Due to the nature and sensitivity of the personal information that can be populated on the Platform, we do not permit minors to register for the Platform as a user. If you are a minor, you may only use the Platforms on behalf of a registered user who has attained the age of majority and only under such person’s supervision.
If you are under the age of 13 you may not provide any personal information about yourself. Onist does not knowingly collect, disclose or store personal information from children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with personal information, please contact us using our contact information provided in the “How to Contact Us” section below and provide us with as much information as reasonably necessary for us to locate and delete such personal information. In the event we become aware of a child under the age of 13 sending us personal information, we will delete such personal information as soon as possible.
Personal information means information about an identifiable individual. If information can be traced back to an individual, either through a name, address or a combination of other data elements such as job, postal code and type of car, that information is considered personal information.
The personal information residing on the Platforms is determined entirely by you and the other users. You decide what information to provide us with, either directly or indirectly. You directly provide us with your personal information by populating such information directly into the Platforms. You can indirectly provide us with your personal information in one of two ways:
The personal information you populate will depend on how you wish to use the Platforms. For example, if you choose to use the Platforms to organize and communicate your financial data with your financial advisors, you and your advisors may populate various financial information about you and members of your family members including your/their bank account information, insurance policies, shareholdings, trading history and mortgage statements. By populating financial information and adding your financial advisor as a Connection, your advisor can have access to all relevant financial information to suggest products and activities that would benefit you, such as further diversifying your portfolio or reducing exposure to certain industries. The Service (as defined below) separates your Content into the following four modules (each a “Module”): (1) family module, which consists of personal information of you and your family, information about business entities you or your family own or are involved with, and your professional contact list, (2) net worth module, which consists of information about your financial accounts, including your assets and liabilities, (3) transaction activity module, which consists of information about your financial transactions, and (4) vault module, which consists of documents you, or other users you have granted permission to, upload onto the Platforms. You represent and warrant to us that you have obtained all required consents and are fully authorized to disclose all information populated into the Platforms including without limitation personal information of your family members and clients, as applicable. You further agree to indemnify and hold Onist, its affiliates, subsidiaries, partners, service providers, suppliers and contractors and each of their respective officers, directors, agents, and employees, harmless for any loss, cost, complaint, damage, claim or liability whatsoever arising from or in connection with your disclosure of such information in connection with your use of the Platforms.
As part of the functionality of the Platforms, you may provide other registered users with access to one or more Modules and/or certain individual resources (such as uploaded documents) through the Services (each such user is referred to as a “Connection”). You control who your Connections are and the level of access each Connection will have. For example, you may provide your broker or your financial advisor with access to your net worth Module and you may provide your spouse with access to your family Module. In addition, you may choose to provide a Connection with limited access (i.e. “read-only” access) or full access (i.e. “read and write” access, which includes the ability to add/edit/delete information) to a Module or an individual resource. If you provide a Connection full access to a Module or an individual resource, such Connection will be able to see all other Connections to whom you have provided access to such Module or individual resource.
The functionality of the Platforms allows you to provide Connections the ability to unilaterally share Modules or certain individual resources with third parties. You can provide a Connection such ability at such time as you provide such Connection access to the applicable Module or individual resource. For example, you may provide a Connection the ability to unilaterally share your net worth Module, but not your transaction activity Module. If you do not expressly provide a Connection the ability to unilaterally share a Module or an individual resource, such Connection may request to share their access to such Module or individual resource with third parties through the Platforms. In such an event, you will receive a notification advising of such access and, upon receiving the notification, you must expressly authorize or decline such third party’s access.
Please be cautious in providing Connection access and allowing a Connection to share your Content with third parties. While you can change a Connection’s access rights at any time, once you have provided a Connection or a third party with access to your Content, Onist has no control over the use and disclosure of the accessed Content by such Connection and/or third party. Please ensure that you are comfortable with the information practices of your Connections before providing them with access to your Content.
Onist uses your personal information to provide you with the services rendered through the Platforms (collectively, the “Services”) including disclosing your personal information to its service providers as described below. This includes storing your personal information, using your third party account access information to retrieve your data from the relevant accounts in accordance with your instructions, making your personal information available to your Connections and allowing you and your Connections (provided you have provided them full access) to modify and update your personal information. We may also use your personal information to improve and customize the Services. Onist requests your first name and last name when you register. Onist also allows you to upload your profile picture. Your first name, last name and profile picture (if uploaded) will be shown to any registered user who requests to appoint you as a Connection. Onist will notify you about such a request and will ask for your approval. Your first name, last name and profile picture (if uploaded) will also be shown to any registered user who has full access to any Module or individual resource that is also shared with you.
Onist uses your personal information to contact you in order to provide product information, newsletters, service updates, and notifications about the Service.
Onist automatically collects session information whenever you log onto and out of the Platforms. This information includes your browser’s type and version, your operating system’s type and version, your IP address, the time you logged in and the time you logged out. We collect this information as an additional security measure, to give you full visibility to your active sessions and your login history, to allow you to identify suspicious activity in your account, and, if needed, to delete an unrecognized session. Onist does not share this information with anyone but you, and you cannot share this information with your Connections.
Many technical issues can be resolved without looking into your personal information. Nevertheless certain technical issues might require Onist to access your personal information in order to analyze and fix them.
Onist may use and disclose your personal information as required or permitted by law including, without limitation, in order to assist with a law enforcement investigation or comply with any subpoena, warrant or any judicial, administrative orders or demands.
If you elect to have the Platforms access information from third party accounts by providing the access information to such third party account, Onist’s service provider, Envestnet Yodlee, Inc. (“Yodlee”), will access such third party accounts for the purposes of retrieving the relevant information and making it available on the Platform. Except for such access information, Onist does not provide Yodlee any other information about you.
Yodlee creates anonymous information derived generally from your Content (“Aggregated Data”) and combines this Aggregated Data with other anonymous information in Yodlee’s possession (“Yodlee Data”). The Yodlee Data is an amalgam of anonymous information obtained from such sources. Yodlee uses Yodlee Data to improve Yodlee’s services, perform fraud screening, verify identities and verify the information contained in Yodlee accounts for use across the Yodlee network. Where permitted under applicable law, Yodlee may also separately sell, license, reproduce, distribute and disclose the aggregated, anonymous Yodlee Data. Even though the Yodlee Data does not contain your personal information, nor does it allow you to be attributed to any data, we wanted to make you aware of Yodlee’s anonymous data practices. You acknowledge that Onist has no control over the collection, use or distribution of Aggregated Data by Yodlee. When you close your Account with Onist, the anonymized data that was derived from your Content and combined into Yodlee Data will not be removed from Yodlee Data. Please do not provide access information to any third party account if you are not comfortable with Yodlee’s practices described in this paragraph.
We implement and require our service providers to implement industry best practices appropriate to the sensitivity of your Content. We use and require our service providers to use administrative, technical, and physical safeguards to protect your Content against loss, theft, and unauthorized access, use, disclosure, copying, modification, disposal, or destruction in accordance with applicable legal requirements and industry best practices. These safeguards include, but are not limited to, token-based authentication, server hardening, running services in a virtual private cloud, encryption of data in transit and at rest, client side encryption, and audit trails. We train our employees to follow privacy and security practices specific to the Services. We also undertake security assessments to ensure that we maintain strong security controls.
Onist makes further distinction between your financial data, your uploaded documents and the rest of your personal information in an effort to ensure that no person, not even our employees, will be able to gain access to your financial data or to the content of the documents you store with Onist. Your financial data, your uploaded documents and the rest of your personal information are stored separately on two different sub-systems. Your financial data is fully anonymized when it is stored on our servers. The content of your documents is encrypted on your computer before it is uploaded to storage. Getting the full picture of your finances requires gaining access to both sub-systems. Such access is only given to your browser or the browser of your Connection(s) once you/they are logged onto the Platforms. Exceptional situations that require Onist to access your data, for example in order to fix certain technical issues, require our employees to follow a protocol that is fully audited and must involve more than one person.
You have the right to access personal information we hold about you and to have any concerns you may have over our policies and practices addressed. In addition, you have the right to obtain information regarding our policies and practices with respect to our use of service providers outside Canada, including Amazon. To access your information, discuss your concerns or learn more about our policies and practices please contact us using our contact information provided in the “How to Contact Us” section below.
Any comments or questions regarding your personal information or our policies and practices with respect to your personal information may be directed to email@example.com.
192 Spadina #405