Privacy Policy

Embark Student Companies Privacy Statement
Introduction
This privacy policy has been developed to meet the compliance standards established by Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA).
Background
Personal Information Protection and Electronic Documents Act (PIPEDA)
PIPEDA is Canada’s federal privacy law for the private sector and applies to personal information collected during the course of commercial activities. PIPEDA is essentially about balance. On one hand, it respects an individual’s right to privacy while on the other, recognizing the need for industry and organizations to collect, use and disclose personal information. This law, as its name suggests, encompasses two primary objectives. The first objective is to establish rules that govern the collection, use and disclosure of personal information by private sector organizations. The second objective is to acknowledge the validity and legality of electronic documents.
PIPEDA significantly impacts the way we handle the personal information with which we are entrusted. At the same time, it clearly establishes a code of privacy practices that provide Canadians from coast to coast with a mechanism to ensure their personal information is handled respectfully and compliantly.
The Ten Fair Information Principles of PIDEDA were established by the Canadian Standards Association Model Code for the Protection of Personal Information. These principles were recognized as a Canadian standard in 1996 and address how organizations should collect, use and disclose personal information. They also address an individual’s right to access his/her personal information in addition to his/her right to have it amended where appropriate. Listed in Schedule 1 of PIPEDA, the Ten Fair Information Principles outline responsibilities that all organizations subject to the legislation must follow.
What is PIPEDA?
Canada’s federal privacy law for the private sector that applies to personal information collected during commercial activities.
Two Primary Objectives
- Govern the collection, use, and disclosure of personal information.
- Acknowledge the validity & legality of electronic documents.
Policy
Embark:
For purposes of this policy, “Embark” refers, individually and collectively, to Embark Student Foundation and Embark Student Corp.
For the purposes of this policy, the term ‘Customer’ refers to current subscribers to and beneficiaries of the education savings plan(s) offered by Embark Student Foundation. The term ‘Customer’ also includes prospective customers (who are not current subscribers or beneficiaries of an education savings plan(s) with Embark Student Foundation), whose information Embark has obtained either directly from the prospective customer or from a third party to whom the prospective customer has granted permission to share their personal information with Embark.
Embark means:
- Embark Student Foundation,
- Embark Student Corp.
“Customer” includes current subscribers, beneficiaries, and prospective customers.
PIPEDA’s Fair Information Principles
Accountability
Embark is responsible for maintaining and protecting the information under its control. In fulfilling this mandate, we have designated a senior officer of Embark as Chief Privacy Officer who is accountable for compliance with these Privacy Principles.
Identifying Purposes
The purposes for which Customer information is collected shall be identified to the person providing it before or at the time the information is collected.
Consent
The knowledge and consent of the Customer are both required for the collection, use or disclosure of customer information except where required or permitted by law.
Limiting Collection
The customer information collected must be limited to only those details necessary for the identified purposes. Information must be collected by fair and lawful means.
Limiting Use, Disclosure and Retention
Customer information may only be used or disclosed for the purpose for which it was collected unless the subscriber has otherwise consented, or when it is required or permitted by law. Customer information may only be retained for the period of time required to fulfill the purpose for which it was collected.
Accuracy
Customer information must be maintained in as accurate, complete and up-to-date form as is necessary to fulfill the purposes for which it is to be used.
Safeguarding Customer Information
Customer information will be protected by security safeguards that are sensitive to the level of information.
Openness
Embark is required to make information available to their Customers concerning the policies and practices that apply to the management of their information.
Customer Access
Upon request, a Customer shall be informed of the existence, use and disclosure of their information, and shall be given access to it. Customers may verify the accuracy and completeness of their information, and may request that it be amended, if appropriate.
Challenging Compliance
Any Customer is able to submit a challenge concerning compliance with the above privacy principles. Such challenges should be directed to the Chief Privacy Officer at privacy@embark.ca.
What Information Is Collected
At Embark, we collect two types of information from our Customers. With their consent, we collect personal information. We may also collect anonymous/non-personal information.
Type 1: Personal Information
Personal information is information that refers to the Customer specifically. With their consent, we may gather personal information from them in person, over the telephone or by corresponding with them via mail, e-mail or over the internet.
The type of information we usually collect and maintain can include:
- Name
- Residential and/or Mailing Address
- E-mail Address
- Telephone Number
- Social Insurance Number
- Date of Birth
- Place of Employment
- Financial information, such as annual income and net worth
- Other ‘Know Your Client’ Information, as defined under applicable securities legislation
- Transaction History
- Bank account information
- Country of Residency
When attempting to gather information via e-mail, Embark will first confirm whether the individual has given express or implied consent under Canada’s Anti-Spam Legislation and if not, will not attempt to contact this individual by e-mail to collect personal information.
The choice to provide us with personal information is always that of the Customer. Under applicable securities legislation in Canada, the Customer’s decision to withhold certain personal information may limit the services we are able to provide and make it more difficult for us to advise them or suggest appropriate alternatives.
As it refers to prospective customers:
When attempting to gather information over the telephone, Embark uses its best efforts to first determine whether this individual has registered with the National ‘Do Not Call List’. If so, Embark will not attempt to contact this individual by telephone to collect personal information.
When attempting to gather information over the internet, Embark will only collect information where the prospective Customer specifically consents to this in electronic form, as Embark may determine.
Respecting and Responding to Subscribers’ Privacy Concerns
A Customer can refuse or withdraw consent to the collection, use and release of their personal information and if they do so, we will record and respect their choices. We will investigate and respond to their concerns about any aspect of our handling of their information. All inquiries or concerns regarding the refusal to grant or withdrawal of consent should be directed to our Chief Privacy Officer at privacy@embark.ca. Note that if a Customer chooses to withdraw their consent to the collection and use of their personal information, Embark may be required to discontinue its business dealings with that Customer.
What We Collect:
- Personal Details: Name, residential and/or mailing address, email address, telephone number, date of birth, Social Insurance Number
- Employment and Financial Information: Place of employment, annual income, net worth, bank account details, transaction history
- Identification: ‘Know Your Client’ information as required under securities legislation, country of residency.
How We Collect It:
- in person,
- by phone,
- mail,
- email, or
- online
Guidelines
- Consent is required for collection; email contact follows Canada’s Anti-Spam Legislation
- Phone contact respects the National ‘Do Not Call List’
- Online information is collected only when the prospective Customer specifically consents to this in electronic form.
Customer Choice
- Providing information is voluntary but may limit services if withheld.
- You can refuse or withdraw consent for data collection, use, and sharing. If consent is withdrawn, our services to you may be discontinued depending on the nature of your request.
Privacy Concerns can be directed to the Chief Privacy Officer at privacy@embark.ca.
Type 2: Anonymous/Non-Personal Information
At Embark, we also collect anonymous/non-personal information from individuals who may or may not be our Customers. Anonymous/non-personal information is information that cannot be associated with or traced back to a specific individual. For example, our web servers collect anonymous/non-personal information automatically when someone visits the Embark websites. Gathered electronically, this information may include web pages visited, the type of web browser used, and the level of encryption their browser supports. The anonymous/non-personal information collected may be used for research and analytical purposes.
To help us better understand our markets, we may also gather information for analytical purposes by conducting anonymous customer surveys or by extracting demographic information from existing files and from Statistics Canada.
What We Collect:
Information that cannot be linked to a specific individual, such as:
- Web pages visited
- Type of web browser used and its encryption level
How We Collect It:
- Automatically through our web servers when you visit Embark websites.
- Through anonymous surveys or by using demographic information from existing files and Statistics Canada.
How We Use It:
- For research and analytical purposes
- To better understand our markets
With Whom We May Share Information
At Embark, we are obliged to keep our Customer’s personal information confidential except under the following special circumstances:
When Authorized by Them via:
The Education Assistance Agreement and the Plan Acknowledgements that a subscriber agrees to as part of Enrolling in a Plan outlines the terms and conditions associated with acquiring specific products or services from Embark. In general, it establishes the rights and obligations of both parties as they relate to the provision of that product or service. With respect to the matter of personal information, these terms and conditions authorize us to:
- use this information to establish, administer and provide ongoing service for the education savings plan that the Customer opens;
- share this information with
- the custodial parent of the beneficiary(s) of the Agreement;
- Embark Student Corp. Dealing Representatives;
- third parties that provide services to Embark in connection with the ongoing administration and servicing of the Agreement;
- financial institutions as designed by the Customer, to facilitate contributions to and withdrawals and payments from the Agreement;
- Employment and Social Development Canada and Revenue Quebec, in respect of the federal and provincial government grants and incentives applied for on behalf of the Customer;
- Canada Revenue Agency to register the Agreement as a RESP under the Income Tax Act (Canada);
- use the information to offer additional products and services that may benefit the Customer.
Where Embark shares information with third parties, it is in accordance with a written agreement with the third party that includes provisions requiring the third party to limit its use of the information to the stated purpose and to maintain confidential the information in accordance with these PIPEDA principles.
We keep our Customers’ personal information confidential, except for:
When Authorized by Them:
The Education Assistance Agreement and Plan Acknowledgements agreed to by the subscriber authorize us to:
- Use Customer information to establish and service the education savings plan.
- Share Customer information with other parties.
- Offer additional products and services that may benefit the Customer.
Testimonials
From time to time, Embark will publish testimonials from current or former customers and student beneficiaries. The purpose is to provide examples of how individuals benefitted from their RESP from Embark; it is not intended to represent the views of others. Each testimonial is carefully reviewed before publishing to ensure the accuracy, clarity and timeliness of the information. We only publish testimonials where the author has given Embark specific written consent to share their information. Once published, we review the testimonials regularly to ensure continued publication of the testimonial is current and relevant to our business.
With the author’s written consent, we occasionally publish testimonials to showcase how our Customers benefited from their RESP with us.
When Required by Law
The type of information we are legally required to disclose most often relates to government tax reporting requirements.
In some instances, such as a legal or regulatory proceeding or court order, we may also be required to disclose certain information to authorities. Only the information specifically requested is disclosed and we take precautions to satisfy ourselves that the authorities that are making the request have legitimate grounds to do so.
- Government tax reporting.
- Court orders or legal proceedings -only the specifically requested information is disclosed.
We ensure that the requesting authorities have valid grounds before disclosing any data.
With Your Consent
We may share or disclose your personal information outside of Embark for purposes other than those mentioned above, with your implied or express consent and in accordance with applicable law.
We may share your information externally, but only with your consent and according to the law.
How We Protect Customer Information
Embark businesses, employees and service suppliers are all governed by strict standards and policies to ensure our Customer information is secure and treated with the utmost care and respect.
At Embark, Customer information is strictly confidential. Unless the Customer authorizes us to release their personal information, we will never sell, lease or trade a Customer’s personal information to other parties.
- Embark, our employees and service suppliers follow strict standards to secure Customer information.
- We do not sell, lease, or trade Customer information unless the release is authorized by the Customer.
Our Employees
In the course of daily operations, access to Customer’s personal information is restricted to authorized employees who have a legitimate business purpose and reason for accessing it. For example, when a Customer calls or e-mails us, our designated employees will access their information to verify that they are the account-holder and to assist them in fulfilling their requests.
As a condition of their employment, all employees of Embark are required to abide by the privacy standards we have established. They are also required to work within the principles of ethical behavior as set out in our Code of Conduct and must follow all applicable laws and regulations. Employees are informed about the importance of privacy, and they are required to sign the Code of Conduct, and, if needed, a Confidentiality Agreement that prohibits the disclosure of any Customer’s personal information to unauthorized individuals or parties.
To reinforce their understanding and commitment to upholding Customer privacy, employees periodically receive updates and complete an annual training course about our privacy policies, principles and standards.
Unauthorized access to and/or disclosure of Customer personal information by an employee of Embark Student Corp. is strictly prohibited. All employees are expected to maintain the confidentiality of Customer information at all times and failing to do so will result in appropriate disciplinary measures.
- Access to Customer information is limited to authorized employees with a legitimate business need.
- Employees receive regular training and are required to follow privacy standards, ethical guidelines, and legal requirements outlined in our Code of Conduct and additional Confidentiality Agreements if needed.
- Unauthorized access or sharing of Customer information is prohibited and will lead to appropriate disciplinary measures.
Sales Representatives
Embark Student Corp. Sales Representatives operate as independent contractors and are not employees of Embark Student Corp. The relationship between Embark Student Corp. and each Sales Representative is governed by one or more written agreements, each of which include provisions requiring the Sales Representative to comply with Embark Student Corp.’s policies and procedures governing the collection, use, retention and safeguarding of Customer personal information. These policies and procedures include requirements to maintain the confidentiality of Customer information and to prohibit the sharing of Customer information with any unauthorized parties.
Outside Service Suppliers
Embark Student Companies will from time to time, contract with independent, third-party suppliers to perform specialized services such as market research or data processing. These trusted suppliers may at times be responsible for processing and handling certain elements of our Customer’s personal information. For example, we use the services of a third party to assist us with the printing and mailing of our annual statements of account and as result the third party has access to certain elements of our Customers’ information.
When we contract with these suppliers to provide such services, we only provide them with the information necessary to perform those services. Further, our agreements with the suppliers prohibits the storing, analyzing or utilization of the Customers’ information for any other purpose other than the service that they have been contracted to provide and to protect Customer information in a manner that is consistent with the privacy policies and practices that we have established.
Cloud Storage
Embark Student Companies may use other internally hosted technology or its own secure on-site servers to store Customer’s personal information. To support the business operations of Embark Student Companies, third parties with whom Embark Student Companies has contracted may also store Customer’s personal information using cloud services or other technology (see “With Whom We May Share Information”).
These third parties do not use or have access to Customer’s personal information other than for cloud storage and retrieval and Embark Student Companies mandates that such parties use security measures that are at least as stringent as the ones Embark Student Companies uses to safeguard Customer’s personal information.
How Customers Can Protect Their Information
At Embark Student Companies, we do our utmost to protect and safeguard our Customer’s personal information. However, we believe there are measures Customers should take as well to protect their personal information. The following is a list of things they can do to protect themselves from unauthorized access to their personal information.
Personal Information
Customers should not share personal or financial information such as their Agreement Number, Social Insurance Number (SIN) or banking information with any other individual or entity unless they clearly understand the purpose of their request and they know with whom they are dealing.
Suspicious Solicitation
From time to time, Embark Student Companies will engage in promotional campaigns via telephone, mail and e-mail. If you are unsure of the information you receive from us, please contact Customer Service at 1 (800) 363-7377 to verify that the campaign is a legitimate Embark Student Companies activity. Embark Student Companies. will never ask for a Customer’s banking information or SIN or ask a Customer to make a contribution, payment or funds transfer via e-mail or over the Internet. If you receive such a request, do not reply to the request and instead contact our Customer Service Centre.
Accessing and Amending Information
At Embark Student Companies, decisions are often made based on the information we have. Therefore, it is important that our Customer’s personal information is accurate, complete and up-to-date. As a Customer, you have the right to access, verify and amend the information held in your personal file.
Accessing Information
A Customer may access and verify any of their information, including any information pertaining to their Agreement(s) whenever they wish. Most of this information is available in the form of transaction records. Account statements are generally the best source for this type of information. Additional transactional details about their accounts may be acquired through our Customer Contact Centre staff.
Should a Customer have questions concerning a decision we have made regarding the use, collection, retention or sharing of their personal information, we will inform them of the reasons for those decisions if we are permitted to do so by law. We will also provide them with the name(s) and address (es) of any organizations that provided information to us on their behalf if it was relevant to our final decision. Please direct any such questions to our Chief Privacy Officer.
If for some reason, a Customer is refused access to their personal information held in their file, they may challenge this refusal by contacting our Chief Privacy Officer at privacy@embark.ca
You can also contact the Privacy Commissioner of Canada for assistance between the hours of 8:30 a.m. to 4:30 p.m. EST, at:
Toll-free: 1 (800) 282-1376
Phone: (819) 994-5444
Fax: (819) 994-5424
TTY: (819) 994-6591
or by mail at:
30 Victoria Street
Gatineau, Quebec
K1A 1H3
or on the web at:
https://www.priv.gc.ca
Alberta, British Columbia and Quebec have their own private-sector privacy laws that have been deemed substantially similar to PIPEDA. If this applies to you, you can also contact your Provincial Privacy Commissioner’s office for more information:
- Alberta
Office of the Information and Privacy Commissioner of Alberta - British Columbia
Office of the Information and Privacy Commissioner for British Columbia - Quebec
Commission d’accès à l’information du Québec
- Customers can access and verify their information at any time.
- Customers can contact the Chief Privacy Officer at privacy@embark.ca with any questions about the decisions made by Embark regarding their personal information.
- Customers can contact the Privacy Commissioner of Canada at:
- Toll-free: 1 (800) 282-1376
- Phone: (819) 994-5444
- Fax: (819) 994-5424
- TTY: (819) 994-6591
- Address: 30 Victoria Street, Gatineau, Quebec, K1A 1H3
- Web: priv.gc.ca
- For those in Alberta, British Columbia, or Quebec, contact the relevant Provincial Privacy Commissioner.
Amending Information
To help us keep your personal information up-to-date, we encourage our Customers to amend inaccuracies and make corrections as often as necessary. Despite our best efforts, discrepancies sometimes occur. Should a Customer identify any incorrect or out-of-date information in their file(s), we will make the proper changes and provide them with a copy of the corrected information. Where appropriate, we will communicate these changes to other parties who may have unintentionally received incorrect information from us.
- Customers are encouraged to update inaccuracies in their personal information as needed.
- We will correct errors and provide a copy of the updated information.
- If necessary, we will notify other parties who received incorrect details.
To Make a Change
To make a change or update to your personal information that is in our possession, please call Customer Service at 1 (800) 363-7377.
Call Customer Service at 1 (800) 363-7377 to update your information.
How Cookies are Used
Cookies may be used by Embark websites to improve functionality and in some cases, to provide visitors with a customized online experience. The following section describes how Embark websites may use cookies.
- Improving functionality of our websites.
- Offering our websites’ visitors a personalized experience.
To Improve Functionality
Embark websites may use non-persistent cookies to improve operations and functionality. For example, these cookies improve navigation, maintain connectivity and ensure online service sessions are secured. They do not contain personal or financial information, and they are not permanently stored for future use.
Site Personalization
Some Embark websites use persistent cookies as a means of offering visitors a personalized experience.
How Cookies are Not Used
Although cookies have the capability of accomplishing a variety of undertakings, Embark websites only use cookies when they provide an obvious benefit to you. The following describes how Embark websites do not use cookies.
- External website tracking or using tracking data for promotional purposes.
- Storing usernames or passwords for secure pages.
- Linking cookie data to personal or financial information.
- Gathering sensitive data or access your computer.
Web Site Tracking (What sites you go to)
Cookies or other information tracking technologies are not used to follow the surfing behavior of visitors once they leave Embark website. Additionally, tracking information that may be gathered during a visit to a Embark website will not be used for promotional purposes.
User IDs and Passwords
For added security; cookies are not used to remember usernames and passwords when accessing highly secured pages. You will be required to provide this information each time you log-on to a secured online service page.
Aggregated Analysis Attributable to an Individual Account
Embark does not associate any of the information collected via cookies with your personal or financial information.
Maintaining Personal Information in a Cookie
Cookies cannot be used to gather sensitive information about you or data residing on your computer. Cookies are not designed to identify you personally; rather they are intended to enhance navigation and the security of your session.
What are Your Choices in Relation to Cookies?
If you would like to browse Embark websites, you may do so without accepting cookies. However, you should understand that if you choose not to accept cookies, some Embark websites may not function properly or optimally, and you will not be permitted to access certain secured sites.
Cookies are widely used, and most web browsers are configured initially to accept cookies automatically. If you prefer not to accept cookies, you may adjust your browser settings to alert you when a cookie is about to be sent, or you may configure your browser to refuse cookies automatically. If you would like to learn more about how to set your cookie options, please refer to your browser’s documentation or online help for instructions.
- You can browse without accepting cookies, but some websites may not function properly, and access to secured sites may be restricted.
- Most browsers are set to accept cookies by default, but you may adjust the settings.
Comments and Complaints
While we welcome any positive comments you may have, it is equally important for us to know when you have a problem so we can resolve it and retain your confidence.
At the same time, we use your feedback to continuously improve the quality of the products and services we provide to you and other customers.
There are a variety of ways for you to provide positive feedback or express your concerns about your experiences with a member of Embark. We encourage you to get in touch with us in person, by telephone, mail, and fax or via the Internet.
Click here to register a complaint.
Click here to be added to Embark Co Do Not Call List.
Click here to be added to Embark Do Not E-mail List.
We welcome both positive feedback and concerns to improve our products and services.
- Click here to register a complaint.
- Click here to be added to Embark Co Do Not Call List.
- Click here to be added to Embark Do Not E-mail List.
Updating This Policy
We may update or amend these privacy policies from time to time, in response to changing regulatory requirements or business practices. You may determine when this policy was last updated by referring to the modification date found at the bottom of this document.
This Privacy Policy may be periodically updated.
Last updated: March 25, 2025