Decisions/Federal (Canada)/Personal Information Protection and Electronic Documents Act/Early resolved case summary #2017-001: Privacy obligations under PIPEDA apply to financial technology sector

Federal (Canada)Office of the Privacy Commissioner of CanadaPersonal Information Protection and Electronic Documents ActEarly resolved case summary #2017-001Early-resolved

Early resolved case summary #2017-001: Privacy obligations under PIPEDA apply to financial technology sector

Organization: A financial technology company

Decision: Jul 25, 2017Published: Jul 25, 2017

Official Decision ↗Bookmark View Governing Law

Plain-Language Summary

A complainant filed a complaint against a financial technology (FinTech) company after being required to provide personal information to access an investment account management agreement. The company initially cited regulatory requirements for collecting the data before an individual became a client. The OPC advised the company that prospective clients should be able to review agreements and understand privacy implications before providing personal information to ensure meaningful consent.

Key Issues

Purpose of information collection
Meaningful consent
Regulatory requirements for collection

Outcome

Complaint early resolved

Reasoning

The company agreed to revise its website and Privacy Policy to allow prospective clients to review agreements before providing personal information, ensuring they could make informed decisions and provide valid consent.

AI-generated summary for reference only. Always verify against the official decision ↗

Decision Notes

Recommended action / remedy

The company agreed to revise its website and Privacy Policy.

This summary is informational only and not legal advice.