Skip to main content
 

Privacy

PURPOSE

To protect the interests of those who do business with ABCU from any unauthorized use of personal information, which members have made available while conducting their business with ABCU.

POLICY STATEMENTS

ABCU enforces strict compliance with the confidentiality requirements as per its Code of Conduct.

RESPONSIBILITY:

Ultimate accountability for ABCU's compliance with the policy statements rests with ABCU's Board of Directors.

Management, through the Privacy Officer, is responsible for the day-to-day accountability, implementation of, and compliance with this policy, including, but not limited to:

  • Ensuring policy and procedures remain relevant;
  • On-going compliance monitoring;
  • On-going staff training and mentoring;
  • On-going member communication;
  • Complaints processing and dispute resolution;
  • Required reporting;
  • Review of Service Provider and third-party contracts
  • Review of ABCU facilities and other access points such as data systems, computers, internet, and waste disposal
  • Recommend changes to policy.

This policy will be reviewed at least annually or as required.

Nothing in this policy is intended to prohibit the proper and responsible use of information given with consent, for the purposes of enhancing services or delivering services to members. This policy does not diminish ABCU's need to make fully informed decisions about the services it provides or persons to whom services may be provided. This policy does not authorize the taking of any business risks without all information needed to support prudent decisions.

MONITORING AND REPORTING:

The Privacy Officer will maintain a record of any member privacy complaints and the resolution of such complaints.

The Privacy Officer will report to Management any concerns relating to compliance of the Code principles or policies, and if necessary, such issues may be forwarded on to the Board.

On a frequency no less than annual, Management, through the Privacy Officer, will report to the Board on compliance with this policy.

ABCU Credit Union Ltd. (ABCU)

Code for the Protection of Personal Information

  1. Accountability

ABCU is accountable for all personal information in its control. ABCU will designate one or more persons to be accountable for compliance with this privacy code.

1.1 Ultimate accountability for ABCU’s compliance with the principals rests with the ABCU Board of Directors, who delegates day-to-day accountability to the Privacy Officer or persons within ABCU that may be accountable for the day-to-day collection and processing of personal information, or to act on behalf of the designated individual.

1.2 ABCU will identify to staff and to members the person (persons) who is (are) responsible for the day-to-day procedures of compliance (see also 8.2).

1.3 ABCU accepts responsibility for personal information that has been disclosed to a third party in order to deliver a product or service. ABCU will safeguard the privacy of this personal information through a contract or other means with the third party.

1.4 To practice the principles of this privacy code, ABCU will:
    • Establish day to day procedures to protect the privacy of personal information,
    • Receive and respond to members' questions,
    • Train staff to understand and follow privacy procedures, and
    • Oversee compliance with an annual review of procedures.
  1. Identifying Purposes
ABCU will identify the purposes of collecting personal information, before or when the member provides it.
 
2.1 ABCU will document the purposes for which personal information is collected prior to the information being collected.
 
2.2 ABCU will ensure that the member information is readily available to the member (see 2.4) disclosing the purposes for which personal information is collected, including use by third parties.
 
2.3 ABCU will collect and use personal information for the following purposes:
    • To meet regulatory and legal requirements
    • To establish your identification
    • To protect you from illegal activity
    • To determine the suitability of products and services to you, and your eligibility for products and services (including determining your eligibility for credit on an ongoing basis with other credit suppliers and credit reporting agencies). When we request your credit report, either to make credit decisions or update your information, using your SIN is the best way to ensure that the information we have received actually refers to you, and not to someone else. If you choose to limit the use of your SIN to income tax reporting purposes only, it will not prevent you from accessing credit or other services. Providing your SIN for purposes other than income tax reporting is voluntary.
    • To operate and administer products and services, which you have requested, including providing information to related services providers involved in the operation and administration of those services on behalf of us.
    • To provide you with information or advice on products and services that may be of interest to you (whether you currently have a product or service with us.)
    • To conduct research to assist us in designing products and services, and determining products and services that may be of interest to you, and to obtain your feedback on current products and services.
    • To disclose information to third parties in connection with the ongoing management of our assets, and the further subsequent collection, use or disclosure of that information by those third parties and any of their agents or, assignees for the purposes of managing those assets.
    • To provide ombudsman or mediation services to address concerns with ABCU products or services raised by you.
2.4 The identified purpose should be communicated directly to the member from whom personal information is being collected. This can be done orally, electronically, or in writing.
 
2.5 When personal information that has been collected is to be used for a purpose not previously identified, the new purpose shall be identified and the member's consent will be received before the information is used. If the new use is required by law the member's consent will not be required.

  1. Consent
The knowledge and consent of the member is required for the collection, use, or disclosure of personal information except where inappropriate.
Note: In certain circumstances personal information may be collected, used, or disclosed without the knowledge or consent of the Member. These circumstances include, but are not limited to:
    • Where clearly in the interests of the Member and consent cannot be obtained in a timely way;
    • To avoid compromising information availability or accuracy and if reasonable to investigate a breach of an agreement or a contravention of the laws of Canada or a province;
    • Where the information is considered by law to be publicly available;
    • To act in respect of an emergency that threatens the life, health or security of a Member;
    • To investigate an offence under the laws of Canada, a threat to Canada's security, to comply with a subpoena, warrant or court order, or rules of court relating to the production of records, or otherwise as required by law.
    • Collecting a debt
3.1 At the time ABCU collects personal information, the member's consent will be required before or when the personal information is collected, used, or disclosed.
 
Sometimes ABCU may seek consent to use and disclose personal information after it has been collected. This can happen when ABCU wants to use the information for a purpose that was not previously identified to the member.
ABCU may choose to collect, use, or disclose personal information without the member's consent for the collection of overdue accounts, legal or security reasons.
 
3.2 ABCU will make a reasonable effort to communicate the purpose for collecting, using and disclosing information in a clear and understandable way so as not to deceive. ABCU will explain to members how personal information will be used or disclosed before consent is received.
 
3.3 ABCU may not, as a condition of the supply of a product or service, require a member to consent to the collection, use, or disclosure of information beyond that required to fulfill explicitly specified and legitimate purposes.
 
3.4 In determining the form of consent to use, ABCU will take into account the sensitivity of the information. Although some information (for example, medical and financial records) is almost always considered to be sensitive, any information can be sensitive depending on the context. Members can give consent:
    • In writing, such as when completing and signing an application;
    • Through inaction, such as failing to check a box indicating that they do not wish their names and addresses to be used for optional purposes;
    • Orally, such as when information is collected over the telephone or in person;
    • at the time they use a product or service; and
    • Through an authorized representative (such as a legal guardian or a person having power of attorney).
3.5 ABCU may collect, use, or disclose personal information without the knowledge and consent of the member when legal, security, or certain processing reasons make it impossible or impractical to get this consent. For example:
    • Consent will not be obtained when personal information is collected, used or disclosed to:
    • Detect and prevent fraud,
    • Collect overdue accounts,
    • Comply with the law.
    • Consent may not be possible or appropriate when the member is a minor, seriously ill, or mentally incapacitated
    • Consent will not be obtained, and will be implied when personal information is given to suppliers or agents of ABCU who need it to carry out functions that would reasonably be expected to be required in connection with a service. For example; processing functions, such as data processing or printing of cheques and credit cards.
    • When ABCU obtains customer lists from another organization, ABCU will assume that the organization providing the personal information obtained the consent of persons who appear on the list before disclosing it to ABCU.
3.6 Subject to legal and contractual restrictions on ABCU, members can withdraw consent to the use or disclosure of information for a particular purpose at any time as long as:
    • Reasonable notice of the withdrawal is given to ABCU in writing,
    • Consent does not relate to a credit product when ABCU must collect and report information after credit has been granted.
      ABCU will let the member know the consequences of withdrawing consent when members seek to do so. Withdrawing consent to collect, use, or disclose personal information could mean that ABCU cannot provide the member with some product, service, information of value, or even continued membership.
  1. Limiting Collection

ABCU will limit the amount and type of personal information that is collected to the purposes already identified to the member. ABCU will collect personal information using procedures that are fair and lawful.

4.1 ABCU will collect only the amount and type of information needed for the purposes identified to the member, in accordance with ABCU's policies and procedures.

4.2 ABCU will collect personal information by fair and lawful means, and not by misleading or deceiving members about the purpose for which information is being collected.

  1. Limiting Use, Disclosure, and Retention

ABCU will use or disclose personal information only for the purposes it was collected, unless a member gives consent to use or disclose it for another purpose or as required by law.

ABCU will keep personal information only as long as necessary for the identified purposes or as required by law.


5.1 ABCU may disclose personal information without consent when required by law. For example:

    • Subpoenas,
    • Search warrants,
    • Other court and government orders,
    • Demands from other parties who have a legal right to personal information.

5.2 In these circumstances, ABCU will protect the interests of members by taking precautionary steps to ensure that:

    • Orders or demands appear to comply with the laws under which they were issued,
    • Only the personal information that is legally required is disclosed, and nothing more,
    • ABCU will not comply with casual requests for personal information from government or law enforcement authorities,
    • Personal information is not disclosed to unrelated third-party suppliers of non-financial services.

ABCU may notify members that an order has been received, if the law allows it. (Notification may be by telephone or by letter to the member's address on file or any other means that ABCU deems appropriate in the given circumstance).

5.3 Health records will only be collected to verify authority of trust representatives (account Management), for credit application purposes and credit related insurance sales. Health records will not be disclosed to, or received from any other unrelated organization.

5.4 ABCU policies and procedures will specify the shortest and longest periods of time it will keep personal information. Some of these time periods may be determined by legislation. If personal information has been used to make a decision about a member, the personal information will be kept long enough for the member to have access to it after the decision has been made.

5.5 ABCU will destroy, erase, or make anonymous any personal information no longer needed for its identified purposes or for legal requirements. ABCU will develop guidelines and implement procedures to govern the destruction of personal information.

  1. Accuracy

ABCU will keep personal information as accurate, complete, and up to date as necessary for the purposes for which it is to be used.

6.1 The extent to which personal information will be accurate, complete, and up-to-date will depend upon the use of the information taking into account the interests of the member. ABCU will rely on the member to keep certain personal information accurate, complete and current, such as name and address.

6.2 ABCU will not routinely/automatically update personal information unless updating is necessary for the purposes for which the information is used.

6.3 Personal information that is used on an ongoing basis, including information that is disclosed to third parties, will generally be accurate and up-to-date.

  1. Safeguard Personal Information

ABCU will protect member's personal information with safeguards appropriate to the sensitivity of the information.

7.1 ABCU will safeguard personal information from loss or theft and from unauthorized access, disclosure, copying, use or modification. Appropriate safeguards will be applied regardless of the format in which that information is held.

7.2 ABCU safeguards will vary depending on the sensitivity, amount, distribution, format, and storage of the personal information. The highest level of protection will be given to the most sensitive personal information.

7.3 Personal information will be safeguarded through appropriate security measures. For example:

    • Physical security, such as secure locks on filing cabinets and restricted access to offices,
    • Organizational security, such as controlled entry in data centres and limited access to relevant information on a "need to know" basis,
    • Electronic security, such as passwords, personal identification numbers and encryption.
    • Investigative measures, in cases where ABCU has reasonable grounds to believe that personal information is being inappropriately collected, used or disclosed.

7.4 Employees, directors and officers will be regularly informed about ABCU's policies and procedures for protecting member personal information and will emphasize the importance of complying with them. Employees and directors will be required to sign an oath of ethical conduct annually including commitment to keep member's personal information in strict confidence.

7.5 ABCU may disclose personal information to third parties for example; printing cheques, data processing services, collection, credit bureau reports, or for the supply of other goods and services. ABCU will require that these third parties safeguard all personal information in a way that is consistent with safeguards ABCU would apply to personal information in their control.

7.6 ABCU will use care when disposing of, or destroying personal information, to prevent unauthorized access to the information.

7.7 ABCU will not disclose any information pertaining to a member’s relationship with them on voice mail. Further, any texting or emailing between ABCU and the members must be authorized by the member and consent and disclosure parameters documented and authorized.

  1. Openness

ABCU will make the policies and procedures used to manage personal information readily available.

8.1 ABCU will make available to members information about the policies and procedures used to protect privacy in accordance with this code. ABCU will make available copies of this privacy code.

8.2 The privacy information made available will include:

    • The title and office address of the person (persons) in ABCU who is (are) responsible for protecting the privacy of members' personal information, so members know where to address complaints and questions,
    • How to access member personal information held by ABCU, to review its accuracy,
    • What type of personal information is controlled by ABCU and its use,
    • The personal information disclosed to subsidiaries, affiliates, or other suppliers of ABCU,
    • A copy of any brochures or information that explains ABCU's policies, procedures, standards, or codes.\

8.3 ABCU may make information about its privacy policies and procedures available in a variety of ways, depending on the nature of the service members are using and the sensitivity of the personal information. For example, ABCU may make brochures available in its branches, mail information to its members, establish a toll-free telephone service, or provide on-line access.

  1. Individual Access

When members request it, ABCU will tell them what personal information ABCU has, what it is being used for, and to whom it has been disclosed.

Members may challenge the accuracy and completeness of personal information in ABCU's control and have it amended as appropriate.

When members request it, ABCU will give them access to their personal information.

Note: Exceptions to the access requirement will be limited and specific.

9.1 A member has the right to know, by request, what personal information ABCU has in its control and to obtain access to that information.

9.2 Members may be requested to assist ABCU in locating information by providing information required for the search. Information provided will only be used for the purpose of assisting in a search.

9.3 ABCU will be as specific as possible in identifying the type of information and the identity of third parties to which information has been disclosed including a list of organizations that may receive personal information.

9.4 ABCU will respond to member requests within a reasonable time. The information will be made available at a cost that will vary with the type and amount of information requested. The requested information shall be provided or made available in a form that is easy to understand. For example, if ABCU uses abbreviations or codes to record information, an explanation will be provided.

9.5 In some cases, ABCU may not be able to provide the personal information that is in its control. ABCU will seek to limit these cases and make them specific in policies and procedures. For example, some personal information may not be provided, or not provided in full, because:

    • Providing access would likely reveal personal information about a third party, unless such information can be severed from the record or the third-party consents to the disclosure, or the information is needed due to a threat to life, health or security;
    • The personal information has been requested by a government institution for the purposes of enforcing any law of Canada, a province or a foreign jurisdiction, carrying out any investigation related to the enforcement of any law, the administration of any law, the protection of national security, the defense of Canada or the conduct of international affairs;
    • The information is protected by solicitor-client privilege;
    • providing access would reveal confidential commercial information, provided this information cannot be severed from the file containing other information requested by the Member;
    • Providing access could reasonably be expected to threaten the life or security of another person, provided this information cannot be severed from the file containing other information requested by the Member;
    • The information was collected without the knowledge or consent of the Member for purposes related to investigating a breach of an agreement or a contravention of the laws of Canada or a province;
    • The information was generated in the course of a formal dispute resolution process.

9.6 When a member successfully demonstrates the inaccuracy or incompleteness of personal information, ABCU shall amend the information as required. Depending upon the nature of the information challenged, amendment involves the correction, deletion, or addition of information. Where appropriate, the amended information shall be forwarded to third parties having access to the information in question.

9.7 If ABCU denies the member's request for access to personal information, the member must be told why. The member may then question the decision under the procedures in this privacy code. When a challenge is not resolved to the satisfaction of the member, the substance of the unresolved challenge will be recorded by ABCU. When appropriate, the existence of the unresolved challenge will be transmitted to third parties having access to the information in question.

  1. Compliance

Members are welcome to question ABCU concerning compliance with this privacy code. ABCU will have policies and procedures for responding to member questions.

10.1 ABCU will have policies and procedures to receive, investigate, and respond to member's questions and concerns relating to personal information.

The process will be easily accessible and simple to use.

It will be clear whom members must contact with a question or concern. The designated individual accountable for ABCU's compliance will be known to staff and identified to the membership periodically.

10.2 All member complaints will first attempt resolution by ABCU Privacy Officer with full disclosure to the Board. All members will have the right to take concerns that are not satisfactorily resolved to the Privacy Commissioner. ABCU will inform members who make inquiries or lodge complaints of the existence of relevant complaint mechanisms.

10.3 ABCU will investigate all concerns. If ABCU finds a concern justified, ABCU will have an appropriate resolve, including changing policies and procedures to ensure other members will not experience the same situation.

If you have any questions about the policy, please contact our Privacy Officer via email to cbennett@abcu.ca, subject line should read: Privacy Concern. Phone calls may be directed to same at (780) 929-8561.

Notice: ABCU reserves the right to amend its Internet Policy Statement and its Privacy Code at any time with or without notice.  Please check this page periodically for changes.

 

This information describes in general terms how your personal information is collected and used within the online banking section of our site. The online banking area of the site is the area of our website that requires you to use your Member ID and Personal Access Code (PAC) to enter.

Controlled Access to your Information 

To ensure that you are the only person accessing your personal financial information, we restrict access to the online banking section of the site by requiring that you enter your Member ID and PAC to login. Only you know your PAC. Our employees do not have access to your PAC, and they will not ask you to reveal it. If someone does ask you to provide your PAC to them, we ask that you refuse to do so and contact us immediately.

Transactional Services

By nature, our Internet banking site has many transactional functions such as transfers between accounts and bill payment functions. These transactions are all logged to ensure that your accounts are debited or credited appropriately, and a history of each transaction is available to verify your account information. We store and use your transactional information in the same fashion as if you performed the transaction at a branch or through any other service channel.

We may also use transactional information for servicing your account — for example, billing you for the particular transactions that you perform, or for the services that you use.

Creating a Secure Channel

We create a secure channel between your browser and our server to protect your information when you use the site. To learn more about how we do this, please review our information in Internet Security section.

Application Forms

To provide you with a convenient method for applying for loans and mortgages, or for purchasing other financial services products such as Registered Savings Plans, we may provide secure online application forms. These forms capture personal information that we use to provide you with the products and services you request. This information is processed in a similar way to application forms received through our other channels.

Website Usage Statistics

To continually improve our site, we often collect statistics about how our members are using it. These usage statistics are only viewed in the aggregate and are not associated with you as an individual. We use this information for purposes such as improving the pages where our members are having difficulties.

The information collected may include your IP address, your browser type and your operating system, as well as data such as the number and types of pages visited, and the length of time spent per page and on the site overall.

Our use of Cookies

We also use a key web technology called cookies. A cookie is a small information token that sits on your computer. As you use this site, cookies are passed back and forth between our server and your browser.

Specifically, we use two kinds of cookies — session cookies and persistent cookies. A session cookie exists only for the length of your browsing session and is deleted when you close your browser. A persistent cookie is a cookie that stays on your computer after you close your browser. A persistent cookie may or may not expire on a given date.

We use a session cookie to maintain the integrity of your online banking session. With each page that you visit, the cookie is passed back and forth between our server and your browser. We use the cookie to distinguish your session from the many others that may be happening at the same time. Our session cookies never store any personal information, such as your name, or date of birth, or financial information, such as your accounts and balances.

We may use persistent cookies to (i) provide you with a customized experience by recording your preferences; (ii) gather statistical information such as average time spent on a page; and (iii) to show you targeted marketing information about us when you visit other websites. The data gathered provides us with information on how we can improve the design, content and navigation of our website.

Most recent browser versions allow you to set some level of control over which cookies are accepted and how your browser uses them. For example, it may be set to notify you when it is receiving a cookie so that you accept cookies from only known, reliable sites such as this one. If you are concerned about cookies, we encourage you to upgrade your browser to a recent version and review the Help section of your browser to learn more about its specific control features.

Memorized Accounts Feature

We use a persistent cookie to store information to help you personalize the site and to make it easier to use. For example, we allow you to make the login easier by remembering your login information within our Memorized Accounts feature. Since the Memorized Accounts feature is optional, this cookie only contains information that you have entered into it. We never store your Personal Access Code (PAC) in a cookie.

Logout Button

To ensure that no-one else can access your personal information, always use the logout button to end an online banking session. It is located at the top of every page. When you exit using the logout button, we delete your session cookie so that your session cannot be resumed unless your Member ID and PAC are re-entered.

Automatic Session Time-outs

In the event that you leave your computer without logging out, the online banking feature of this site has been designed to end your session automatically if our system detects that you haven't provided any instructions or used the browser buttons to navigate for several minutes. To restart the session, you will need to provide your PAC again.

Email

To communicate with us electronically, we strongly recommend that you use our Contact Us feature. This feature provides a secure channel for sending us comments, questions or instructions.

General email is not secure since it passes through many points on its route from you to us. If you are using general email to communicate with us, we strongly recommend that you do not include personal financial information (such as account numbers) within the email as we cannot guarantee its confidentiality en route to us.

When you email us your comments, questions or instructions, you provide us your email address and we use it to correspond with you. We then store your email and our replies to you in case we correspond further.

Links to Other Sites

Our site may also contain links to other websites or Internet resources. As an example, from time-to-time we may provide links to Microsoft to assist you in upgrading your Internet browser. However, we have no control over these other websites or Internet resources and do not control their collection, use and disclosure of your personal information. Always review the Privacy Statements of the sites that you are viewing.

Contact Us

We welcome any questions or concerns about your privacy relating to use of our website. Please Contact Us to submit your questions or comments.

As we continue to expand our online banking service to serve you better, and as new Internet technologies become available, we may update the information on this page at any time, to reflect changes.

CASL was passed in Dec 2010 and was implemented starting July 1, 2014. The new law generally prohibits the sending of Commercial Electronic Messages (CEM’s) without recipients’ permission, alteration of electronic message, installation of computer programs without express consent of the owner of the system or its agent (an employee), using false representation online to promote goods and services, collection of personal information through access of computer system and collection of electronic addresses and their usage, without permission.

To comply with CASL, ABCU has developed and implemented its own Anti-Spam Policy. The purpose of BCU’s anti-spam policy is to provide staff, management and Board of Directors clear guidance on Canada’s Anti-Spam Legislation (CASL) and how ABCU will protect its members and other individuals who receive CEMs (commercial electronic messages) from ABCU.

If, you as a member, would like to ensure that you do not receive any CEMs from ABCU, please email your details (Full Name, email address and phone number) to unsubscribe@abcu.ca.

 

Security

Our online banking system is safeguarded with the best security available in a commercial environment, ensuring that your information is protected while data is transmitted between your computer and our banking server.

Encryption

Internet encryption protects your information while it is in transit between your computer and our systems. Encryption ensures that data cannot be read or altered because the information is scrambled. Our online banking website uses a 128-bit SSL, encrypting both request and response transactions, through a secure connection. To establish a secure connection, verify that the prefix of our website address in your browser reads 'https' (and not simply 'http'). All the browsers we support meet this requirement. If yours doesn't, please download the appropriate encryption support from your browser's supplier.

Controlled Access to Your Accounts

Your accounts can only be accessed by providing the correct login credentials and Personal Access Code (PAC), which only you know. Our employees never know these details and will never ask you to provide them with this information.

Enhanced Security Login Process

The first time you log in to your online banking account, you will be asked to choose from a list of security questions and answers. Be sure to pick questions with answers that are not easy to guess. Use ones that only you know. If you have a joint account, the questions and answers for both users must coincide. You can register your home or personal computer so that you will not have to answer a security question every time you log in. However, when you log in to your account from another machine, we will ask one of the security questions to confirm your identity.

For security reasons, we track the number of login attempts used to access your online banking. After a number of incorrect attempts to provide the correct PAC or answers to security questions, your online access will be immediately disabled. To regain access, please call our customer service representatives.

When visiting a branch, you can feel confident that your money is safe and secure, with the premises adorned by vaults, locked doors, security, and surveillance. We are keeping you just as safe when you bank online but once your information reaches your computer, you have a responsibility to protect it.

Personal Access Codes (PAC)

Online credentials can be numerous as they are needed for email accounts, social networking sites, online newspapers and shopping websites. That's a lot of usernames and passwords – and it can be tempting to use the same combination for everything. But this makes it far too easy for hackers because once they have one password, they can access all your sites. Login credentials are the keys to your accounts so don't leave those keys around for anyone to find. For online banking, the key is your Personal Access Code (PAC). We recommend you:

  • Choose a PAC that is easy for you to remember but difficult for others to guess. Avoid using current phone numbers, dates of birth, or social insurance numbers.
  • Be smart and don't save a list of your credentials on your PC. If you have to write them down, keep these details locked away somewhere only you can access or consider using password-management software, which secures and encrypts usernames and passwords and allows you to use a single master password.
  • Do not share your PAC with anyone, especially online. Employees of our financial institution will never call, email, write or ask you to provide your online banking credentials. Ever.
  • Don't authorize browsers to memorize your credentials. Saving these on your computer allows anyone using your PC to gain access to your login-protected sites.
  • Consider changing your PAC every 90 days for optimum security.

Personal Details 

When you move, it is important to notify us of your change of address. If your mailing information isn't up-to-date, statements or letters that contain personal information will continue to be sent to your former address.

e-Statements

You may prefer to eliminate paper statements altogether, avoiding any possibility of mail theft. Eliminate paper documents, go electronic and be secure while doing it. Our e-Statements are a digital archive of your monthly banking activity than can be downloaded as a PDF from our secure online banking site.

Logging In and Out

When you are finished with your banking session, always log out by clicking the "Log Out" button, as opposed to simply closing the browser window. To help protect your information, your online banking session will end automatically if there has been no activity for 20 minutes or if your visit lasts longer than 60 minutes. If your session has timed out, no further transactions can be made until you log in again. This time-out feature helps protect your accounts from unauthorized access if your PC is left unattended or if you have forgotten to log out.

Clearing Cookies and Cache 

When you spend time on the Internet, your browser stores information, such as the websites you visit, the images and files you view, and your personal information, including passwords and login details. This data is held on your computer's hard drive and is known as 'cache.' Even though you may have logged out and closed your browser, this information may remain accessible. You can protect your data by clearing your browsing history regularly. This can be done in a few easy steps:

Internet Explorer Users

Click on the 'Tools' tab (or use the 'Ctrl-Shift-Delete' shortcut)

  1. Select 'Delete Browsing History'
  2. Choose the options you wish to erase and click 'Delete' 

Firefox Users

Click on the 'History' tab (or use the 'Ctrl-Shift-Delete' shortcut)

  1. Select 'Show All History' and/or
  2. Choose the time frame you wish to erase and click 'Delete' 

Safari Users

Click on the 'History' tab

  1. Select 'Show all History'
  2. Choose the period you wish to erase and click 'Clear History'

Chrome Users

Delete all your data:

  1. In the top-right corner of Chrome, click the Chrome menu.
  2. Select More tools > Clear browsing data.
  3. In the dialog that appears, select the checkboxes for the types of information that you want to remove.
  4. Use the menu at the top to select the amount of data that you want to delete. Select beginning of time to delete everything.
  5. Click Clear browsing data.

Delete specific items from your browsing data:

Instead of deleting entire categories of your browsing data, you can pick specific items to delete.

Private Browsing

Some web browsers have a feature that allows you to browse the Internet without the browser storing information, such as the sites you visit, the images you see and videos you watch. This feature is sometimes used by people who share the same computer. Private browsing is a temporary option and must be selected in order for it to be activated. Private browsing, however, does not give you immunity to spyware or make you anonymous. It is still possible for your Internet service provider, employer or the websites you visit to track your online activity.

Monitoring Your Accounts

Frequently reviewing your paper and/or electronic account statements and registering for our alerts system ensures that you spot any incorrect or fraudulent transactions as soon as they occur. If your card has been skimmed (when the card's magnetic stripe and PIN are fraudulently copied by embedded devices at ATMs or point-of-sale devices) or unauthorized transactions have been made, you will want to catch this as soon as possible. Every time you receive an account statement verify you made all the transactions.

Supported Browsers

To maximize your Internet banking experience and for your Internet security, we recommend using the latest supported browsers. Please note that we do not support Beta or test versions of browsers.

  • Microsoft Edge: Download the latest version of Edge.
  • Firefox: Download the latest version of Firefox.
  • Safari: Download the latest version of Safari.
  • Google Chrome: Download the latest version of Google Chrome.

Please note that in downloading the supported required browser version, you acknowledge that these are third party sites, and we cannot take any responsibility for the consequences of your downloading these browsers.

Supported Standards

For our technically inclined users, the particular specifications that we support are XHTML 1.0 Transitional, CSS 1.0 and 2.0, DOM Level 1 and 2, and ECMA Script (JavaScript). The site will work using all the browsers that correctly implement these specifications.

128-Bit Secure Sockets Layer (SSL) Encryption

To access our services, your browser must also support 128-bit Secure Sockets Layer (SSL) encryption. All the browsers we support meet this requirement. If yours doesn't, please download the appropriate encryption support from your browser's supplier.

Cookies

To use our online banking services, you must enable your browser to accept cookies. Detailed information on our use of cookies is available in our Online Privacy Statement. For more information on enabling and disabling cookies, please refer to your browser's Help section or documentation.

JavaScript

To use our online banking services, you must change your browser and/or device settings to enable JavaScript. For more information on enabling JavaScript, please refer to your browser's Help section or documentation.

Hardware Configurations

We have no minimum hardware requirements; however, certain minimum requirements may be specified by the browser you are using.

While pickpockets can only target a few people each day, Internet fraudsters cast their nets much wider, using the anonymity and reach of mass emails and fake websites. You can protect yourself from these situations by knowing how to identify and avoid these scams.

Phishing

A common way for Internet scammers to obtain your personal information is through a method called phishing. Usernames, passwords, banking information and credit card details are phished through email or instant messaging. Phishing works by sending communications, which appear to be from your financial institution, but they are not. You are asked, supposedly by your financial institution, to log in to your online banking to verify account information. Often some type of security concern is cited as the issue. The fake email instructs you to click on a link that takes you to a non-legitimate version of your online banking site – one that is largely indistinguishable from the legitimate site – and you'll be asked to enter your credentials.

Phishing emails may include:

  • Warnings about account closures
  • Requests to update your information
  • Offers to register for a new service
  • Offers for pre-approved credit cards
  • Free virus-protection programs

Once you click on the link, which directs you to a phishing website, you'll be prompted to enter personal or banking information. Phishing scams seek personal details, such as your address, social security number or mother's maiden name. The details obtained will then be used for identity theft.

Scam emails purporting to be from your credit card company or financial institution often have some telling signs, including:

  • Poor spelling or grammar
  • Alarmist content, warning that your account will be closed if you don't provide your banking or personal details immediately
  • Notices that you've won a prize and are required to pay a fee in order to claim it

Never provide personal details or any account details in an email. Electronic messaging is not a secure form of communication. If you receive a message that you are unsure about, please contact us.

Pharming

Another way for hackers to get their hands on your personals details is by pharming them. Pharming occurs when hackers use a malicious code on your PC, which compromises your computer's host file and redirects you to fake websites. The malware hides the fraudulent URL, cloaking it in the legitimate one that appears in your browser. With pharming, the dishonest redirection of URLs happens even when you type correct URLs directly into your browser, making you think that you're on the correct website when you are not. Once there, you are asked to enter your online banking credentials or account information, which hackers take and use for criminal activity.

How to Avoid Phishing and Pharming Scams

We will never send you emails or communications asking you to verify or provide your online banking details. The best way to protect yourself is to never use a link provided in an email to access your online banking (because we don't send those; scammers do). Do not open emails or email attachments from unknown sources. Scan email through your anti-virus software.

Always type your financial institution's website address directly into your browser and remember to look for confirmation that you are browsing securely. The letter "s" in 'https' indicates you are navigating in a secure site, in comparison to the open and unprotected 'http' URLs. Look for the 'https' when online shopping, too.

Don't feel panicked when phishing emails caution of immediate account closures if your banking details cannot be verified. Don't believe emails warning that your account has been compromised or that you'll miss out on a great deal if you fail to act immediately. If you are concerned, call or visit one of our customer service representatives.


Anti-Virus Software

Install anti-virus software on your computer to protect your information, money and privacy. Such software detects viruses and cleans your computer so that harmful viruses do not spread. Set up your anti-virus to run frequent scans and update the software as soon as it is required. Ensure you have real-time scanning of every email and every file you download.

Malware

Malicious software (malware), spyware, worms and Trojans are the same class of destructive viruses; just with different names. Nobody wants a computer virus. They can steal your personal information, take over your PC and use your computer to attack other people's computers. Your PC can become infected through email attachments, downloading infected content or visiting harmful websites.

Spyware

Spyware is exactly what it sounds like – tracking software that is downloaded to your computer (without your knowledge) when you visit certain Internet sites. Secretly, it gathers information about you and your browsing habits. This information can be trivial or it can include passwords and personal data that you wouldn't want criminals to get their hands on. It can also interfere with user controls and disable legitimate anti-virus programs.

The best way to protect your computer against spyware is smart browsing. Stay away from sites that look unsafe and avoid streaming or downloading content from untrustworthy sources. Many anti-virus products offer targeted spyware solutions that inspect your operating system, installed programs, downloads and files.


Scareware

One of the most common viruses to watch out for is known as scareware. These scams pop-up on your screen and display alarmist warnings, telling you a virus has invaded your computer. Scareware prompts you to download (and often pay for) fake anti-virus software to remove the non-existent viruses. Scareware is a scam that tries to trick you into paying money in exchange for nothing.

You can protect against scareware by keeping your anti-virus software up-to-date and by being judicious about what you choose to download to your computer. You should also familiarize yourself with the interface of your legitimate anti-virus program, so you won't be fooled if one of these pop-ups appears.

We have created a secure channel to communicate with our customers, but you need to do your part by maintaining your computer up-to-date and virus-free.

Operating Systems

Your computer's operating system needs to be up to date in order to defend itself from viruses and malicious software (malware). If one part of your operating system develops a virus, it leaves holes in your PC's security defences and compromises the safety of the information contained in your computer.

Keeping your software up to date is one of the most important ways of staying safe online because it is much harder for viruses to infect an updated operating system and software. Hackers are targeting operating systems with new viruses all the time and software companies combat these efforts with security patches. You should always download the latest security patch as soon as it becomes available.

Your operating system lets you know when updates are available by notifying you there are new security features to download. You can also upgrade your operating system to the latest version available from the manufacturer; however, you should ensure your computer has sufficient hardware capacity to support an upgrade.

Remember to back up your data. To fully eliminate a virus that has infected your machine, the re-installation of your operating system may be required. Protect yourself against the permanent loss of important data by frequently backing up your files on an external hard drive so you'll have the data should you ever have a problem with your operating system.

Browsers

Web browsers are the gateways to the Internet. Similar to having an up-to-date operating system, upgraded browsers provide more features, stability and security. Whether you use Internet Explorer, Firefox, Safari, Chrome or something else, stay safe online by using the latest version available.

The latest versions of web browsers have security features that can identify and block harmful and fake websites and pop-ups, and warn you if a site is flagged as unsafe. Some browsers also have a 'Private Browsing' feature, which conceals your browsing history from others.

We suggest you update your browser. Now.

Firewalls

A firewall protects your computer and home network from harmful websites and hackers. It sits between your computer and the Internet, scanning information that is being transmitted. It allows for safe browsing, while blocking unauthorized intrusions. Even though you may think you have no information of value on your PC, firewalls also stop your computer from being used by hackers to send malicious software to other computers.

Most computers now come with a firewall as part of the standard operating system. However, you can get the maximum protection for your computer by installing additional firewalls and ensuring they are kept up to date.

Protecting Your Smartphone

Browsing the web has never been easier – it's all at your fingertips. Smartphones let you surf, shop or bank wherever you are. Make sure your information stays secure while you're on the move by following these smartphone-safe browsing tips:

  1. Activate your phone's password feature, which locks the screen and prevents anyone but you from accessing your phone. Set up the password feature on your phone with a code that only you know.
  2. Don't connect to unknown networks through Wi-Fi hotspots to make financial transactions.
  3. Beware of smishing – that's phishing on phones through text messages. Never download media or images, or click on text-message links that come from unrecognizable people or phone numbers. Never provide personal details or any account details using any form of electronic messaging because this is not a secure form of communication. If you are unsure, please contact us.
  4. Download apps exclusively from the official source for your smartphone's platform, such as the Android, Apple or BlackBerry stores.
  5. Install anti-virus software for your smartphone when available and update it frequently.
  6. Install location finding applications, which work with your phone's built-in GPS. These applications allow you to locate and/or remotely erase (or "wipe") data in your phone if it is lost or stolen.
  7. Update your smartphone's operating system as soon as newer versions are available.

These days, everyone is on the go and it's not uncommon to access Wi-Fi at coffee shops, hotels, restaurants or airports. Using wireless networks to access information is convenient, but not risk-free. Be smart when you surf. Protect yourself from threats by:

  • Using only a trusted computer to access your online banking. Don't use shared library or café computers.
  • Managing your online banking only from secure networks. We recommend that you don't use unsecured public networks for anything sensitive.
  • Connecting only to password-protected networks. If there are several networks available, ask employees of the organization which network they operate.
  • Never leaving your computer unattended, especially if you are logged into your online banking.
  • Using different PACs and security questions as login credentials. If someone obtains your credentials for one site, such as a social networking site, you don't want them to be able to access your other ones.
  • Ensuring you log out before you close your browsers.

Shopping Online

Online shopping is the epitome of convenience. There are no lines and no crowds, but it can also be a haven for fraudsters. Consider the following tips when using your credit cards online to ensure your information stays secure:

  • Make sure that you are shopping at a trusted retailer when you enter your credit card details online.
  • Provide retailers with only the necessary details to complete the transaction. These include your credit card number, expiry date, the security code on the back of the credit card and the card's billing address. Never provide your social insurance number, account details or your mother's maiden name. For shopping sites that require you to register with a username and password, we recommend you do not use your online banking PAC.
  • Use your credit cards only on e-commerce websites that use secure browsing technology on the screens where you enter your card information. Ensure the web address begins with 'https' (as opposed to 'http') and has a closed padlock icon on the screen.
  • Ensure that smaller retailers requesting credit card details have reputable contact details, a physical address and you feel comfortable with providing them your card information.
  • Never give your account or credit card details to anyone on eBay or Craigslist.