Last revised date: November 27, 2019
EnStream LP (“EnStream”, “we”, “us” and “our”) is committed to protecting the privacy and security of personal information. Personal information is information about an identifiable individual, and can include name, address, date of birth, mobile number, email address, location and other identifiable information.
EnStream is a joint venture owned by Bell Mobility, Rogers Communications, and TELUS Communications. We provide a number of services, including (I) mobile subscriber verification services to approved merchants and aggregators, using information and services provided by participating mobile network operators (the “Participating Mobile Network Operators) and (ii) other technical solutions to trusted third parties, including financial institutions. We primarily provide services to these third parties that in turn ultimately interact with you, the end-users.
How we are accountable
EnStream has implemented policies and practices to protect your personal information, including:
Implementing procedures to protect personal information through use of physical, organizational, contractual, and technical security measures;
Establishing procedures to receive and respond to inquiries and complaints regarding the disclosure of personal information in collaboration with third party merchants and participating Mobile Network Operators;
Accountability for compliance by our Executive Management; and
Personal information we access
EnStream may access the following personal information from participating Mobile Network Operators with your consent:
Name, address, date of birth, mobile telephone number;
Mobile account status, service provider, device type and related device information;
Mobile service configuration and features (e.g. call forwarding status) and usage history;
Domestic and roaming location and history; and
Other identifiable information related to your mobile account and services.
Purpose for access and use of personal information
EnStream may access personal information for the following purposes:
To enhance identity assurance and fraud detection services related to mobile users;
To streamline enrolment with third party services based on mobile number and related personal information;
To conduct internal reviews and audits;
To conduct investigations related to complaints;
To manage and develop our business and operations;
To develop, enhance and offer future products and services; and
To comply with regulatory and legal obligations.
EnStream does not support any applications related to database marketing. Further, we will not sell, trade or rent personal information to any third party unless we receive your consent. We do however reserve the right to use, disclose, sell, trade, or rent aggregated information, provided that the aggregated information is not linked to any specific individual and does not constitute personal information.
Third parties who use our services are required to confirm that they have collected your consent by identifying the specific personal information requested and its intended purpose before the time the information is collected. They are contractually bound to implement all such necessary technical, procedural, and commercial means in order to ensure that consent is properly collected and auditable.
By providing consent to such third parties, you authorize your participating Mobile Network Operator, or other applicable third party, to disclose the specific personal information, through us, for the purposes identified at such time consent was collected. You may withhold your consent and/or elect not to use the services supported by us. You may also withdraw your consent at any time, subject to applicable contractual and legal restrictions and reasonable notice.
Limiting Access, Use, Disclosure and Retention
We will not use or disclose personal information for purposes other than those for which it was accessed, except with your consent or as required by law.
As a general rule, we will only hold personal information temporarily, often instantaneously, in order to process specific transactions. After the purpose has been fulfilled, such personal information will be destroyed immediately in a confidential and secure manner. While we may retain records regarding the date and time of specific transactions for audit and analytics purposes, none of the retained information contains personal information.
The information is provided only after detailed contracts are set out with the companies that provide us with these services. Moreover, the information may only be used for the purposes of providing the services in question.
Security and Safeguards
We protect personal information using physical, electronic or procedural security measures appropriate to the sensitivity of the information in our custody or control. These security measures include safeguards to protect against loss or theft, as well as unauthorized access, disclosure, copying, use or modification, including the use of encryption within our systems and on any communications links between our systems, systems at participating Mobile Network Operators, and systems at all third parties who use our services.
We have established secure data destruction, media disposal and secure wipe practices and procedures in accordance with industry accepted best practices in order to dispose of any personal information we no longer need after delivering our services.
Questions or Comments
55 University Avenue, Suite 202
Toronto, Ontario M5J 2H7
Attention: Chief Privacy Officer