Skip to content

Privacy Policy

Privacy Policy
Last updated December 2023

At Serefin, we're all about providing the best customer experience, and that includes protecting your privacy. We believe you have a right to know what information we collect from you and how we use and protect it.


This privacy policy (the “Privacy Policy”) applies to Serefin Inc. and its affiliates and subsidiaries (hereinafter collectively referred to as “Serefin”, “we”, “us” and “our”) and provides information on the collection, use and sharing of your personal information, including but not limited to, the personal information collected via your interaction with our websites and online platforms and your use of our products and services, whether directly through communication with us via telephone or email, or indirectly through third parties in the course of our business.


The web page located at and all linked pages together form the “Site”. When used herein, the term “Services” shall refer to any product, or service we make available to or perform for you through our Site, including any landing pages or informational pages.


This Privacy Policy applies to the collection, use, disclosure and storage of the Personal Information (as defined below) provided to us by you in your use of our Site and/or Services. Please read this Privacy Policy carefully and review it periodically for the latest information about our privacy practices. By accepting our Terms of Use [AA1] or by accessing or using our Services or Site, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy, and consent to the use of your information by Serefin as set forth herein. This Privacy Policy may be supplemented or amended from time to time, so we encourage you to review it periodically. If you do not agree with the practices described herein or in our Terms of Use[AA2] , or if you do not have authority to agree to this Privacy Policy, please do not provide us with your Personal Information or interact with the Site and/or Services.


1. Our Privacy Principles


·   We will never monetize your data.

·   We take strong measures in accordance with industry standards to protect and secure your data.

·   We use your data to make your experience better.

·   We will only reach out with promotions or marketing messages if you have opted in to such promotional messages, an option which can always adjust in your preferences.

·   We put you in control so that you can access your information, object to its sharing or request its deletion.


2. What is “personal information”?


"Personal Information" as used in this Privacy Policy means information that either alone or in combination with other information in our possession, could be used to identify you, including but not limited to name, address, email address, telephone number, postal code, gender, birthday, credit card information, and social insurance number.


The information that you are asked to provide, and the reasons why you are asked to provide it, will be disclosed to you upon our request for any such information.


The collection, use and disclosure of Personal Information by any third parties with which we have business relationships is governed by the privacy policies of such third parties, over which we have no responsibility or control. However, if we receive from such entities information about you, then this Privacy Policy will apply to our collection, use and sharing of such information.


3. When do we collect your personal information?


Serefin limits the collection, use and disclosure of your Personal Information, both in the amount and type of Personal Information collected, to that which is necessary to fulfill the purposes identified in this Privacy Policy.


We may ask for Personal Information from you in the following circumstances:


  • when you purchase any product or service from us, whether online, by telephone or by any other means;
  • when you complete our online forms, engage with Serefin personnel via our online chat functions for any reason;
  • when you contact us to discuss or make use of any of our Services;
  • when you subscribe to our e-mail notification or newsletter services;
  • when you submit an application for employment with us, or to work with us as a supplier;
  • when you enter competitions, sweepstakes or register for promotions; and
  • when you take part in surveys or provide us with feedback or questions.


In some cases, we may use other available information about you (for example from credit reference agencies, anti-fraud screening services, publicly available on-line information, and CCTV) for the purposes outlined herein.


When visiting our website, we also automatically collect session information about your computer through the use of cookies (e.g., your IP address, Web browser software, such as Firefox, Safari, Chrome or Internet Explorer, and referring website). Collecting Personal Information about how you use our Site helps us customize your user experience, prevent fraud, and serve advertisements and special offers that may be of interest to you. [In some countries, including countries in the European Economic Area, this information may be considered "personal data" under applicable data protection laws.]


4. Why do we collect personal information?


When you provide us with your Personal Information, we use it for a number of purposes, including:


  • to fulfil any existing and/or future requests for our Services which may sometimes include sensitive personal data, for example relating to your health or disabilities). You recognize that, by providing us with such sensitive personal data, you provide us with your explicit consent to process such data as required, and in accordance with, this Privacy Policy;


·   To facilitate communication between you and Serefin including, without limitation, responding to your questions or comments, sending emails concerning our products and services, or to contact you for feedback regarding us, our advertisers or our business partners;


·   in connection with a job application or inquiry, whether advertised on the Site or otherwise, to address your inquiry or consider you for employment purposes. Unless otherwise specified by you, such information may be kept on file for future employment consideration;


  • to fulfil security, customs, immigration and border control requirements associated with your travel arrangements, which may include providing information to relevant police enforcement and appropriate government agencies, as required by law;
  • to provide to appropriate third parties involved in the delivery of the travel services to you, as necessary;


  • to provide you with information about products, services and promotions that may be of interest to you, if you have opted into such communications;


·   To customize, analyze, adjust and improve the Site and/or Services to meet our or our business partners' needs and expectations;


  • for quality assurance testing, market analysis, industry studies, systems testing, analysis of statistics, benchmarking, auditing, analyzing performance measures, and preparing and distributing products and services with anonymized aggregate data and information (which may include monitoring or recording your telephone conversations with us for the purposes set out in this notice);


  • for arranging and administering any relevant insurance products;


  • for payment card verification and anti-fraud screening;


·   To prevent fraud, criminal activity, or misuse of our Services, and to ensure the security of our IT systems, architecture, and networks; and


·   To enforce our agreements with you and to comply with legal obligations and legal processes, and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.


We will use the email address we have on file for you to communicate with you about any of the above-listed items.


5. Do we disclose any information to outside parties?


We represent and warrant that we will not sell, trade, or otherwise transfer to outside parties, your Personal Information. In certain circumstances we may share your Personal Information without further notice to you, unless such notice is required by applicable laws, with the following categories of third parties:


1. Third-party Vendors, who provide services or functions on our behalf, including payment processing, business analytics, customer service, marketing, distribution of surveys or sweepstakes programs, and fraud prevention. Third-party vendors have access to and may collect information only as needed to perform their functions and are not permitted to share or use the information for any other purpose.


2. Referring Websites, for example, through a link you clicked on, on another site which then directed you to our Site.


3. Marketing Purposes. Personal Information you provide to Serefin or that we may collect indirectly, may be used by Serefin for marketing purposes. We may provide the Personal Information to third parties who may assist Serefin in contacting you with special offers or information that we believe may be of interest to you.


4. Companies within our Corporate Family. To the extent that our corporate affiliates have access to your information, where such access is necessary in the normal course of Serefin business, they will follow practices that are at least as restrictive as the practices described in this Privacy Policy. For clarity, an affiliate is an entity that controls, is controlled by, or is under common control with Serefin. They will also comply with all applicable laws governing the transmission of promotional communications.


5. Business Transfers. In the event of a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider (collectively a “Transaction”), your Personal Information and other information may be shared in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate as part of that Transaction along with other assets. Disclosure of your Personal Information under this section shall be governed by confidentiality agreements associated with the Transaction. 


6. As required by law. We may be required to share your Personal Information by law or in the good faith belief that disclosure of your Personal Information is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of our employees, users of the Services, or the public, or (v) protect against legal liability.


7. To any other person, if such disclosure is consented to you by as outlined further below.


6. Direct Marketing and Promotions


If you have opted to receive direct marketing, either from us or a third party, you may be contacted from time to time with information which we think you may find of interest. We may also pass on your contact details to other internal parts of our organization so they may inform you about products or services which may be of interest to you. Contact may be made by post, telephone, email, or social media depending on the preferred choice of communication you selected during your registration process with us.


If you no longer wish to receive marketing emails, newsletters, or other communications from Serefin, please email or follow the unsubscribe instructions located at the bottom of each marketing email. If you unsubscribe from our marketing lists, you will no longer receive marketing communications, but we will continue to contact you regarding management of your account, any Services you are receiving from us, and to respond to any requests received from you.


7. Monitoring or Recording of Calls, Chats and Other Interactions


Certain online transactions may involve telephone or online chat communication between you and Serefin personnel. Please be aware that Serefin may monitor and, in some cases, record such interactions for staff training or quality assurance purposes or to document a particular transaction or interaction.


8. How do we protect your information?


We implement commercially reasonable technical, administrative and organizational security measures to protect your Personal Information both online and offline from loss, misuse and unauthorized access, disclosure, alteration, or destruction. Only authorized employees are permitted to access Personal Information, and they may do so only for permitted business purposes.


We also offer the use of a secure server. All supplied sensitive/financial information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway provider’s database only to be accessible by those who are (i) authorized with special access rights to such systems and (ii) are required to keep the information confidential. We also employ firewalls and intrusion detection systems to help prevent unauthorized persons from gaining access to your Personal Information. For your protection, following completion of a transaction, your financial information will not be stored on our servers.


You should be aware, however, that Serefin has no control over the security of other Websites on the Internet that you might visit, even where such other sites are linked to our Site or Services. If you share your computer or use a computer that is accessed by the general public, remember to sign off and close your browser window when you have finished your session. This will help to ensure that others cannot access your information.


We want you to feel confident using our Services. However, no system can be completely secure. Therefore, although we take commercially reasonable steps to secure your information, we do not promise, and you should not expect, that your information, searches or other communications will always remain secure. In the event of a breach of the confidentiality or security of your information, we will notify you if reasonably possible and as reasonably necessary so that you can take appropriate protective steps. We may notify you under such circumstances using the email address(es) we have on record for you. You should also take care with how you handle and disclose your information.


9. Links to Third-Party Sites


Our Site or the Services may contain links to other websites not operated or controlled by Serefin, including social media platforms (“Third Party Sites”).


The information that you share with Third Party Sites shall be governed by the specific privacy policies and terms of service of such Third-Party Sites and not by this Privacy Policy, and Serefin bears no responsibility or liability in law or otherwise with respect to the content or terms of such Third-Party Sites. By providing these links we do not imply that we endorse or have reviewed the Third-Party Sites or their corresponding privacy policies or terms of use. Please contact the Third-Party Sites directly for information on their privacy practices and policies.


10.  Personal Information on Social Media Platforms


Serefin may provide access to social media platforms on some of its websites to enable online sharing and collaboration among visitors who choose to use them. Any Personal Information or other content you post or divulge, such as pictures, information, opinions, or any other type of Personal Information you make available on such social media platforms, is deemed non-confidential, public information and is not subject to this Privacy Policy. However, such content may be subject to, and you should take care to review, our Terms of Use [AA3] and/or the terms of use of any applicable social media platforms. You should be aware that content you post on any such social computing platforms may be made broadly available to others inside and outside Serefin.


Serefin shall not treat as confidential and shall not have any duty to protect any Personal Information that is posted or uploaded to the Site or to any social media platforms and made available for general viewing by you. Please do not submit sensitive information, such as patient health information, through the Site, nor post such sensitive information to social media platforms.


11.  Data Retention


(a)   Where?


The Site is hosted in the United States and our contact centres are based in Canada. If you are visiting the Site from outside Canada or the United States, please be aware that your information may be transferred to, stored and processed in (a) the United States, where our servers are located and our central database is operated, or (b) Canada, where our contact centres operate, as applicable. The data protection and other laws of each of Canada and the United States, and other countries might not be as comprehensive as those in your country. By using the Site, you consent to your information being transferred to our facilities and to the facilities of those third parties with whom we share that information as described in this Privacy Policy.


Unless there is a legal or regulatory requirement to keep such information in Canada or the United States, as applicable, Personal Information may also be stored, accessed, or used outside of Canada or the United States. Where Personal Information is located outside of such location(s), it is subject to the laws of that jurisdiction. 



(b)  How long?


We retain Personal Information for as long as reasonably necessary (i) for the purposes described in this Privacy Policy, (ii) while we have a business need to do so, or (iii) as required by applicable law (e.g. for tax, legal, accounting, or other purposes), whichever is longer.


When we have no ongoing legitimate need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.


12.  Information processing under the General Data Protection Regulation (the “GDPR”)


Under the GDPR, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it. However, we will normally collect Personal Information from you only (i) where we need the Personal Information to perform a contract with you, (ii) where the processing is in our legitimate interests and not overridden by your rights, or (iii) where we have your consent to do so.  In some cases, we may also have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person. If you are a user located in the European Union, please review the privacy laws in your jurisdiction to inform yourself of your privacy rights.


13.  Do we use cookies?


Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the sites or service providers’ systems to recognize your browser and capture and remember certain information.


We use cookies to help us remember, understand and process your preferences for future visits and compile aggregate data about site traffic and Site interaction so that we can offer better Site experiences and tools in the future. We may contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.


You can choose to limit, reject or completely turn off cookies in your browser settings. Similarly, you can disable or delete data used by browser add-ons, such as Flash cookies, by changing the settings on the add-on or visiting its manufacturer’s website. However, cookies allow you to take advantage of certain features on the Site, so we recommend that you leave cookies turned on to enjoy full functionality of the Site.


14.  Your Rights Regarding your Information


Your local applicable law may provide certain rights regarding the collection, use and sharing of your personal information. You may request from Serefin access to, correction of, updating of and/or deletion of your personal information, or object to our use of your personal information in certain circumstances, in line with applicable data protection law. Your rights may differ according to your place of residence.


Our policy is to respond to access requests as directed by applicable laws. However, we may decline access to Personal Information in certain circumstances, including where the information requested would reveal confidential information or Personal Information about someone else, or if legal or regulatory requirements prohibit providing access or permit denial of access to the requested information. You have the following data protection rights:


  1. Access. If you wish to access, correct, update or request deletion of your Personal Information, you can do so at any time by contacting us using the contact details provided below.


  1. Restrict Processing. You can ask us to restrict processing of your Personal Information or request portability of your Personal Information by contacting us using the contact details provided below. The right to data portability only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another or to give it to you.


  1. Opt-Out. You have the right to opt-out of marketing communications we send you at any time, by clicking on the “unsubscribe” link in the marketing e-mails we send you.  To opt-out of other forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details provided below. Note that we may retain certain information associated with your account, but which does not readily identify you.


  1. Withdraw Consent. Although you may have previously provided your consent to our collection and processing of your Personal Information, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.


  1. Complaint. You have the right to file a complaint with a data protection authority as it relates to our collection and use of your Personal Information.  For more information, please contact your local data protection authority.


We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We are not responsible for a failure to respond to someone who has submitted inaccurate or invalid contact information.


15.  Children


You must be at least the greater of (i) eighteen years old; or (ii) the age of majority in your jurisdiction (the “Required Age”) to use our Services. By using our Site, you confirm that you are the Required Age. We do not intentionally collect information about or from persons under the Required Age. If we learn that we have collected information from persons under the Required Age, we will promptly delete such information and your access to our Services will immediately cease. If you believe that we may have collected Personal Information from someone under the Required Age, please submit your complaint in writing to the address found in Section 14 below.


16.  Governing Law


This Privacy Policy is governed by the laws of the Province of Ontario and the federal laws of Canada applicable therein.


17.  Amendment and Notification of Changes


We reserve the right to update or alter this Privacy Policy from time to time without notice to you, to reflect revised or new practices as we change our services and provide more functionality. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable laws. You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Privacy Policy. Your continued use of the Site shall be construed as your acceptance to any amendments made to this Privacy Policy. If you do not agree to this Privacy Policy and the Terms of Use, please do not provide Personal Information to Serefin through this website.


18.  Contacting us about your Privacy


In some instances, you may be able to view or edit your Personal Information online. If your Personal Information is not accessible online, and you wish to obtain a copy of particular Personal Information you provided to Serefin, or if you become aware the Personal Information is incorrect and would like us to correct it, contact us.


If you have any questions regarding this Privacy Policy, or to issue a complaint, you may contact us using the information below:



65 Front Street E., Suite 101

Toronto, ON M5E 1B5



Before Serefin can provide you with any Personal Information or correct any inaccuracies, we may ask you to verify your identity and provide other details to help us respond to your request.