Carlson Marketing – Relationship Results.

Carlson Marketing Canada believes in protecting our clients’ and their customers’ privacy. When we collect personal information from a customer – whether online, over the phone, or in person – we follow the privacy principles of applicable Canadian law, the Canadian Marketing Association, and TRUSTe®. These are our ten promises to customers:

1. Notice. When we collect your personal information, we'll give you timely and appropriate notice describing what personal information we're collecting, how we'll use it, and the types of third parties with whom we may share it.
2. Choice. We'll give you choices about the ways we use and share your personal information, and we'll respect the choices you make.
3. Relevance. We'll collect only as much personal information as we need for specific, identified purposes, and we won't use it for other purposes without obtaining your consent.
4. Retention. We'll keep your personal information only as long as we need it for the purposes for which we collected it, or as permitted by law.
5. Accuracy. We'll take appropriate steps to make sure the personal information in our records is accurate.
6. Access. We'll provide ways for you to access your personal information, as required by law, so you can correct inaccuracies.
7. Security. We'll take appropriate physical, technical, and organizational measures to protect your personal information from loss, misuse, unauthorized access or disclosure, alteration, and destruction.
8. Sharing. Except as described in this policy, we won't share your personal information with third parties without your consent.
9. International Transfer. If we transfer your personal information to another country, we'll take appropriate measures to protect your privacy and the personal information we transfer.
10. Enforcement. We'll regularly review how we're meeting these privacy promises, and we'll provide an independent way to resolve complaints about our privacy practices.

To access your information, ask questions about our privacy practices, change your marketing preferences, or issue a complaint, contact us at:

Carlson Marketing Canada
Privacy Officer
2845 Matheson Blvd. E
Mississauga, ON
L4W 5K2
1-888-965-6055
privacy@carlsoncanada.com

Scope of this Policy

This Policy covers the privacy practices relating to these websites (“Sites”): www.carlsoncanada.com/rewardsxp/splash.asp, www.cardprotector.ca, www.home-advantage.ca, www.legalsense.ca, www.myvisarewardsplus.com, www.carlsoncanada.com, www.carlsoncanada.ca, www.hotlinecardregistry.com, www.cardassistplus.ca and www.cardassist.ca. To learn more about Carlson Marketing Canada privacy practices, see our Frequently Asked Questions – Data Privacy, which, with our ten privacy promises, comprise our Privacy Policy. This Policy may be supplemented or amended from time to time by Privacy Notices provided at the time we collect your personal information. For example, certain pages of our Websites may contain Privacy Notices providing details about the personal information we collect on those pages, why we need that information, and choices you may have about the ways we use that information. In other cases, specific Privacy Notices may be required to comply with the privacy laws of some countries. Our Privacy Notices are part of this Policy.

This Policy is effective as of September 19, 2006.

Frequently Asked Questions – Data Privacy

• Who are we?
  Carlson Marketing Canada has been an industry leader in relationship marketing for over 50 years. Carlson Marketing Canada is a subsidiary of Carlson Companies, a global leader in the marketing, travel, and hospitality industries.
• How can someone learn about our privacy practices?
  When we ask for your personal information, we'll let you know how you can find out about our privacy practices. If we're asking you for information online - on a specific Site, for example - we'll provide a link to this Policy. If we're asking you to complete a paper form, we'll include a privacy notice and additional points of contact for your questions. If you're contacting us by phone, our operators will be able to answer your privacy questions or point you in the proper direction. If you have any questions or concerns about our privacy practices, you may contact us.
• What is "personal information"?
  Personal information - as defined in the Personal Information Protection and Electronic Documents Act (PIPEDA) is "Information about an identifiable person which would include race, age, marital status, religion, employment history, Social Insurance Number, credit history, assets, home address, telephone number, and even opinions about that individual.”
• What personal information do we collect about you?
  The information we request from you is dependent on the Website and program you enroll in. Common types of information we collect include contact information such as name, address, and phone number; verification information such as date of birth; and financial information such as credit-card number or bank-card number.
  
  Information Sent To Us By Your Browser. Like most commercial websites, we collect information that is sent to us automatically by your web browser when you access this Site. This information typically includes the IP address of your Internet service provider, the type of your operating system, and the type of your browser. The information we receive depends on the settings on your web browser. Please check your browser if you want to learn what information your browser sends or how to change your settings. We use this information to create statistics that help us improve our Site and make it more compatible with the technology used by our visitors.
  
  The information provided by your browser does not identify you personally. However, we may review our server logs for security purposes, such as detecting intrusions into our network. If we suspect criminal activity, we might share our server logs -- which contain visitors' IP addresses -- with the appropriate investigative authorities who could use that information to trace and identify individuals. In addition, if you access this site through an e-mail we have sent you, or if you've created a "user identity" during one of your visits, we may link the information provided by your browser to information in our records that identifies you personally.
  
  Information Collected Using "Cookies." Like many commercial websites, we use "cookies." A cookie is a small text file that is placed on your hard disk by a Web server. Cookies cannot be used to install computer programs or deliver viruses to your computer. We may use two types of cookies – “session cookies” and “persistent cookies.”
  
  We use "session cookies" to assign a randomly-generated unique identification number to your computer. A session cookie expires after you close your browser. We use session cookies to collect information about the ways visitors use our Sites – which pages they visit, which links they use, and how long they stay on each page. We analyze this information, known as "clickstream data," to better understand our visitors' and members' interests and needs, and to improve the content and functionality of our Sites and programs.
  
  We may also use "persistent cookies." These cookies do not expire when you close your browser, but stay on your computer until they expire or you delete them. Each time you visit our Sites, our Web server will recognize your cookie. By assigning your computer a persistent, unique identifier, we're able to create a database of your previous choices and preferences. In situations where these choices or preferences need to be collected again, they can be provided by us automatically, saving you time and effort. Assigning your computer a persistent, unique identifier also helps us keep a more accurate account of how many people visit our Sites, how often they return, how their use of our Sites may vary over time, and the effectiveness of our promotional efforts.
  
  If you access this Site through an e-mail we have sent you or you've created a "user identity" during one of your visits, we may link the information provided by our cookies to information in our records that identifies you personally.
• What steps do we take to make sure your personal information is accurate?
  We take appropriate security measures to protect your personal information from unauthorized alteration. If you’ve provided information on our Sites, you may update or correct key information relating to your account at any time by visiting your profile on our Sites. If you become aware that any of the personal information in our records is inaccurate or has been altered, please contact us.
• How can you access your personal information?
  The easiest way to access and review your key account information is to visit your profile on this Sites. If you have additional questions regarding your personal information, please contact us. We will respond promptly within the time limits established by applicable law. For your protection, we may ask you for additional information to verify your identity. In most cases, we will provide the access you request and correct or delete any inaccurate information you report. In some cases, however, we may limit or deny your request if the law permits or requires us to do so.
• How do we use your personal information?
  We use your personal information to administer the program you are enrolled in; to invoice you if applicable; to maintain your account; and to communicate with you regarding your account and other aspects of the administration of the program such as sending marketing or promotional communications. We will only send you marketing or promotional communications if you have indicated permission to do so.
• Do we share your information with other companies?
  Data is not shared with third parties for their marketing purposes unless you have consented to such sharing.
  
  We may share your personal information with companies and organizations that perform services on our behalf. For example, if you are enrolled in one of our loyalty based programs where you can redeem points for merchandise we may need to send your information to the manufacturer of the product you have ordered if it is housed at their location. This use of your information would be to fulfill your order only and not for any other purposes. If you are utilizing one of our enhancement services, e.g., Legal Sense, we would need to share your information with the appropriate supplier in order for you to receive the benefit of the enhancement services.
  
  In order to fulfill requested services for some membership programs, Carlson Marketing will share your information with the appropriate third parties. The third party will then use your information to put you in touch with those as needed to fulfill the service you requested.
  
  There are other, limited circumstances in which we or the companies with which we share your personal information may share or transfer your personal information to unrelated third parties. For example, we may provide personal information to a third party when we believe it is necessary to prevent or investigate a possible crime, such as fraud or identity theft; to comply with a court order or subpoena; to comply with a legal requirement; to protect your vital interests; or in connection with a sale, purchase, merger, reorganization, financing, liquidation, dissolution, or similar event. When we disclose information under these or similar circumstances, we’ll take appropriate steps to limit use and protect the confidentiality of your personal information.
• Does our Site use spyware?
  Our Site does not use spyware. The term "spyware" refers to a software program that, when installed on your computer, changes settings, displays advertising, or tracks your Internet behavior and reports information back to a central database. Spyware is usually installed on your computer without your knowledge and can be very difficult to remove.
• How long do we keep your personal information?
  We keep your personal information for as long as we need it for the purposes for which it was collected, or to which you have consented, or as permitted by applicable law. Generally, this means that we’ll keep your information as long as you have an active account. If, however, you choose to close your account with us we will eliminate your personal information from our records, unless an applicable law requires us to retain your personal information for some period of time.
• Do we transfer your personal information outside your country of residence?
  Our Sites and our data are hosted on servers located in Canada. Our call centres are also primarily located in Canada, although we may at times use supplemental facilities located in other countries.
  
  When we transfer your personal information to another country, we’ll take appropriate measures to protect your privacy and personal information. In addition, no matter where we transfer your personal information, it will remain subject to the terms of this Policy and your privacy preferences.
  
  You should know that different countries have different data-protection laws, some of which provide more protection than others. By using our Sites and participating in the related programs, you are consenting to the transfer of your personal information to any country in the world, but only in accordance with the terms of this Policy.
• How do we protect your personal information?
  We maintain appropriate physical, technological, and organizational safeguards to protect your personal information against loss, misuse, unauthorized access or disclosure, alteration, and destruction. For example, our data networks are protected by firewalls and intrusion-detection sensors. Only employees who have a “need-to-know” are authorized to access member accounts, and only after they’ve been trained on our security procedures.
  
  Although we use reasonable measures to help protect your personal information and comply with applicable data security laws, it's important that you understand that no website or database is completely secure, or "hacker proof." You can protect yourself and help us prevent computer crime by carefully guarding your password. If you believe the security of your account has been breached, contact us as soon as possible.
  
  To ensure the integrity and protection of your information with any of Carlson Marketing’s third party service providers, we ensure that all of these companies sign non-disclosure agreements and are held to the same standard that we comply with.
• What about links to other websites?
  Our Sites may contain links to other websites. If you do find a link and follow it, please take a few minutes to review terms of use and privacy policies on the other website as they are not governed by this Policy.
• How do we enforce our privacy promises?
  We communicate our privacy promises to our employees and train employees handling member information on their roles and responsibilities in protecting your privacy. We regularly assess the privacy and security practices of our Sites, databases, and other member-information systems to identify ways we can improve our data practices. As an additional control, we've become members of TRUSTe. TRUSTe is an independent, nonprofit organization that certifies privacy policies and monitors privacy practices. Members of TRUSTe must pass a rigorous process to meet TRUSTe’s program requirements and agree to monitoring and TRUSTe’s dispute-resolution process.
• How do we make notification of changes to this Policy?
  We reserve the right, at our discretion, to change, modify, add, or remove portions of this Policy at any time. The level of notice we'll provide when we change this Policy will depend on the nature of the change. In any event, changes to this Policy may affect our use of personal information that you provided us prior to the effective date of the changes.
  
  Minor Changes. If we make only minor changes to this Policy, we'll replace this Policy with the new Policy and change the "Effective" date at the top of this Policy. We will also provide a notice at the top of this Policy for at least 30 days after the new effective date and highlight the changes in the Policy so that you can locate them easily. Your continued participation or use of this Site following a minor change to this Policy will indicate your acceptance of the revised Policy. Minor changes include, for example, changes to our contact information.
  
  Material Changes. We'll notify you of any material changes to this Policy by sending you a notice by e-mail at the last e-mail address you provided us. Our notice may include a link or direct you to visit this Site to review the revised Policy. We'll also provide a notice at the top of the revised Policy for at least 30 days after the new effective date and highlight the changes in the Policy so that you can locate them easily.
  
  Material changes to this Policy will be effective as of the effective date included in the notice to you or, if no effective date is included, 30 calendar days after we send the notice to you at the last e-mail address you provided us. Please note that you are responsible for updating your profile via this Site so that your contact information is always current. If the last e-mail address you provided us is not valid or current, or if for any other reason is not capable of delivering to you the notice described above, our mailing of the notice to your last e-mail address will nonetheless constitute effective notice of the changes described in the notice.
  
  You expressly agree that communication of material changes as described above will be sufficient notice of material changes to this Policy and you agree to assume responsibility for reviewing the modified Policy. Your continued participation in the Program following such notice will indicate your acceptance of the revised Policy. If you don't agree to the changes in our Policy, you must notify us prior to the effective date of the changes that you wish to deactivate your account with us.
• What if your concern is not addressed to your satisfaction?
  If your privacy concern isn’t addressed to your satisfaction, you may contact TRUSTe® at http://www.truste.org/consumers/watchdog_complaint.php. TRUSTe will serve as a liaison to resolve your privacy concerns and, if necessary, help resolve privacy-related disputes that arise. TRUSTe is an independent, nonprofit organization that certifies privacy policies, monitors privacy practices, and provides dispute-resolution services to its members. We’re proud to be members of TRUSTe and to have earned the TRUSTe seal. Members of TRUSTe must pass a rigorous process to meet TRUSTe’s program requirements and agree to monitoring and TRUSTe’s dispute-resolution process.