how visitors use our websites, and to improve our
websites to better meet your needs. The amount of information that is sent by your web
browser depends on the browser and settings you use. Please refer to the instructions
provided by your browser if you want to learn more about what information it sends to websites
you visit, or how you may change or restrict this.
GreenShield Administration may use “cookies” and other similar devices on its websites to
enhance functionality and provide more relevant offers for products and services. These
devices may track information which includes, but is not limited to: (i) IP address; (ii) the type of
web browser and operating system used; (iii) the pages of the website visited. If you wish to
disable cookies, refer to your browser help menu to learn how. If you disable cookies, you may
be unable to access some features on GreenShield Administration’s websites.
Page 6 of 10
USE OF SITE BY MINORS
Our websites are not directed to individuals under the age of 18, and we request that these
individuals do not provide personal information through our website.
WHEN INFORMATION MAY BE DISCLOSED TO OUTSIDE PARTIES:
We may disclose your personal information to third parties as follows:
to other insurance companies, other financial institutions and health organizations;
to any health-care professional, medically-related facility, insurance company or other
person who has knowledge of your personal Information;
to administrators, service providers, reinsurers and prospective insurers and reinsurers of
our insurance operations, as well as their administrators and service providers for these
purposes;
in response to a court order, search warrant or other demand or request, which we
believe to be valid;
to meet requests for information from regulators, including self-regulatory organizations of
which we are a member or participant, to satisfy legal and regulatory requirements
applicable to us;
to appropriate public health authorities.
to our employees, suppliers, agents and other organizations that perform services for you
or for us or on our behalf;
when we buy or sell all or part of our businesses or when considering such transactions;
to help us collect a debt or enforce an obligation owed to us by you; and
to our third-party insurance and non-insurance partners, who wish to provide you with
marketing offers and emails about employee benefits that may be available to you;
to our third-party insurance and non-insurance partners whose plans or programs you
may have enrolled in, for the purposes of administering those plans;
where permitted by law.
In the event we disclose personal information to our service providers, we require our service
providers to agree to contractual requirements that are consistent with applicable privacy laws.
We prohibit our service providers from using personal information, except for the specific
purpose for which we supply it to them.
The type of information we are legally required to disclose may relate to criminal investigations
or government tax reporting requirements. In some instances such as a legal proceeding or
court order, we may also be required to disclose certain information to authorities. Only the
information specifically requested is disclosed and we take precautions to satisfy ourselves that
the authorities that are making the request have legitimate grounds to do so.
There are some situations where we are legally permitted to disclose personal information such
as employing reasonable and legal methods to enforce our rights or to investigate suspicion of
illegal activities.
Page 9 of 10
Page 7 of 10
HOW WE SAFEGUARD YOUR INFORMATION:
We use industry standard technologies and maintain current security standards to ensure that
your personal information is protected against unauthorized access, disclosure, inappropriate
alteration or misuse.
Electronic files which contain personal information are kept in a highly secured environment
with restricted access. Paper-based files are stored in a secure area and access is also
restricted.
We manage our server environment appropriately and our firewall infrastructure is strictly
adhered to. Our security practices are reviewed on a regular basis and we routinely employ
current technologies to ensure that the confidentiality and privacy of your information is not
compromised.
Our web site uses Secure Socket Layer (SSL) and 128 bit encryption technologies to enhance
security when you visit the secured areas of these sites. SSL is the industry standard tool for
protecting and maintaining the security of message transmissions over the Internet. When you
access your account(s) or send information from secured sites, encryption will scramble your
data into an unreadable format to inhibit unauthorized access by others.
To safeguard against unauthorized access to your account(s), you are required to “login” with a
user name and a password to certain secured areas of the GreenShield Administration web
site. Both user id and password are encrypted when sent over the Internet. If you are unable to
provide the correct password, you will not be able to access these sections.
When you call our customer service centre you will be required to verify your identity by
providing some personally identifying information as well as your group number and client id.
In the course of daily operations, access to private, sensitive and confidential information is
restricted to authorized employees who have a legitimate business purpose and reason for
accessing it. For example, when you call us, our designated employees will access your
personal information to verify who you are and to assist you in fulfilling your requests.
As a condition of their employment, all employees of GreenShield Administration are required to
abide by the privacy standards we have established. Employees are informed about the
importance of privacy and they are required to agree to standard business practice policies
that prohibit the disclosure of any individual’s information to unauthorized individuals or parties.
Unauthorized access to and/or disclosure of personal information by an employee of
GreenShield Administration is strictly prohibited. All employees are expected to maintain the
confidentiality of personal information at all times and failing to do so will result in appropriate
disciplinary measures, which may include dismissal.
Page 8 of 10
ACCESSING AND AMENDING YOUR INFORMATION:
You have the right to access, verify and amend the information held in your personal files. You
may access and verify any of your information by calling our customer contact centre at 1 (877)
797-7448.
To help us keep your personal information up-to-date, we encourage you to amend inaccuracies
and make corrections as often as necessary. Despite our efforts, errors sometimes do occur.
Should you identify any incorrect or out-of-date information in your file(s), we will make the
proper changes. Where appropriate, we will communicate these changes to other parties who
may have unintentionally received incorrect information from us.
QUESTIONS, CONCERNS AND COMPLAINTS:
If you have a question, concern or complaint about privacy, confidentiality or the personal
information handling practices of GreenShield Administration, our employees or service
suppliers, please contact:
GreenShield Administration Inc.
Privacy Officer
185 The West Mall, Suite 800
Etobicoke, ON M9C 5L5
Phone:1 (877) 797-7448 ext. 7400
Fax: 1 (416) 622-5312
Email: privacy@benecaid.com
Before GreenShield Administration is able to provide you with any information or correct any
inaccuracies, we may ask you to verify your identity and to provide other details to help us to
respond to your request. We will endeavor to respond within an appropriate timeframe.
UPDATING THIS PRIVACY POLICY
Any changes to our privacy policy and personal information handling practices will be
acknowledged in this policy in a timely manner. We may add, modify or remove portions of this
policy when we feel it is appropriate to do so. You may determine when this policy was last
updated by referring to the modification date found at the bottom of this privacy policy. Your
continued use of our websites after any such changes constitutes your acceptance of this
privacy policy, as revised.
Page 9 of 10
WEBSITES GOVERNED BY THIS PRIVACY POLICY:
The websites and applications that are governed by the provisions and practices stated in this
privacy policy are: www.benecaid.com, www.accessbenecaid.com,
www.myhoneybee.com, www.honeybeebenefits.com, the honeybee and benecaid mobile apps
that may be in place from time-to-time, and any other websites and mobile applications operated
by GreenShield Administration.
The GreenShield Administration websites may contain links to other third party sites that are not
governed by this privacy policy. Although we endeavor to link only to sites with high privacy
standards, our privacy policy will no longer apply once you leave the Benecaid website.
Additionally, we are not responsible for the privacy practices employed by other third party
websites. Therefore, we suggest that you examine the privacy statements of those sites to learn
how your information may be collected, used, shared and disclosed.
GOVERNING LAW AND DISPUTE RESOLUTION
This privacy policy, and all related matters are governed solely by the laws of the Ontario,
Canada and applicable federal laws of Canada, excluding any rules of private international law
or the conflict of laws which would lead to the application of any other laws.
Any claim or cause of action you may have arising from, connected with, or relating to this
privacy policy or GreenShield Administration’s handling of your personal information, or any
related matters must be commenced within six months after the claim or cause of action arises,
after which time the claim or cause of action is forever barred, regardless of any statute or law
to the contrary.