Last updated: October 2023
We know that you care how information about you is used and shared, and so do we. That is why at CARFAX Canada we are committed to protecting your privacy, and we support a general policy of openness about how we collect, use and disclose your Personal Information.
This Privacy Policy applies to the collection, use and sharing of any Personal Information collected by CARFAX Canada while doing business in Canada. The purpose of this Privacy Policy is to inform you about our practices relating to the collection, use and disclosure of Personal Information through your access to or use of our Offerings. It explains how we handle and protect Personal Information, including information collected through our Digital Channels.
This Privacy Policy applies for as long as we hold your Personal Information, including after the end of our business relationship. By giving us your Personal Information, you consent to the collection, use and sharing of your information as described in this Privacy Policy.
This Privacy Policy also explains how you can contact us if you have a question about, want to make a change to or delete any Personal Information that we may be holding about you. We strongly recommend that you take the time to read this Privacy Policy and retain it for future reference. When reading this Privacy Policy, please note that any capitalized terms not defined in this Privacy Policy are defined in our Conditions of Use accessible online at /about-carfax/privacy-legal/conditions-of-use (the "Conditions of Use").
To help you understand our Privacy Policy, here are some important terms you should know.
“CARFAX Canada”, “we”, “our” or “us” means collectively CARFAX Canada ULC and any of its Affiliates
“Personal Information” or “information” means information about an identifiable individual, such as contact information, account numbers, home address, financial information, photographs and signatures. This can also include information collected through your activities on our Digital Channels, such as your phone or computer model, browser type and IP address when it is connected to you. Information about a business or company is generally not considered Personal Information, nor is business contact information.
“Digital Channels” means our Website, mobile apps, social media accounts, virtual assistant, and other digital channels.
“Partners” means companies we have carefully selected to provide benefits, products or services under, or to participate in, a CARFAX partner program.
The type of Personal Information we collect depends on various factors, such as the Offerings you use, any applicable legal and regulatory obligations, and the channel you use to communicate with us.
We collect Personal Information from you, or from third parties you authorize us to collect such information from, only when you voluntarily provide it or authorize us to collect it (or in rare cases, we are permitted by law to collect it without your consent).
Typically, we will seek consent for the use or disclosure of your Personal Information at the time of collection. In certain circumstances, consent may be sought after the information has been collected but before use (for example, when we want to use information for a purpose not previously identified). The form of consent that we seek, including whether it is express or implied, will largely depend on the sensitivity of the Personal Information and the reasonable expectations of the individual in the circumstances.
You may withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. If you wish to withdraw your consent, please to the Your Rights section of this Privacy Policy to find out how to do so.
We will not, as a condition of the supply of a Product or Service, require you to consent to the collection, use or disclosure of your Personal Information beyond that required to fulfill the explicitly specified and legitimate purposes for which the information is being provided.
We may collect Personal Information that you upload, post or input into any of our Offerings or give to us in any other way in the course of you accessing or using any of our Offerings (including when you post, upload or input any content or information to the Website or input any content or information into a Service or Product), and other Personal Information you may transmit to us on your behalf or on behalf of a third party, or authorize us to obtain from you. You can choose not to provide certain Personal Information, but then you might not be able to take advantage of some of the features in our Offerings.
We use the Personal Information that you provide for such purposes as responding to your search requests, communicating with you and enabling certain functionalities in our Offerings for your use.
We may use the Personal Information that we collect to:
We may share information within CARFAX and with Affiliates to:
The information shared with our Affiliates is subject to the privacy policies of those affiliates, and the laws of the countries where they are located.
We may employ third parties to perform certain functions on our behalf. Examples include fulfilling orders and payments, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analyzing data, providing marketing and advertising assistance, processing credit card payments, providing customer service, providing IT services (such as IT support, information storage, cloud and web-hosting services), human resources management, contact centre services, and fraud prevention and detection, among other services. These third parties may receive access to your Personal Information, but only as required to perform their functions, and cannot use the Personal Information for any other purposes.
To help us make e-mails more useful and likely of interest to you, we may receive a confirmation when you open e-mail from us if your computer supports such capabilities. We may also compare our customer list to lists received from third parties, in an effort to avoid sending unnecessary messages to our customers.
We share information with analytics and advertising partners to better understand how our clients use our Products and Services and to personalize advertising based on your preferences and interests. These partners also measure how well our marketing and ad campaigns are working and help us improve them. These partners may use web technologies, such as cookies, to collect information about your activities on our Website and other third-party sites.
If you have not opted out of receiving marketing materials or communications, we may also use (but will not disclose) your Personal Information to promote and market additional goods, services and special offers from us and/or our business associates, including by means of direct marketing. We may also disclose your name and mailing address to these affiliates and/or third party business associates so that they can send you promotional materials directly.
We collect, use and share information to protect you and your rights as well as to protect our rights and interests, including in the following circumstances:
We may also collect, use and share information without consent if we are allowed to do this under the laws that apply to us.
We may share information with our Partners, such as the Canadian Automotive Association (CAA). If you join a CARFAX Canada Partner program, we and the Partner may share information to administer, develop, manage and promote the program
If you withdraw your consent to this sharing, you may not be able to participate in the partner program as the sharing may be necessary to receive the benefits and features of the program. We and our program partners may provide you with a privacy notice that explains how your information will be handled for a particular partner program.
If we enter into a business transaction involving Personal Information or are considering one, such as selling or securitizing assets, we may share information with the other organizations or people involved in the transaction. For example, we may share information so a purchaser can do their due diligence before the transaction. We may also share information when the transaction is completed. These other parties must keep this information confidential and limit its use to the purposes of the transaction.
Where we buy information as part of a business transaction, this Privacy Policy applies to our collection, use and sharing of the Personal Information (which may include information we continue to hold after the end of your relationship with us). If we sell assets, the purchaser may be allowed or required by law to keep some Personal Information for a defined length of time.
We may de-identify your information by removing information that identifies you, such as your name, address, and account numbers. We may then combine this information with other information, and use it for internal business purposes, such as:
When you visit our Website, we may place a text file called a “cookie” in the browser directory of your computer’s hard drive. A cookie is an alphanumeric identifier that enables our systems to recognize your browser and to provide more efficient service of our Website.
Tracking pixels can also be used to check if you have accessed content, monitor web traffic and provide metrics similar to cookies. Below, we describe how we use cookies and similar technologies. Please refer to section 11 “Your rights” for information on how to manage your preferences on our use of these technologies.
We use persistent cookies to measure site and mobile app usage, including browsing behaviour. We do this to improve how our sites work and to measure the effectiveness of our sites, communications and promotional offers. For example, we use persistent cookies to track the CARFAX web and mobile pages you visit, which CARFAX online marketing ads you click and your response rate, and the keywords you searched to find our site. If the CARFAX ad is on a third-party site, we may collect the address of the site where you click the ad, but we won’t track or create a profile of your activity on third-party sites.
We may also use cookies and work with third party service providers who use cookies to collect traffic data and other information about your use of our Website. We and our service providers will use this information in aggregated and anonymous form to analyze usage of our Website and to improve the operation of our Website, Services and/or Products.
We also use persistent cookies to save your digital personal preferences. You must allow persistent cookies if you want your browser to remember your preferences such as card number, language or default home page each time you sign on.
Software applications, such as videos, may create cookies to store configuration information on your computer. These cookies allow you to view videos or other rich media on CARFAX sites. Certain CARFAX online tools, such as calculators, use cookies to save the information you enter, such as odometer reading, so you don’t have to re-enter this information each time you use the tool.
Some browsers can be set to reject all cookies. The "help" portion of the toolbar on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, and/or how to disable cookies altogether. If you choose to modify your browser in this manner, some pages of our Website may not function properly. Cookies allow you to take full advantage of some of our most advanced features, and we recommend that you leave them turned on.
We are committed to ensuring that the Personal Information collected in the course of you accessing or using any of our Offerings is protected against loss, theft and unauthorized use, sharing, or access. This protection applies in relation to information stored in both electronic and hard copy form, and access to collected Personal Information is restricted to selected employees, representatives and third parties as described above. For example, when we transmit your information via the Internet or other electronic means, we encrypt it, which helps protect it.. We also reveal only the last five digits of your credit card numbers when confirming an order.
The Website may offer links to third party websites. You should be aware that operators of linked websites may also collect your Personal Information (including information generated through the use of cookies) when you access their websites. We are not responsible for how such third parties collect, use or disclose your Personal Information, so it is important to familiarize yourself with their privacy policies before providing them with your information.
We retain your Personal Information for as long as necessary to fulfill the purpose(s) for which it was collected, and to comply with applicable laws, enforce our Conditions of Use and other agreements we have entered into with you, and protect or enforce our rights. This may include exchanging information with other companies, governmental and quasi-governmental institutions and crime prevention organizations for fraud investigation, detection, prevention and/or protection purposes. Your consent to such purposes remains valid after you leave the Website and/or cease using any of our Offerings.
For these reasons, we keep your information beyond the end of your relationship with us. When we don’t need your information any longer, we securely destroy it or (where permitted) make it anonymous, following all applicable laws, so that the information can no longer identify you. We have record retention policies and schedules that set out retention periods depending on the type of information, and the process that must be followed when a retention period expires. For the purposes set out in this Privacy Policy, we or one of our affiliates or an unaffiliated service provider may process and store your Personal Information outside of the province in which you reside and/or outside of Canada, and under the laws of those other jurisdictions, in certain circumstances courts, law enforcement agencies, regulatory agencies or security authorities in those other provinces or foreign jurisdictions may be entitled to access your Personal Information.
You have the right to access personal information we hold about you. You can do this by contacting us at the contact information below in section 13, “Contact Us”.
You will need to put your request in writing (email or letter) and give us enough details to help us understand the information that you want to access. We must verify your identity before we start our search, or before we give you access to your information. We will tell you if there is a fee to access your information. We may also ask you for more information to confirm the scope of your request, such as the time period or a more specific description of the information you want to access.
After we receive your written request, verify your identity and understand the scope of your request, we will give you a written response to your access request within the timeframe set by applicable privacy law (usually 30 days, but laws may differ).
There may be limits to your right to access your information. For example, if the information is subject to legal privilege, contains confidential commercial information, relates to an investigation of a breach of an agreement or law, or contains information about other individuals that cannot be separated.
If we have information about you that we got from others, you can ask us for the source of that information, subject to certain restrictions under applicable law. If you ask for it, and where legally permitted and required, we will also give you certain details about how we handle your personal information, such as the types of third parties to whom we have, or may have, disclosed your information.
You can help us maintain the accuracy of your Personal Information by notifying us of any changes to this information. You may contact us to request a correction or update of your Personal Information using the contact information provided in section 13, “Contact Us”.
You can withdraw your consent to our collection, use and sharing of information at any time by giving us reasonable notice, subject to legal, business, or contract requirements. However, withdrawing your consent may limit or prevent us from providing you with specific Products and Services. For example, if you don’t give us your email address, we can’t provide you with any Product or Services that we deliver electronically. If you withdraw your consent to exchange Personal Information with insurers, we will not be able to provide you with certain Products or Services.
In some circumstances, you can’t withdraw your consent. For example, you can’t withdraw your consent if the collection, use and sharing of information without consent is permitted or required by law or necessary to manage our business, comply with legal and regulatory obligations, assign our rights to others for business transactions, or as otherwise described in section 4(E)XX “Manage our business”
If you have any questions, concerns or complaints about this policy or our privacy practices, let us know right away (you can use the contact information found in section 13, “Contact Us”). In most cases, you can resolve a question, concern or complaint simply by talking to us about it. If you choose to send us an email, don’t include sensitive information such as payment card or account numbers.
Be sure to include your name and contact information where you prefer to be reached, the nature of your complaint, question or concern, details relevant to the matter and the names of any individuals whom you have already discussed the issue with.
We may update this Privacy Policy and our other privacy-related documents. Any changes we make to this Privacy Policy take effect when we post the updated Privacy Policy on our Website and any other channels where this Privacy Policy appears. In some cases, we will also notify you of changes we make to the Privacy Policy in accordance with applicable law, for example, by posting a notice of the changes on our Website or using other appropriate ways to reach you.
When you continue to use our Products and Services after we post the modified version of the Privacy Policy, you accept the changes to the Privacy Policy. The date at the top of this Privacy Policy indicates when it was last updated
In the event that you have any questions about this Privacy Policy or if you have reason to believe that we may have failed to adhere to this Privacy Policy, you may contact our Chief Privacy Officer by email at privacy@carfax.ca, or by mail at:
CARFAX Canada ULC
CARFAX Canada, 100 Kellogg Lane Suite #301
London, ON N5W 0B4
Attn: Chief Privacy Officer