Privacy Policy
Rifco National Auto Finance Corporation Personal Information Protection Policy
Rifco National Auto Finance Corporation (RIFCO) is committed to safeguarding the personal
information entrusted to us by our customers. We manage your personal information in accordance
with Alberta’s Personal Information Protection (PIPA) and Personal Information Protection and
Electronic Documents Act (PIPEDA) and other applicable laws.
This policy outlines the principles and practices we follow in protecting your personal information. The
policy also applies to any person providing services on our behalf. A copy of this policy is provided to
any client on request.
RIFCO recognizes Personal Information to be any identifying information of an individual that is not
publicly available and uses common sense rules for collection, use and disclosure.
Accountability
RIFCO has appointed a Privacy Officer who is responsible for ensuring compliance with PIPEDA and
this policy. RIFCOs Privacy Officer may delegate the accountability to the Manager or Director of each
department. This delegation for each department may include:
• Development of a training manual and guidelines for the secure handling of Personal Information as
it relates to their department and employees job function.
• Provide training for new hires and refresher training, as required, on the secure handling of Personal
Information.
• Oversight of adherence and compliance of the handling of Personal Information by employees.
• Risk assessment and mitigation of unauthorized disclosure of Personal Information by employees
• Timely reporting to RIFCOs Privacy Office of any suspected breach.
RIFCO Executives, Directors, Managers are accountable for supporting a business culture that
promotes the safeguarding of personal information entrusted by our customers.
Any questions regarding this policy or concerns with RIFCO’s compliance with the requirements of
PIPEDA, can be addressed directly to RIFCO’s Privacy Officer. Contact information is included at the
end of this policy.
This policy applies to anyone who collects, uses and discloses personal information on behalf of RIFCO
including employees and third-party service providers.
Purpose
RIFCO collects personal information for the purposes of providing services to our customers, including
personal information to:
• Identify the customer
• Understand customers credit needs
• Evaluate eligibility for products and services including credit
• Deliver products and services
• Refine and improve our current products and services
• Develop new products and services
• Protect our customers and Rifco against error, fraud, theft and damage
• Comply with legal and regulatory requirements
Rifco collects customer information directly from our customers and our Dealer partners. Rifco may
collect customer information from other persons with prior consent or as authorized by law.
We inform our customers, before or at the time of collecting personal information, of the purposes for
which we are collecting information. However, we do not provide this notification when a customer
volunteers information for an obvious purpose.
Consent
RIFCO obtains customer consent to collect, use or disclose personal information, except in specific
circumstances where collection, use or disclosure without consent is authorized or required by law. We
may assume consent in cases where information is volunteered for an obvious purpose.
RIFCO may not be able to provide certain services if a customer is unwilling to provide consent to the
collection, use or disclosure of certain personal information. Where express consent is needed, we
request that customers provide their consent orally (in person, by telephone), in writing (by signing a
consent form, by checking a box on a form), or electronically (by clicking a button).
We may collect, use or disclose customer personal information without consent only as authorized by
law. For example, we may not request consent when the collection, use or disclosure is reasonable for
an investigation or legal proceeding, to collect a debt owed to our organization, in an emergency that
threatens life, health or safety, or when the personal information is from a public telephone directory.
In the event a client has withdrawn his or her consent for collecting, using and disclosing of their
information, PIPA allows RIFCO to continue to use, disclose or retain the information if we have legal
or business reason to do so.
Limiting Use, Disclosure and Retention
Rifco limits the amount of personal information collected to what is necessary to determine customers’
ability to pay the loan and for the purposes of managing and servicing the loan. Limiting the amount
of personal information collected reduces our risk of improper usage or disclosure.
We retain customer personal information only for as long as is reasonable to fulfil the purposes for
which the information was collected or for legal or business purposes.
RIFCO will not use or disclose customer personal information for any purpose other than those for
which it was collected without the customers express consent or as required or permitted by law. We
may disclose our customers personal information, as necessary, for the purpose of collecting a debt
owed to RIFCO.
RIFCO complies with Canada Revenue Agency data retention and destruction standards. Once a
customer has fulfilled the terms of the Loan Agreement, personal information will be retained for a
period of six fiscal years. Hard copy documents are shredded by a 3rd party provider and electronic
data is deleted. RIFCO retains non-identifying client information for business and statistical purposes.
Safeguards
RIFCO’s electronic data systems are configured with data encryption. This means that when an
individual sends personal information to RIFCO, such as a credit card number, the electronic data is
protected by secure technology to ensure safe transmission.
Computers, servers, networks, and software systems containing customer personal information are
safeguarded by limiting access to user specific, username and password protection, and in some
instances, multi-level authentication. External data storage devices, such as USB drives, are not
permitted by RIFCO for storage or file transfer purposes.
Physical documentation is stored in locked file cabinets and restricted storage areas.
RIFCO administrative safeguards include training our employees on our policies for protection of
customer personal information as well as the consequences of non-compliance. Sensitive information
is accessible only to those employees who require it for operational and business purposes.
RIFCO will notify the Office of the Information and Privacy Commissioner of Alberta, without delay, of
any security breach affecting personal information should occur.
We render client personal information non-identifying, or destroy records containing personal
information once the information is no longer needed.
We use appropriate security measures when destroying customer personal information, including
shredding paper records and permanently deleting electronic records.
Use of Providers Outside Canada
RIFCO has contractual agreements with certain service providers outside of Canada. These
agreements may require the collection, use and disclosure of customer personal information as set out
in the agreement. We employ a reasonable presumption our service providers follow all applicable
laws pertaining to the use, disclosure, retention and safeguarding of personal information.
Access to records
Upon request, a Rifco customer shall be informed of the existence, use and disclosure of their
information and shall be given access to it. Customers may verify the accuracy and completeness of
their information, and may request that it be amended, if appropriate. We will amend, as necessary,
upon notice from another organization updates to customer personal information. Rifco will correct a
customer’s information under our custody and control within a reasonable time frame.
Organizations are authorized under the Act to refuse access to personal information if disclosure
would reveal confidential business information. Access may also be refused if the information is
protected by legal privileged or contained in mediation records.
If we refuse a request in whole or in part, RIFCO will provide the reasons for the refusal. In some cases
where exceptions to access apply, we may withhold that information by way of redaction or omission
and provide the remainder of the record.
We will respond to access requests withing 45 calendar days, unless an extension is granted by the
Office of the Information and Privacy Commissioner.
Compliance Breach of Personal Information
RIFCOs Privacy Officer is responsible for timely reporting of a suspected Breach to the Office of the
Information and Privacy Commissioner (OIPC). RIFCO will notify the affected individuals directly as
soon as feasible after it has been determined that the breach has occurred.
Individuals may submit concerns in writing regarding the use, disclosure, retention and safeguarding of
personal information direct to:
RIFCO Privacy Officer
privacyofficer@rifco.net
or alternately,
Office of the Information and Privacy Commissioner of Alberta
generalinfo@oipc.ab.ca
Personal Information Protection Training
RIFCO firmly believes training of its employees is essential to ensure safeguarding of the personal
information our customers have entrusted us with. Managers and Directors of each department are
responsible for development, training and adherence to the safe handling of customers private
information.
Download Privacy Policy
Privacy Policy
Rifco National Auto Finance Corporation Personal Information Protection Policy
Rifco National Auto Finance Corporation (RIFCO) is committed to safeguarding the personal information entrusted to us by our
customers. We manage your personal information in accordance with Alberta’s Personal Information Protection (PIPA) and Personal
Information Protection and Electronic Documents Act (PIPEDA) and other applicable laws.
This policy outlines the principles and practices we follow in protecting your personal information. The policy also applies to any
person providing services on our behalf. A copy of this policy is provided to any client on request.
RIFCO recognizes Personal Information to be any identifying information of an individual that is not publicly available and uses
common sense rules for collection, use and disclosure.
Accountability
RIFCO has appointed a Privacy Officer who is responsible for ensuring compliance with PIPEDA and this policy. RIFCOs Privacy
Officer may delegate the accountability to the Manager or Director of each department. This delegation for each department may
include:
• Development of a training manual and guidelines for the secure handling of Personal Information as it relates to their department
and employees job function.
• Provide training for new hires and refresher training, as required, on the secure handling of Personal Information.
• Oversight of adherence and compliance of the handling of Personal Information by employees.
• Risk assessment and mitigation of unauthorized disclosure of Personal Information by employees
• Timely reporting to RIFCOs Privacy Office of any suspected breach.
RIFCO Executives, Directors, Managers are accountable for supporting a business culture that promotes the safeguarding of personal
information entrusted by our customers.
Any questions regarding this policy or concerns with RIFCO’s compliance with the requirements of PIPEDA, can be addressed directly
to RIFCO’s Privacy Officer. Contact information is included at the end of this policy.
This policy applies to anyone who collects, uses and discloses personal information on behalf of RIFCO including employees and
third-party service providers.
Purpose
RIFCO collects personal information for the purposes of providing services to our customers, including personal information to:
• Identify the customer
• Understand customers credit needs
• Evaluate eligibility for products and services including credit
• Deliver products and services
• Refine and improve our current products and services
• Develop new products and services
• Protect our customers and Rifco against error, fraud, theft and damage
• Comply with legal and regulatory requirements
Rifco collects customer information directly from our customers and our Dealer partners. Rifco may collect customer information from
other persons with prior consent or as authorized by law.
We inform our customers, before or at the time of collecting personal information, of the purposes for which we are collecting
information. However, we do not provide this notification when a customer volunteers information for an obvious purpose.
Consent
RIFCO obtains customer consent to collect, use or disclose personal information, except in specific circumstances where collection,
use or disclosure without consent is authorized or required by law. We may assume consent in cases where information is volunteered
for an obvious purpose.
RIFCO may not be able to provide certain services if a customer is unwilling to provide consent to the collection, use or disclosure of
certain personal information. Where express consent is needed, we request that customers provide their consent orally (in person, by
telephone), in writing (by signing a consent form, by checking a box on a form), or electronically (by clicking a button).
We may collect, use or disclose customer personal information without consent only as authorized by law. For example, we may not
request consent when the collection, use or disclosure is reasonable for an investigation or legal proceeding, to collect a debt owed
to our organization, in an emergency that threatens life, health or safety, or when the personal information is from a public telephone
directory.
In the event a client has withdrawn his or her consent for collecting, using and disclosing of their information, PIPA allows RIFCO to
continue to use, disclose or retain the information if we have legal or business reason to do so.
Limiting Use, Disclosure and Retention
Rifco limits the amount of personal information collected to what is necessary to determine customers’ ability to pay the loan and for
the purposes of managing and servicing the loan. Limiting the amount of personal information collected reduces our risk of improper
usage or disclosure.
We retain customer personal information only for as long as is reasonable to fulfil the purposes for which the information was
collected or for legal or business purposes.
RIFCO will not use or disclose customer personal information for any purpose other than those for which it was collected without the
customers express consent or as required or permitted by law. We may disclose our customers personal information, as necessary, for
the purpose of collecting a debt owed to RIFCO.
RIFCO complies with Canada Revenue Agency data retention and destruction standards. Once a customer has fulfilled the terms of
the Loan Agreement, personal information will be retained for a period of six fiscal years. Hard copy documents are shredded by a
3rd party provider and electronic data is deleted. RIFCO retains non-identifying client information for business and statistical
purposes.
Safeguards
RIFCO’s electronic data systems are configured with data encryption. This means that when an individual sends personal information
to RIFCO, such as a credit card number, the electronic data is protected by secure technology to ensure safe transmission.
Computers, servers, networks, and software systems containing customer personal information are safeguarded by limiting access to
user specific, username and password protection, and in some instances, multi-level authentication. External data storage devices,
such as USB drives, are not permitted by RIFCO for storage or file transfer purposes.
Physical documentation is stored in locked file cabinets and restricted storage areas.
RIFCO administrative safeguards include training our employees on our policies for protection of customer personal information as
well as the consequences of non-compliance. Sensitive information is accessible only to those employees who require it for
operational and business purposes.
RIFCO will notify the Office of the Information and Privacy Commissioner of Alberta, without delay, of any security breach affecting
personal information should occur.
We render client personal information non-identifying, or destroy records containing personal information once the information is no
longer needed.
We use appropriate security measures when destroying customer personal information, including shredding paper records and
permanently deleting electronic records.
Use of Providers Outside Canada
RIFCO has contractual agreements with certain service providers outside of Canada. These agreements may require the collection,
use and disclosure of customer personal information as set out in the agreement. We employ a reasonable presumption our service
providers follow all applicable laws pertaining to the use, disclosure, retention and safeguarding of personal information.
Access to records
Upon request, a Rifco customer shall be informed of the existence, use and disclosure of their information and shall be given access
to it. Customers may verify the accuracy and completeness of their information, and may request that it be amended, if appropriate.
We will amend, as necessary, upon notice from another organization updates to customer personal information. Rifco will correct a
customer’s information under our custody and control within a reasonable time frame.
Organizations are authorized under the Act to refuse access to personal information if disclosure would reveal confidential business
information. Access may also be refused if the information is protected by legal privileged or contained in mediation records.
If we refuse a request in whole or in part, RIFCO will provide the reasons for the refusal. In some cases where exceptions to access
apply, we may withhold that information by way of redaction or omission and provide the remainder of the record.
We will respond to access requests withing 45 calendar days, unless an extension is granted by the Office of the Information and
Privacy Commissioner.
Compliance Breach of Personal Information
RIFCOs Privacy Officer is responsible for timely reporting of a suspected Breach to the Office of the Information and Privacy
Commissioner (OIPC). RIFCO will notify the affected individuals directly as soon as feasible after it has been determined that the
breach has occurred.
Individuals may submit concerns in writing regarding the use, disclosure, retention and safeguarding of personal information direct
to:
RIFCO Privacy Officer
privacyofficer@rifco.net
or alternately,
Office of the Information and Privacy Commissioner of Alberta
generalinfo@oipc.ab.ca
Personal Information Protection Training
RIFCO firmly believes training of its employees is essential to ensure safeguarding of the personal information our customers have
entrusted us with. Managers and Directors of each department are responsible for development, training and adherence to the safe
handling of customers private information.
Download Privacy Policy
Privacy Policy
Rifco National Auto Finance Corporation Personal Information Protection Policy
Rifco National Auto Finance Corporation (RIFCO) is committed to
safeguarding the personal information entrusted to us by our customers. We
manage your personal information in accordance with Alberta’s Personal
Information Protection (PIPA) and Personal Information Protection and
Electronic Documents Act (PIPEDA) and other applicable laws.
This policy outlines the principles and practices we follow in protecting your
personal information. The policy also applies to any person providing
services on our behalf. A copy of this policy is provided to any client on
request.
RIFCO recognizes Personal Information to be any identifying information of
an individual that is not publicly available and uses common sense rules for
collection, use and disclosure.
Accountability
RIFCO has appointed a Privacy Officer who is responsible for ensuring
compliance with PIPEDA and this policy. RIFCOs Privacy Officer may
delegate the accountability to the Manager or Director of each department.
This delegation for each department may include:
• Development of a training manual and guidelines for the secure handling
of Personal Information as it relates to their department and employees job
function.
• Provide training for new hires and refresher training, as required, on the
secure handling of Personal Information.
• Oversight of adherence and compliance of the handling of Personal
Information by employees.
• Risk assessment and mitigation of unauthorized disclosure of Personal
Information by employees
• Timely reporting to RIFCOs Privacy Office of any suspected breach.
RIFCO Executives, Directors, Managers are accountable for supporting a
business culture that promotes the safeguarding of personal information
entrusted by our customers.
Any questions regarding this policy or concerns with RIFCO’s compliance
with the requirements of PIPEDA, can be addressed directly to RIFCO’s
Privacy Officer. Contact information is included at the end of this policy.
This policy applies to anyone who collects, uses and discloses personal
information on behalf of RIFCO including employees and third-party service
providers.
Purpose
RIFCO collects personal information for the purposes of providing services
to our customers, including personal information to:
• Identify the customer
• Understand customers credit needs
• Evaluate eligibility for products and services including credit
• Deliver products and services
• Refine and improve our current products and services
• Develop new products and services
• Protect our customers and Rifco against error, fraud, theft and damage
• Comply with legal and regulatory requirements
Rifco collects customer information directly from our customers and our
Dealer partners. Rifco may collect customer information from other persons
with prior consent or as authorized by law.
We inform our customers, before or at the time of collecting personal
information, of the purposes for which we are collecting information.
However, we do not provide this notification when a customer volunteers
information for an obvious purpose.
Consent
RIFCO obtains customer consent to collect, use or disclose personal
information, except in specific circumstances where collection, use or
disclosure without consent is authorized or required by law. We may assume
consent in cases where information is volunteered for an obvious purpose.
RIFCO may not be able to provide certain services if a customer is unwilling
to provide consent to the collection, use or disclosure of certain personal
information. Where express consent is needed, we request that customers
provide their consent orally (in person, by telephone), in writing (by signing a
consent form, by checking a box on a form), or electronically (by clicking a
button).
We may collect, use or disclose customer personal information without
consent only as authorized by law. For example, we may not request consent
when the collection, use or disclosure is reasonable for an investigation or
legal proceeding, to collect a debt owed to our organization, in an
emergency that threatens life, health or safety, or when the personal
information is from a public telephone directory.
In the event a client has withdrawn his or her consent for collecting, using
and disclosing of their information, PIPA allows RIFCO to continue to use,
disclose or retain the information if we have legal or business reason to do
so.
Limiting Use, Disclosure and Retention
Rifco limits the amount of personal information collected to what is
necessary to determine customers’ ability to pay the loan and for the
purposes of managing and servicing the loan. Limiting the amount of
personal information collected reduces our risk of improper usage or
disclosure.
We retain customer personal information only for as long as is reasonable to
fulfil the purposes for which the information was collected or for legal or
business purposes.
RIFCO will not use or disclose customer personal information for any
purpose other than those for which it was collected without the customers
express consent or as required or permitted by law. We may disclose our
customers personal information, as necessary, for the purpose of collecting a
debt owed to RIFCO.
RIFCO complies with Canada Revenue Agency data retention and
destruction standards. Once a customer has fulfilled the terms of the Loan
Agreement, personal information will be retained for a period of six fiscal
years. Hard copy documents are shredded by a 3rd party provider and
electronic data is deleted. RIFCO retains non-identifying client information
for business and statistical purposes.
Safeguards
RIFCO’s electronic data systems are configured with data encryption. This
means that when an individual sends personal information to RIFCO, such as
a credit card number, the electronic data is protected by secure technology
to ensure safe transmission.
Computers, servers, networks, and software systems containing customer
personal information are safeguarded by limiting access to user specific,
username and password protection, and in some instances, multi-level
authentication. External data storage devices, such as USB drives, are not
permitted by RIFCO for storage or file transfer purposes.
Physical documentation is stored in locked file cabinets and restricted
storage areas.
RIFCO administrative safeguards include training our employees on our
policies for protection of customer personal information as well as the
consequences of non-compliance. Sensitive information is accessible only to
those employees who require it for operational and business purposes.
RIFCO will notify the Office of the Information and Privacy Commissioner of
Alberta, without delay, of any security breach affecting personal information
should occur.
We render client personal information non-identifying, or destroy records
containing personal information once the information is no longer needed.
We use appropriate security measures when destroying customer personal
information, including shredding paper records and permanently deleting
electronic records.
Use of Providers Outside Canada
RIFCO has contractual agreements with certain service providers outside of
Canada. These agreements may require the collection, use and disclosure of
customer personal information as set out in the agreement. We employ a
reasonable presumption our service providers follow all applicable laws
pertaining to the use, disclosure, retention and safeguarding of personal
information.
Access to records
Upon request, a Rifco customer shall be informed of the existence, use and
disclosure of their information and shall be given access to it. Customers
may verify the accuracy and completeness of their information, and may
request that it be amended, if appropriate. We will amend, as necessary,
upon notice from another organization updates to customer personal
information. Rifco will correct a customer’s information under our custody
and control within a reasonable time frame.
Organizations are authorized under the Act to refuse access to personal
information if disclosure would reveal confidential business information.
Access may also be refused if the information is protected by legal
privileged or contained in mediation records.
If we refuse a request in whole or in part, RIFCO will provide the reasons for
the refusal. In some cases where exceptions to access apply, we may
withhold that information by way of redaction or omission and provide the
remainder of the record.
We will respond to access requests withing 45 calendar days, unless an
extension is granted by the Office of the Information and Privacy
Commissioner.
Compliance Breach of Personal Information
RIFCOs Privacy Officer is responsible for timely reporting of a suspected
Breach to the Office of the Information and Privacy Commissioner (OIPC).
RIFCO will notify the affected individuals directly as soon as feasible after it
has been determined that the breach has occurred.
Individuals may submit concerns in writing regarding the use, disclosure,
retention and safeguarding of personal information direct to:
RIFCO Privacy Officer
privacyofficer@rifco.net
or alternately,
Office of the Information and Privacy Commissioner of Alberta
generalinfo@oipc.ab.ca
Personal Information Protection Training
RIFCO firmly believes training of its employees is essential to ensure
safeguarding of the personal information our customers have entrusted us
with. Managers and Directors of each department are responsible for
development, training and adherence to the safe handling of customers
private information.
Download Privacy Policy
Privacy Policy
Rifco National Auto Finance Corporation
Personal Information Protection Policy
Rifco National Auto Finance
Corporation (RIFCO) is committed to
safeguarding the personal information
entrusted to us by our customers. We
manage your personal information in
accordance with Alberta’s Personal
Information Protection (PIPA) and
Personal Information Protection and
Electronic Documents Act (PIPEDA)
and other applicable laws.
This policy outlines the principles and
practices we follow in protecting your
personal information. The policy also
applies to any person providing
services on our behalf. A copy of this
policy is provided to any client on
request.
RIFCO recognizes Personal
Information to be any identifying
information of an individual that is not
publicly available and uses common
sense rules for collection, use and
disclosure.
Accountability
RIFCO has appointed a Privacy Officer
who is responsible for ensuring
compliance with PIPEDA and this
policy. RIFCOs Privacy Officer may
delegate the accountability to the
Manager or Director of each
department. This delegation for each
department may include:
• Development of a training manual
and guidelines for the secure handling
of Personal Information as it relates to
their department and employees job
function.
• Provide training for new hires and
refresher training, as required, on the
secure handling of Personal
Information.
• Oversight of adherence and
compliance of the handling of Personal
Information by employees.
• Risk assessment and mitigation of
unauthorized disclosure of Personal
Information by employees
• Timely reporting to RIFCOs Privacy
Office of any suspected breach.
RIFCO Executives, Directors,
Managers are accountable for
supporting a business culture that
promotes the safeguarding of personal
information entrusted by our
customers.
Any questions regarding this policy or
concerns with RIFCO’s compliance
with the requirements of PIPEDA, can
be addressed directly to RIFCO’s
Privacy Officer. Contact information is
included at the end of this policy.
This policy applies to anyone who
collects, uses and discloses personal
information on behalf of RIFCO
including employees and third-party
service providers.
Purpose
RIFCO collects personal information
for the purposes of providing services
to our customers, including personal
information to:
• Identify the customer
• Understand customers credit needs
• Evaluate eligibility for products and
services including credit
• Deliver products and services
• Refine and improve our current
products and services
• Develop new products and services
• Protect our customers and Rifco
against error, fraud, theft and damage
• Comply with legal and regulatory
requirements
Rifco collects customer information
directly from our customers and our
Dealer partners. Rifco may collect
customer information from other
persons with prior consent or as
authorized by law.
We inform our customers, before or at
the time of collecting personal
information, of the purposes for which
we are collecting information.
However, we do not provide this
notification when a customer
volunteers information for an obvious
purpose.
Consent
RIFCO obtains customer consent to
collect, use or disclose personal
information, except in specific
circumstances where collection, use or
disclosure without consent is
authorized or required by law. We may
assume consent in cases where
information is volunteered for an
obvious purpose.
RIFCO may not be able to provide
certain services if a customer is
unwilling to provide consent to the
collection, use or disclosure of certain
personal information. Where express
consent is needed, we request that
customers provide their consent orally
(in person, by telephone), in writing
(by signing a consent form, by
checking a box on a form), or
electronically (by clicking a button).
We may collect, use or disclose
customer personal information without
consent only as authorized by law. For
example, we may not request consent
when the collection, use or disclosure
is reasonable for an investigation or
legal proceeding, to collect a debt
owed to our organization, in an
emergency that threatens life, health
or safety, or when the personal
information is from a public telephone
directory.
In the event a client has withdrawn his
or her consent for collecting, using
and disclosing of their information,
PIPA allows RIFCO to continue to use,
disclose or retain the information if we
have legal or business reason to do so.
Limiting Use, Disclosure and
Retention
Rifco limits the amount of personal
information collected to what is
necessary to determine customers’
ability to pay the loan and for the
purposes of managing and servicing
the loan. Limiting the amount of
personal information collected reduces
our risk of improper usage or
disclosure.
We retain customer personal
information only for as long as is
reasonable to fulfil the purposes for
which the information was collected or
for legal or business purposes.
RIFCO will not use or disclose
customer personal information for any
purpose other than those for which it
was collected without the customers
express consent or as required or
permitted by law. We may disclose our
customers personal information, as
necessary, for the purpose of
collecting a debt owed to RIFCO.
RIFCO complies with Canada Revenue
Agency data retention and destruction
standards. Once a customer has
fulfilled the terms of the Loan
Agreement, personal information will
be retained for a period of six fiscal
years. Hard copy documents are
shredded by a 3rd party provider and
electronic data is deleted. RIFCO
retains non-identifying client
information for business and statistical
purposes.
Safeguards
RIFCO’s electronic data systems are
configured with data encryption. This
means that when an individual sends
personal information to RIFCO, such
as a credit card number, the electronic
data is protected by secure technology
to ensure safe transmission.
Computers, servers, networks, and
software systems containing customer
personal information are safeguarded
by limiting access to user specific,
username and password protection,
and in some instances, multi-level
authentication. External data storage
devices, such as USB drives, are not
permitted by RIFCO for storage or file
transfer purposes.
Physical documentation is stored in
locked file cabinets and restricted
storage areas.
RIFCO administrative safeguards
include training our employees on our
policies for protection of customer
personal information as well as the
consequences of non-compliance.
Sensitive information is accessible only
to those employees who require it for
operational and business purposes.
RIFCO will notify the Office of the
Information and Privacy Commissioner
of Alberta, without delay, of any
security breach affecting personal
information should occur.
We render client personal information
non-identifying, or destroy records
containing personal information once
the information is no longer needed.
We use appropriate security measures
when destroying customer personal
information, including shredding paper
records and permanently deleting
electronic records.
Use of Providers Outside Canada
RIFCO has contractual agreements
with certain service providers outside
of Canada. These agreements may
require the collection, use and
disclosure of customer personal
information as set out in the
agreement. We employ a reasonable
presumption our service providers
follow all applicable laws pertaining to
the use, disclosure, retention and
safeguarding of personal information.
Access to records
Upon request, a Rifco customer shall
be informed of the existence, use and
disclosure of their information and
shall be given access to it. Customers
may verify the accuracy and
completeness of their information, and
may request that it be amended, if
appropriate. We will amend, as
necessary, upon notice from another
organization updates to customer
personal information. Rifco will correct
a customer’s information under our
custody and control within a
reasonable time frame.
Organizations are authorized under
the Act to refuse access to personal
information if disclosure would reveal
confidential business information.
Access may also be refused if the
information is protected by legal
privileged or contained in mediation
records.
If we refuse a request in whole or in
part, RIFCO will provide the reasons
for the refusal. In some cases where
exceptions to access apply, we may
withhold that information by way of
redaction or omission and provide the
remainder of the record.
We will respond to access requests
withing 45 calendar days, unless an
extension is granted by the Office of
the Information and Privacy
Commissioner.
Compliance Breach of Personal
Information
RIFCOs Privacy Officer is responsible
for timely reporting of a suspected
Breach to the Office of the Information
and Privacy Commissioner (OIPC).
RIFCO will notify the affected
individuals directly as soon as feasible
after it has been determined that the
breach has occurred.
Individuals may submit concerns in
writing regarding the use, disclosure,
retention and safeguarding of personal
information direct to:
RIFCO Privacy Officer
privacyofficer@rifco.net
or alternately,
Office of the Information and Privacy
Commissioner of Alberta
generalinfo@oipc.ab.ca
Personal Information Protection
Training
RIFCO firmly believes training of its
employees is essential to ensure
safeguarding of the personal
information our customers have
entrusted us with. Managers and
Directors of each department are
responsible for development, training
and adherence to the safe handling of
customers private information.
Download Privacy Policy
Toll Free: 1-833-933-0382
Email:
Address:
Unit 100, 4919 51st Street
Red Deer, AB
T4N 2A8
Copyright Rifco Auto Finance 2026
Copyright Rifco Auto Finance 2026
Toll Free: 1-833-933-0382
Email:
Address:
Unit 100, 4919 51st Street
Red Deer, AB
T4N 2A8
Copyright Rifco Auto Finance 2026
Toll Free: 1-833-933-0382
Email:
Address:
Unit 100, 4919 51st Street
Red Deer, AB
T4N 2A8
Copyright Rifco Auto Finance 2026
Toll Free: 1-833-933-0382
Email:
Address:
Unit 100, 4919 51st Street
Red Deer, AB
T4N 2A8