1. Who we are

North Shield Financial Corp (“North Shield Financial,” “we,” “us,” or “our”) is a licensed independent life insurance brokerage incorporated in Ontario and located in Newmarket, Ontario, Canada.

We are licensed by the Financial Services Regulatory Authority of Ontario (FSRA) — corporate licence #42656M — and we arrange life insurance and related products on behalf of our clients through Canadian insurers and managing general agencies (MGAs).

We are committed to protecting the privacy and confidentiality of your personal information in accordance with Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s Anti-Spam Legislation (CASL), and all applicable provincial privacy and insurance legislation.

2. Scope of this policy

This Privacy Policy applies to personal information we collect through our website (northshieldfinancial.ca and its quote and landing pages), by telephone, by email, by text message, through online advertising and forms, and in the course of providing insurance brokerage services to you.

By using our website, submitting a quote request, or otherwise providing your personal information to us, you acknowledge that you have read and understood this Privacy Policy.

3. Information we collect

The personal information we collect depends on the products and services you request. It may include:

Identification & contact information

• Full name, date of birth, gender, and age
• Home address, mailing address, and province of residence
• Telephone number(s) and email address

Insurance & eligibility information

• The type and amount of coverage you are seeking
• Tobacco/nicotine use and general lifestyle information
• Health information, medical history, and family medical history relevant to underwriting (collected only as needed to arrange coverage)
• Occupation, income, financial and beneficiary information where relevant to the product
• Existing insurance coverage and policy details

Transaction & service information

• Applications, quotes, policy numbers, and correspondence
• Payment and banking information where required to put coverage in force (collected by the insurer or through secure channels)
• Records of our communications with you, including call notes and recorded calls where applicable

Technical & online information

• IP address, browser type, device information, and operating system
• Pages visited, referring URLs, and how you interact with our website
• Cookies and similar identifiers, including advertising identifiers (see Sections 10 and 11)

4. How we collect your information

We collect personal information:

• Directly from you — when you complete a quote form, speak with an advisor, send an email or text, or submit an application;
• From our website and advertising — when you click one of our ads or interact with our online forms (including forms hosted on Facebook/Instagram and our own landing pages);
• From third parties with your consent — such as insurers, MGAs, physicians, and other parties involved in underwriting or servicing your coverage; and
• Automatically — through cookies, pixels, and analytics tools when you use our website.

5. Why we collect, use, and disclose your information

We collect, use, and disclose your personal information only for purposes a reasonable person would consider appropriate in the circumstances, including to:

• Provide you with insurance quotes and recommendations;
• Shop your application among insurers to find suitable coverage and competitive rates;
• Process applications, arrange underwriting, and put coverage in force;
• Service your policy and respond to your inquiries and requests;
• Communicate with you by phone, email, and text message about your inquiry and our products;
• Meet our legal, regulatory, and licensing obligations, including those of FSRA and the insurers we represent;
• Detect and prevent fraud, error, and unauthorized activity; and
• Improve our website, services, and marketing (using de-identified or aggregated data where possible).

6. Consent

We obtain your consent to collect, use, and disclose your personal information, except where the law permits or requires us to act without consent. Consent may be express (for example, when you submit a quote form or sign an application) or implied (for example, when you provide information for a service you have requested).

For sensitive information such as health and medical history, we obtain your express consent. You may withdraw your consent at any time, subject to legal and contractual restrictions and reasonable notice, by contacting our Privacy Officer (Section 22). Withdrawing consent may prevent us from arranging or servicing coverage for you.

7. Electronic communications & CASL

When you submit your information through our website or forms, you provide your express consent for North Shield Financial Corp and its licensed advisors to contact you by telephone, email, and text message (SMS) — including through automated dialing systems and pre-recorded or automated messages — at the phone number and email address you provide, for the purpose of discussing life insurance products and your inquiry.

Consent to receive such communications is not a condition of purchasing any product or service. Message and data rates may apply.

In compliance with Canada’s Anti-Spam Legislation (CASL), you may withdraw your consent and unsubscribe at any time by:

• Replying STOP to any text message;
• Clicking the unsubscribe link in any email; or
• Contacting us at 416-350-7727 or by email (Section 22).

We will action unsubscribe requests promptly and within the timeframes required by law.

8. Who we share your information with

We do not sell, rent, or trade your personal information. We share it only as necessary to provide the services you request and as permitted or required by law, including with:

• Insurers and managing general agencies (MGAs) — to obtain quotes, submit applications, complete underwriting, and put coverage in force;
• Service providers and processors — such as our customer relationship management (CRM), email, telephony, scheduling, and form/automation providers, who process data on our behalf under confidentiality and data-protection obligations;
• Professional advisors — such as auditors, lawyers, and compliance consultants, where required;
• Regulators and authorities — including FSRA, and as required by law, subpoena, court order, or to comply with legal and regulatory obligations; and
• Parties to a business transaction — in connection with a sale, merger, or reorganization of our business, subject to appropriate confidentiality protections.

9. Insurers & MGAs

As an independent brokerage, we work with multiple Canadian insurers and MGAs. When you apply for coverage, the personal information you provide (including health information relevant to underwriting) is shared with the applicable insurer and/or MGA so they can assess and issue your policy.

Those insurers and MGAs are independent organizations with their own privacy policies governing how they handle your information once it is in their care. We encourage you to review the privacy policy of any insurer with whom you place coverage.

10. Cookies & online tracking

Our website uses cookies and similar technologies (such as pixels and local identifiers) to operate the site, remember your preferences, measure performance, and support our advertising. Cookies may be:

• Strictly necessary — required for the website and forms to function;
• Analytics — to understand how visitors use our site so we can improve it; and
• Advertising — to measure and improve the relevance of our online ads.

You can control or disable cookies through your browser settings. Disabling certain cookies may affect how parts of our website function.

11. Meta (Facebook/Instagram), advertising & analytics

We advertise on Meta platforms (Facebook and Instagram) and use the Meta Pixel and Meta’s Conversions API on our website and landing pages. These tools allow us to:

• Measure the effectiveness of our advertising (for example, when a quote form is submitted);
• Understand which ads lead to inquiries; and
• Show relevant ads to people who may be interested in our services.

To do this, limited information — such as your interaction with our site, an event identifier, and technical identifiers (for example, browser/click identifiers and a hashed version of contact details where applicable) — may be shared with Meta. Meta processes this information in accordance with its own data policy. We also use customer-relationship and analytics tools (such as our CRM and automation providers) to manage inquiries and measure website performance.

You can manage ad personalization through your Meta account settings and your device or browser advertising controls. For more information about how Meta uses data, see Meta’s Privacy Policy at facebook.com/privacy/policy.

12. Where your data is stored & cross-border transfers

Your personal information is stored on our systems and with our service providers, some of which may be located in, or transfer data to, the United States or other countries outside Canada. Where information is processed outside of Canada, it may be subject to the laws of those jurisdictions, including lawful access by courts, law enforcement, and government authorities.

We take reasonable steps to ensure that service providers handling your information provide a comparable level of protection to that required under Canadian privacy law. You may contact our Privacy Officer for more information about our use of service providers located outside Canada.

13. How long we keep your information

We retain your personal information only as long as necessary to fulfill the purposes for which it was collected and to meet our legal, regulatory, insurance, and licensing obligations.

Client and policy records are generally retained for at least seven (7) years after the policy terminates or the client relationship ends, or longer where required by insurers, regulators, or applicable law. Quote inquiries that do not result in a policy are retained only as long as reasonably needed to service the inquiry and meet our compliance obligations.

When personal information is no longer required, we securely destroy, erase, or anonymize it.

14. How we protect your information

We maintain physical, organizational, and technological safeguards appropriate to the sensitivity of the information, including:

• Encryption of data in transit on our website and forms;
• Restricted access to personal information on a need-to-know basis;
• Confidentiality obligations for staff and service providers;
• Secure systems for storing and transmitting client information; and
• Ongoing review of our security practices.

While we take these measures seriously, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

15. Your rights & choices

Subject to applicable law, you have the right to:

• Know what personal information we hold about you and how it is used and disclosed;
• Access and request a copy of your personal information;
• Request correction of inaccurate or incomplete information;
• Withdraw your consent (subject to legal and contractual limits); and
• Unsubscribe from marketing communications at any time.

16. Accessing & correcting your information

To request access to, or correction of, your personal information, please contact our Privacy Officer (Section 22). We will respond to your request within the timeframe required by law (generally 30 days under PIPEDA). We may need to verify your identity before processing your request, and in limited circumstances permitted by law we may be unable to provide access to certain information.

17. Data breaches

In the event of a breach of security safeguards involving your personal information that creates a real risk of significant harm, we will notify you and the Office of the Privacy Commissioner of Canada (and any other authorities as required) in accordance with PIPEDA’s breach-reporting obligations, and we will keep records of breaches as required by law.

18. Children’s privacy

Our website and services are directed to adults. We do not knowingly collect personal information from individuals under the age of majority without the consent of a parent or legal guardian, except where a child is named as an insured or beneficiary in connection with a policy arranged by an adult.

19. Third-party links

Our website may contain links to third-party websites, including insurers and partners. We are not responsible for the privacy practices or content of those websites. We encourage you to review the privacy policy of any third-party site you visit.

20. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The “Last updated” date at the top of this page indicates when it was last revised. Material changes will be posted on this page, and your continued use of our website or services after changes are posted constitutes acceptance of the updated policy.

21. Questions & complaints

If you have a question or concern about how we handle your personal information, please contact our Privacy Officer first so we can address it. If you are not satisfied with our response, you have the right to contact the Office of the Privacy Commissioner of Canada:

• Website: priv.gc.ca
• Toll-free: 1-800-282-1376

For concerns specifically about our conduct as a licensed insurance brokerage, you may also contact the Financial Services Regulatory Authority of Ontario (FSRA) at fsrao.ca.

22. Contact our Privacy Officer

To exercise your rights, ask a question, or make a complaint about your personal information, contact: