Privacy and security

Meridian Credit Union’s (“Meridian”) Privacy and Security Notice together with any privacy related provisions included in the agreements you have with us form our privacy policy. This policy applies to the collection, use, or sharing of any personal information collected by Meridian in the course of conducting its business and will continue to apply for so long as we may hold your information (including for a reasonable time after the termination of your relationship with us.) By providing us with information, you are consenting to the collection, use or sharing of your information as set out in our privacy policy.

Meridian is dedicated to protecting your privacy and your personal, business and financial information. We carefully follow privacy policies and security practices in everything we do, to support our commitment to you.

What we collect and how we may use or disclose your information

When you apply for or open an account with us and through the course of our relationship we may collect, use and disclose certain information obtained from or about you to. Generally, we use this information to communicate with you, confirm your identify, satisfy legal or regulatory requirements, prevent fraud, maintain security, administer your accounts, offer to you and ensure your suitability and eligibility for products or services and to collect debts owed to us. Examples of how we collect, use or disclose your information include:

Contact information, such as your name, address, email address, social media or other electronic addresses and telephone numbers, which we may use to communicate with you;
Identity information, such as date of birth, nature of business or occupation. This information may be used to protect against fraud, money laundering or may be required by law for us to collect. As well we may collect identification documents such as a driver’s license or other documents such as a utility bill. We use these items to verify your identity;
Financial information, such as income, assets, liabilities, transaction history, payment history, credit history, and account activity. We may use this information to understand your needs, determine appropriateness, suitability or eligibility for certain products and services;
Credit Bureau Information and other information about you, that we may use, disclose and collect from credit bureaus, credit reporting agencies or other financial services databases. We may do this to prevent against fraud or to ensure your suitability and eligibility for certain products, including pre-approved products.
Social Insurance Number (SIN), which we use for tax reporting purposes when requesting interest generating products or other investment income generating products or to verify and report credit or other information with the credit bureaus and credit reporting agencies. Also we may use your SIN to confirm your identity as it allows us to keep your information separate from others, such as those with similar names. You may refuse to consent to the use of your SIN or its disclosure, except for purposes required by law, such as tax reporting.
Health Information, for the purposes of providing optional insurance products or services. We may use a third party to provide credit insurance products or services, as such you consent for us to exchange information including health information with the third party insurance provider.
Other individuals’ information, such as names and contact information of beneficiaries, your spouse, dependents or references. This information may be required by law, or to provide certain protection to you or in the case of references to verify information you have provided.
Recordings of telephone calls or other electronic communication. This is used to establish a record of the information provided to you by us and a record of your information and instructions to us and to maintain quality of the services we provide. We may also use video recording in and around our physical premises and ATMs to ensure your safety and ours and to prevent against fraud and other illegal activity.
Electronic or computer information, such as IP addresses, information about your operating system, web-browser or internet connection. We may use this information for the reasons described within the notice, particularly for security purposes or to enhance your digital experience.
Other information, that may help us to confirm your identify, satisfy legal or regulatory authority, collect a debt to us, prevent fraud, maintain security, administer your accounts or ensure your suitability and eligibility for products or services.

We strongly encourage you to read this entire document together with your account agreements as other means of collecting, using and disclosing your personal information may be described within.

Download our Privacy Policy (PDF, 174KB)

We are committed to protecting your privacy; and your right to control the collection, use and disclosure of your personal information; whether it is under Meridian's control, or information that has been transferred to a third party for processing, in accordance with Canada's Personal Information Protection and Electronic Documents Act (2000).

Accountability: We have designated a Privacy Officer who is responsible for overall privacy governance and all employees are accountable for compliance to these principles. The contact information for our Privacy Officer can be found within this notice.
Identifying Purposes: Before or at the time we ask you for personal information, we will identify the purposes for which it will be used or disclosed. We may ask for information about your identity, transactions, your application, financial behaviour, or other details particular to the product or service.
Consent: You are always in control of your personal information. We require your knowledge and consent for the collection, use, or disclosure of personal information (except when specific legislative or circumstances apply) and we will explain how your information will be used and with whom it will be shared, in a clear, comprehensive and easy to find manner. We will make it easy to withdraw your consent at any time; however this may affect our ability to provide products and services, or fulfil our commitments to you. We will not collect, use or disclose your personal information without your consent, except where required by law, or sell your personal information to third parties.
Limiting Collection: We only collect information needed for the purposes we have identified, or the products and services you have requested, and we only collect information by fair and lawful means. We keep this information only for as long as it is needed for the purposes described above, even if you cease to be a Member.
Limiting Use, Disclosure and Retention: Unless you consent otherwise or it is required by law, your personal information will only be used or disclosed for the purposes it was collected. We retain your documentation for the longer of: (a) the duration required to provide products, services or commitments to you; and (b) our legal and regulatory requirements. This may require us to retain your information beyond the end of your relationship with us however, we will securely dispose of your personal information when we no longer need to retain it. You acknowledge that we may use third party service providers that operate outside of Canada, as a result, your information may be securely used, stored or accessed in other countries and be subject to the laws of those countries. For example, information may be shared in response to valid demands or requests from government authorities, courts and law enforcement officials in those countries.
Accuracy: To ensure we are able to satisfy the purposes for which you have provided your personal information, we will list specific items of personal information. If you believe the personal information we have retained about you is inaccurate, you may request that we review and correct any errors.
Safeguards: We will protect your personal information with appropriate physical, technological and organizational safeguards relative to the sensitivity to the information, regardless of the format in which we hold it (physical or electronic) and even when it is being disposed. We regularly train our employees on the importance of maintaining the confidentiality of your information. Please note your information may be processed by our service providers in other countries. By using our products or services, you consent to the transfer of information to countries outside of Canada - including the United States - which may provide for different data protection rules.
Openness: We will make clear, easy to read and consistent information about our policies and practices relating to the management of personal information readily available in writing, by telephone, in publications and on Meridian’s website. We will include details of who is accountable for these policies and practices; to whom access requests may be sent; and to whom concerns may be addressed. We will also describe what personal information (if any) is made available to other organizations (including subsidiaries or parents) and why. We will not sell your personal information.
Individual Access: Upon request, we will inform you as to the existence, use, and disclosure of your personal information and be given access to that information. You are entitled to question the accuracy and completeness of the information and have it amended as appropriate. We will endeavour to provide this information to you within 30 calendar days, however occasionally we may need additional time and we will communicate these reasons to you. You may access the information we have retained about you by contacting our Privacy Officer.
Challenging Compliance: You are able to challenge our compliance with the above Privacy Principles. We have simple and easily accessible complaint procedures and we will take appropriate measures to correct information handling practices and policies, where deficiencies are identified. We will notify you of the outcome of investigations.

For further information on PIPEDA, please visit: https://www.priv.gc.ca/en/privacy-topics/

Privacy Preferences

To manage your privacy preferences, including marketing preferences, or to refuse or withdraw consent, please contact or visit your local branch or contact our Contact Centre.

Meridian Contact Centre, Toll Free:
1-866-592-2226 (request your Branch Manager)
Email: MeridianContactCentre@meridiancu.ca

You may also contact us by mail or online:
Meridian,
Attention: Privacy Officer
3280 Bloor Street West Centre Tower, 7th Floor
Toronto, ON, M8X 2X3

Email us: privacyofficer@meridiancu.ca

Have a Concern about Privacy?

Meridian^TM is committed to providing you with the best Member experience that we can.

If you have a concern about privacy, please follow our easy 3-step Member Concern Handling Procedures ("MCHP").

Step 1: Talk to your Branch, Wealth or Business Banking Representative

How to contact your Branch, Wealth, or Business Banking representative
Call your home branch directly. You can find branch contact information with our Branch Locator.

Get in touch with your branch through our Contact Centre
Call Toll Free: 1-866-592-2226. Select option 1 (request your Home Branch)
Call International Collect: 1-416-597-0165
Email: MeridianContactCentre@meridiancu.ca

Step 2: Contact your Branch Manager

How to contact your Branch Manager
Call your home branch directly. You can find branch contact information with our Branch Locator.

Step 3: Contact the Privacy Officer

How to contact Meridian’s Privacy Officer
Email: privacyofficer@meridiancu.ca

Mail:
Privacy Officer
75 Corporate Park Drive
St. Catharines, ON L2S 3W3

Note: If corresponding by email, please do not include any confidential information as email correspondence is not guaranteed to be secure.

If you want more information or are still not satisfied after contacting Meridian’s Privacy Officer, the following external agencies can provide you with information and a further review of your concern:

Office of the Privacy Commissioner of Canada (OPC)
The OPC oversees compliance with Canada's privacy laws, and you can contact them at any time with a privacy complaint.

Toll-free: 1-800-282-1376
Online Form: On the OPC website

Mail:
Office of the Privacy Commissioner of Canada
30 Victoria Street
Gatineau, Quebec K1A 1H3

Note: If corresponding by email, please do not include any confidential information as email correspondence is not guaranteed to be secure.

Meridian offers you a variety of ways to bank and interact with us online. Our digital channels offer you control and convenience as well as access to our digital services.

Digital banking provides convenient access to information and the ability to perform transactions from home, work or other locations. It is important to be aware that when you communicate via the Internet, other people and software can also communicate with your computer. An inadequately protected computer can be accessed by an unknown party or a virus in a very short period of time.

What we are doing to protect your security
Meridian Online Banking offers you the best security currently available in a commercial environment so that your personal and financial information is protected while in transit between your computer and our server. This is done through the use of industry standard security techniques:

In addition to encrypted passwords, Meridian’s Online Banking services offer enhanced security features, including the use of challenge questions, to help you identify that you are accessing Meridian’s Online Banking site (and not a fraudulent site masked to appear as the legitimate online banking site). You will be asked to answer one of your personal challenge questions if you sign in to Meridian’s Online Banking or Mobile Banking App from a computer or mobile device that you have not previously registered as ‘trusted’.
Encryption ensures that information cannot be read in transit or changed by scrambling the data using a complex mathematical formula. Some browsers can create a more secure channel than others, owing to the 'strength' of their encryption. Meridian uses the strongest channel available - referred to as 128-bit SSL (Secure Socket Layer). If you have a browser that only supports 'weaker' encryption such as 40-bit or 56-bit SSL, you will need to upgrade your browser before using our site. The longer and more complex the 'key' is, the stronger the encryption. The 40 and 128 refer to the length of the key. Since 128 is longer, than 40, it is more secure.
Use of robust and multi-layered security of servers and applications, multiple layers of internal and external firewalls which protect Meridian’s online environments.
Regular reviews of our security practices and technology updates as well as regular reviews to ensure our security and privacy policies and standards reflect our industry leading position.
Access to our databases is strictly managed and systems are in place to ensure security is not breached, including the physical security of our computer hardware and communications.
Automatic session terminations - To help you protect your information, if there has been no activity for 15 minutes, you will be prompted that your session will be terminated and have the option to continue with your session, if not replied to within 5 minutes; your online banking session will end automatically.

What you need to do to protect your computer and password
Protecting your password and answers to your secondary challenge questions.

Just as you play a vital role in ensuring the security of your home and your possessions, you too share in the responsibility for ensuring that your personal information is adequately protected. In order for us to ensure that only you are accessing your accounts, we need a unique way of knowing that it's you. Just as the key to your home protects unwanted entry, the online banking 'key' - your password and your secondary challenge questions - ensures that only you can access your accounts.

It is your responsibility to ensure that your 'key' to Meridian Online Banking is protected. Please observe the following security practices:

Select a password that is easy for you to remember but difficult for others to guess.
Select your security questions that only you know the answer to.
Select your security image and phrase that is easy to remember and meaningful.
Do not select a part of your PIN (your ABM 'key') or another password.
Keep your password and secondary challenge answers confidential - do not share.
Do not write your password down or store it in a file on your computer.
Never disclose your password to anyone for any reason. Ensure no one watches you type in your password.
Change your password regularly. We suggest every 90-120 days.
Members are reminded that any password that has been in use prior to March 2012 will be required to follow new requirements the next time their password is reset.

Protecting your computer

Never leave your computer unattended while using banking services.
Always exit the Meridian Online Banking using the logout button and close your browser if you step away from your computer. Your browser may retain information you entered in the login screen and elsewhere until you exit the browser.
Prevention of Browser Caching (storing of pages) is enabled by default when using Meridian Online Banking. This prevents secure pages and page information from being stored on your personal computer. It is also a beneficial security feature if you are accessing the site from a shared computer, such as at a friend's house or through a publicly-accessible computer, such as at a library or airport.
Secure or erase files stored on your computer by your browser so others cannot read them. Most browsers store information in non-protected (unencrypted) files in the browser's cache to improve performance. These files remain there until erased. They can be erased using standard computer utilities or by using your browser feature to "empty" the cache.
Disable automatic password-save features in the browsers and software you use to access the Internet.
Install and use a quality anti-virus program. As new viruses are created each and every day, be sure to update your anti-virus program often. It is recommended you update anti-virus definitions automatically. Scan all download files, programs, disks and attachments and only accept files and programs from a trusted source.
Install and configure a personal firewall on your computer to ensure others cannot access your computer through the Internet.
Install new security patches as soon as your operating system and Internet browser manufacturers make them available.

Protecting your information when using a public computer
You should be extra vigilant when using publicly available computers. Even if you adopt the tips above to protect your information, you need to bear in mind that even benign programs, like popular desktop search programs, can pose a security risk. Certain programs, such as Google Desktop, cache items that you have viewed so an unwelcome third party can easily search and find those pages again later.

To ensure a safe and secure Internet session, only visit reputable sites. If you visit any questionable web site before Meridian Online Banking, we recommend you close your browser and restart it before proceeding to Meridian Online Banking.

Fraud: Recognize it. Report it. Stop it.
Electronic identity theft can occur when you respond to a fraudulent email that asks for your personal banking information (This is called Phishing). Armed with this information, a person may be able to access your accounts or establish credit, pay for items or borrow money using your name. For this reason, Meridian uses different methods to help you confirm the Meridian Online Banking site is legitimate and secure. These include the selection of a unique personal image, challenge questions and answers and a unique personal code.

Safety precautions for online banking
We will never ask you for your personal passwords, personal information numbers or login information in an email.

If you receive such an email:

Do not click on any links contained in the email or reply to it;
Immediately forward the email to onlinebankingsecurity@meridiancu.ca.
Delete the email once reported.
Check the address of any webpages that ask you to enter personal account information. In the toolbar at the top of the page any legitimate banking web site will begin with 'https' to indicate that the page is secure.
Look for the padlock found in the lower right corner of your screen. If the webpage is legitimate, by clicking on the padlock, you can view the security certificate details for the site. A fraudulent site will not have these details.
Type in our web address yourself to ensure you are transacting with our server.
Check your bank and credit card statements regularly to ensure that all transactions are legitimate.

By working together, we can defend potential online information security threats. Contact Meridian at 1-866-592-2226 immediately if you suspect someone has gained knowledge of your password or if you suspect any loss, theft or unauthorized use of your account.

We use "cookies" as part of our interaction with your web browser

What is a “cookie?”

A "cookie" is a small text file that's stored on your computer, smartphone, tablet, or other device. When you visit a website or use an app, a cookie distinguishes you from other users.

Cookies are used for many reasons including security, fraud prevention, and site performance. Cookies also allow for efficient page navigation and personalized content.

Types of cookies

Session cookies: these are temporary cookies. They expire when you leave the website or log out of online banking. Session cookies allow the website to recognize you as you move between website pages during a browsing session.
Persistent cookies: these are stored on your device between browsing sessions until they expire, or you delete them. Persistent cookies enable the website to recognize you and your preferences upon your return.

Our website, www.meridiancu.ca (“our site”), uses session and persistent cookies to distinguish you from other users of our site. This helps us give you the best possible experience. We may also use third-party cookies for security purposes and marketing campaign analytics.

Increased fraud prevention, faster site speed, and a customized user experience are just a few examples of how cookies help us improve our site.

Consent to cookies

By continuing to browse our site, you’re agreeing to our use of cookies.

If you don’t consent or wish to withdraw your consent, you’ll need to delete and block or disable cookies in your browser settings (read on for more information on how to do this). Remember, disabling cookies can affect the functionality of this site and may prevent you from accessing certain site features, including online banking.

Blocking cookies

You can block cookies within your browser by activating the setting that allows you to refuse all or some cookies. These settings are usually found in the ‘options’ or ‘preferences’ menu of your browser. Keep in mind that if you use your browser settings to block all cookies you might not be able to access all or parts of our site.

To learn more about cookies, including what cookies have been set and how to manage and delete them, visit allaboutcookies.org. Alternatively, you can search the internet for other independent information on cookies.

Security is an integral part of everything we do.

Strong security is our digital backbone. We’re committed to keeping your accounts and personal information safe and secure. In fact, we’re so confident in our online security that in the unlikely event that *unauthorized transactions occur, we will reimburse you 100%. GUARANTEED.

Our commitment to you
We protect your online and mobile transactions and make sure they are as safe as possible. To protect the privacy and integrity of your information during transactions, our security safeguards include:

Strong encryption technology to make sure that data passing between your PC and our web server is secure
Digital certificates issued by trusted third-party companies to let you know that our website is secure and genuine
Automatic log out after 20 minutes of inactivity
Firewalls to protect your information with us
Immediate investigation into any suspicious activity identified on your account

Your commitment to us
We can’t do it all alone. We need you to do your part to help keep your information safe. This means that you’ll need to follow the terms in your account agreements and the protection guidelines outlined under Your Online Privacy.

To receive reimbursement under this guarantee, you need to:

Keep software up to date, including updated anti-virus and firewalls
Always log out of your online banking sessions
Keep your password confidential and secure and do not disclose it to any person
Review your bank statements for suspicious activity as soon as you get them
Do your own due diligence on all transactions
Let us know about any suspicious activity right away. (If you think you are a victim of fraud, please call us immediately at 1-866-592-2226)
Remember that email messages are not encrypted and they could be intercepted and read by third parties. Please don’t send us any personal information by email
Keep your Challenge Questions unique and hard to guess
Take steps to protect yourself against *phishing and think twice before clicking on links embedded in emails asking you to log into your account
Check the URL in your browser to make sure the website is authentic and look for the locked padlock icon. You can confirm a valid certificate by double-clicking on the locked padlock icon
Don’t use a public wireless network to log into your Meridian online banking or mobile application

Making these commitments to each other will keep your financial and personal information well protected and safe.

Remember we’ll never send you emails or text messages asking for personal information, your ABM PIN, your Challenge Question answers, or online banking password.

We always have your back.
We’re always here for you and if you have any questions or concerns about the security of your Meridian accounts or Meridian’s mobile services, please contact us at MeridianContactCentre@meridiancu.ca

*Unauthorized Transactions means a transaction made on a Card or Account by any person or entity other than an Account User.
*Phishing is a type of online fraud that asks you to disclose private information.

Identity fraud is the stealing of personal information and then using it illegally.
If you think you are a victim of identity fraud and are a Member, call Meridian immediately at 1-866-592-2226

Thieves might get documents from your trash, steal your purse or wallet, gather information that you have posted on the Internet, change your address with creditors and apply for new loans or credit cards in your name. You may not be aware of this until months or years have passed.

Protect your personal information: Do not give account or card number information to anyone, whether in person, over the phone or online, unless you are confident to do so. Do not carry your Social Insurance Number card in your wallet unless it is necessary.

Memorize your passwords and bank machine Personal Identification Number (PIN): Don't write down your bank machine Personal Identification Number (PIN) or your online banking password. If you must write these down, keep them in a safe place and do not carry them in your wallet or purse. Never give this information to anyone, even a Meridian employee. Our employees will never ask Members for this information, so be suspicious of anyone asking for it.

Keep your Personal Verification Question (PVQ) answers confidential: Do not share your Personal Verification Question (PVQ) answers with anyone, and do not disclose them in any e-mails. Giving your PVQ answers to another person or company places your finances and privacy at risk. Meridian will never request this information.

Report thefts and losses immediately: If your wallet or purse is lost or stolen, call Meridian at 1-866-592-2226 to block your accounts and cards from use. Shred or tear up junk mail and statements: If you don't want mail offers, tear them up or shred them. Identity fraud often occurs by thieves going through trash for this. As well, tear up or shred any personal information such as receipts that show your card numbers or bank statements.

Review your account statements: Report suspicious transactions immediately to Meridian at 1-866-592-2226. Review your credit report: At least once each year, contact a credit bureau to check the accuracy of your credit report.

Protect your Personal Identification Number (PIN): When entering your Personal Identification Number (PIN) at a bank machine or debit terminal, position yourself to block others from observing you enter your PIN. Stay alert.

Protect your credit cards: Sign credit cards as soon as you receive them. Cancel inactive cards and don't lend your credit cards.

Practice safe computing: Installing up-to date anti-virus/spyware software and a firewall on your computer will help keep your Meridian Online Banking safe.

How to protect yourself from Identity Theft: Identity thieves are criminals that will learn and use your personal information to access your financial accounts. Checking your accounts regularly and using these tips will help keep your banking experience as secure as possible.

Cheque fraud
Cheque fraud is the most common financial crime and account for billions of payments each year, making them a prime target. Counterfeit cheques are not written or authorized by legitimate account holder. Forged cheques are not signed by account holder while an altered cheque has been intercepted and the payee and/or the amount have been altered.

Try to focus on electronic payments such as wire payments, direct deposit and pre-authorized payments, it’s harder work for the criminals. Keep any cheques in a secure location, this is common item thieves will look for during a burglary. Destroy unused cheques right away and review statements as soon as you get them. When laser-printing cheques, use cheque paper with the permanent toner to permanently bond ink.

Moving money for strangers
Criminals want you to do their banking. If they earn your trust, they'll use your account to cash phony cheques, collect money from other accounts, and move stolen money offshore. They use a variety of schemes to convince you that they're legitimate. Some will even give you money to earn your trust. By accepting and re-directing electronic deposits (such as wire transfers), you could be participating in a money-laundering scheme if those deposits were proceeds of a fraud or other criminal activity. The stories vary, but the results are the same: fraud and financial loss.

Think about these common criminal activities:

You win the lottery	A criminal tells you you've won a lottery, but taxes need to be paid first. If you're unable to pay the fee on your own, you may be offered financing from someone else (who is involved in the scheme). You receive a cheque to cover the taxes and then wire the money to cover the taxes. Afterward, you learn that the original cheque was fraudulent and that you're responsible for the losses.
Oops, I overpayed	The criminal buys something from you and overpays for the item. After you refund the difference, you learn that the original payment was fraudulent and the charges have been reversed.
Earn money from home	A job offer involves receiving funds into your bank account and then transferring a portion of the collected funds on to another account. After transferring the funds, you learn the original transaction has been reversed.
The man from the ‘government’	A criminal tells you they are a government official from another country, and that they need your help getting funds out of the country. You receive monies and then forward them. Like the above cases, the original deposit is fraudulent and you're liable for the amount forwarded.
Your phony inheritance	A relative you never met has left you money in their will. But you need to pay service fees before receiving the funds. Like the other examples above, this scam can leave you on the hook for significant financial losses.

Minimize the risk

Never conduct financial transactions on behalf of strangers
Be wary of any offer that sounds too good to refuse
Cheques and other deposits can be reversed long after funds have cleared
Never wire funds until the legitimacy of the cheque or electronic deposit is confirmed
If you suspect a cheque may be fraudulent, we recommend that you have the cheque certified at the issuing bank (the bank which appears on the cheque)

Beware of Requests to Change a Supplier's Banking and/or Mailing Details
A fraudster may contact a business and say that the supplier's address and banking information have changed. They request that all future payments for this supplier be sent to this new bank account and/or mailing address. This is what it looks like:

A false fax designed to look like a legitimate fax from the actual supplier
An e-mail from a fake e-mail account, claiming to originate from the actual supplier
They call an individual in Accounts Payable with the request, and follow up with a false fax or e-mail, as described above

It is prudent for all businesses to be aware of such scams and consider implementing protective measures. Always make a return call to a trusted contact person at the supplier to validate if this request is legitimate Remember: Do not advise the individual making the request that the validation call will be made; do not use any new telephone number(s) provided by the individual making the request

Avoiding Internet Stock Fraud
Although the Internet is an excellent tool for investors to easily and inexpensively conduct research on companies of interest, it is also an efficient means of spreading fraudulent investment opportunities and artificially inflating the price of thinly traded securities.

If you suspect fraud is happening to you, contact Meridian at 1-866-592-2226 immediately.