Last Updated: June 1, 2025
AMORTISYS is committed to full compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) — Canada's federal private-sector privacy law — as well as applicable provincial privacy legislation including Alberta's PIPA, British Columbia's PIPA, and Québec's Law 25 (Bill 64).
PIPEDA is built on 10 Fair Information Principles. Here is how AMORTISYS addresses each:
AMORTISYS has designated a Privacy Officer responsible for ensuring compliance with PIPEDA. Our internal policies and procedures are reviewed annually. Contact: privacy@AMORTISYS.com.
We identify and document the purposes for collecting personal information before or at the time of collection. Personal information is collected primarily to provide mortgage CRM services including deal management, client communications, document handling, and compliance reporting.
We obtain meaningful consent from individuals before or at the time of collection, use, or disclosure of personal information. Users may withdraw consent at any time, subject to legal or contractual restrictions, by contacting privacy@AMORTISYS.com.
We collect only the personal information necessary for the identified purposes. We do not collect information indiscriminately.
Personal information is used or disclosed only for the purposes for which it was collected, except with consent or as required by law. We retain data only as long as necessary to fulfill those purposes or as required by law, after which it is securely deleted.
We take reasonable steps to ensure personal information is accurate, complete, and up to date. Users may review and update their information at any time through their account settings or by contacting us.
Personal information is protected by security safeguards appropriate to the sensitivity of the information, including TLS encryption, access controls, audit logging, and regular security assessments. See our Security page for full details.
We make information about our privacy policies and practices readily available. This page and our Privacy Policy describe how we manage personal information.
Upon written request, individuals may access their personal information held by AMORTISYS and challenge its accuracy and completeness. Requests are fulfilled within 30 days. Contact: privacy@AMORTISYS.com.
Individuals may direct challenges concerning compliance with the above principles to our Privacy Officer. If a concern cannot be resolved internally, individuals may file a complaint with the Office of the Privacy Commissioner of Canada (OPC).
For users in Québec, AMORTISYS complies with the Act respecting the protection of personal information in the private sector as amended by Law 25, including:
Where personal information is transferred to service providers outside Canada (e.g., cloud infrastructure), we ensure equivalent levels of protection are in place through contractual obligations and due diligence assessments, consistent with PIPEDA Schedule 1, Principle 7, and Québec Law 25 requirements.
For any PIPEDA-related inquiries, access requests, or complaints:
Privacy Officer, AMORTISYSYou may also contact the Office of the Privacy Commissioner of Canada to file a complaint or obtain general guidance on privacy rights.