Start of menu
Close Menu

American Express Online Privacy Statement Canada

Effective Date: January 9th, 2018

At American Express, we are committed to safeguarding your privacy. We want you to know how we may collect, use, share, and keep information about you and the choices that are available to you.

When we provide American Express products or services to you, we may also give you specific additional details about how we will use your personal information. If you have an American Express product or service that is not provided by American Express (such as a card issued by a bank other than Amex Bank of Canada), please review the relevant privacy notice that covers such product or service or contact your product or service provider for information about their privacy practices. We participate in the Digital Advertising Alliance of Canada (DAAC) self-regulatory program and adhere to the DAAC Principles for Online Behavioural Advertising and DAAC’s Application of Self-Regulatory Principles to the Mobile Environment. Please see What are your choices about how we market to you? for additional information.

This online privacy statement applies to American Express websites, online applications that run on smart phones, tablets, and other mobile devices (“apps”) as well as your use of, or access to any of our online services or content and other online programs that we offer with our partners that link to this statement. It does not apply to those websites that have their own online privacy statements such as the American Express Network website, amexnetwork.com.

Our websites and apps are not intended for children under 13 years of age. We do not knowingly solicit data online from, or market online to, children under 13 years of age.

In this statement, we describe how Amex Bank of Canada, Amex Canada Inc. (Amex Canada), and our Business Partners and Service Providers offer or participate in any service or benefit provided in relation to our products or services (together we, us, our or Amex Canada). We explain how we collect, use, disclose, and safeguard Personal Information and Other Information. This statement includes descriptions and examples to help you understand the nature of the Online Information that we collect, use, disclose and safeguard. This is a part of the Amex Canada Privacy Code which is Amex Canada’s privacy policy as well as the Privacy Notice and Consent to Use of Personal Information for your Amex Canada product or service, if it applies.

Since we may change this online privacy statement, we recommend that you check the current version available from time to time. If we make changes to this statement, we will update the “Effective Date” at the top of this page.

What is in this online privacy statement?
What information does this online privacy statement cover?

This online privacy statement describes how we (and our Service Providers) may collect, use, share, and keep information that we get about you online. We gather Online Information if you:
  • Visit or use our websites or apps;
  • Participate in the online programs we offer with our Business Partners;
  • Receive or reply to electronic communications from us;
  • View or click on our ads or other online content; and
  • Interact with us through social media websites and other websites and apps.

In this statement, we also explain how we may combine Online Information with Other Information and how we then use the combined information.


What information do we collect online and how do we collect it?

The types of information we collect depends on which product or service you use.

Sometimes you give information directly to us (or to our Service Providers). For example, you might give us your name, account number, email, mailing address, phone number, or date of birth when you:
  • fill out an online form or survey, including when you complete a card application or book travel with us;
  • register, log into or update the settings on your account using our online services;
  • register or enroll in our programs;
  • enter a contest or register for a marketing offer; or
  • buy something on our websites or apps.

We (and our Service Providers or Third-Party Ad-Servers) also collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-Identified Information such as how you arrive at our website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information. For example, if you click Remember Me when you log in to our website, a cookie will store your username.

We (and our Service Providers or Third-Party Ad-Servers) may collect information using Cookies and Similar Technologies about:
  • the device you use to browse our websites or use our apps (for example, we may collect information about the operating system or the browser version and the type of device you use to open electronic communications from us);
  • the IP Address and information related to that IP Address (such as domain information, your internet provider and geographic location);
  • your browsing and app use activities over time (such as what you search for, the pages you view, how long you stay, and how often you come back) and across other websites and apps, following your visit to one of our websites or apps (Service Providers or Third-Party Ad-Servers perform such activities on our behalf);
  • the likely associations among different browsers and devices
  • how you search for our websites or apps, from which website or app you came from, and which of our Business Partners' websites you visit;
  • which ads or online content from us and our Business Partners you view, access, or click on;
  • whether you open our electronic communications and which parts you click on (for example, how many times you open the communication); and
  • the location of your mobile device (for example, to help prevent fraud or when you register to receive or we otherwise provide location-based content on our mobile websites or apps).

We (and our Service Providers or Third-Party Ad-Servers) may also collect information made publicly available through third-party platforms (such as online social media platforms), through online databases or directories, or that is otherwise legitimately obtained.


How do we use the information we collect about you?

We may use Online Information we collect about you on its own or combine it with Other Information to:
  • deliver products and services, including to:
    • recognize you when you return to our websites or use our apps;
    • complete transactions;
    • tell you about updates to your accounts, products, and services;
    • update you about new features and benefits;
    • answer questions and respond to your requests made through our websites or apps and through third-party websites (including social media);
    • use the location of your mobile device for location-based services that you may request;
    • determine how to best provide services to you and manage your accounts, such as the best way and time to contact you;
    • improve our websites or apps and make them easier to use;
  • advertise and market our products and services – and those of our Business Partners – including to:
    • present content that is tailored to your interests, including Targeted Advertising;
    • send or provide you with ads, promotions, and offers;
    • analyze whether our ads, promotions, and offers are effective;
    • help us determine whether you may be interested in new products or services;
    • provide location-based content and advertising personalization;
  • conduct research and analysis, including to:
    • better understand our customers and our website or app users;
    • allow you to give feedback by rating and reviewing our products and services and those of our Business Partners;
    • produce data analytics, statistical research, and reports;
    • review and change our products and services;
  • manage fraud and security risk, including to:
    • detect and prevent fraud or criminal activity;
    • safeguard the security of your information;
  • assess credit risks relating to our business, including to:
    • evaluate and process your applications for our products and services and manage your existing accounts; (for example, to contact you with important information about your account) and
  • use it in other ways as required or permitted by law or with your consent.


American Express and our Third-Party Ad-Servers may use Precise Location Data which may be obtained from a mobile device to deliver Targeted Advertising to potential customers. In this case, additional personal information is not shared with us when our Third-Party Ad-Servers deliver the Targeted Advertising.

If Precise Location Data is used with an American Express app, that app will provide you with additional details and choices. Please see What are your choices about how we market to you? below.

American Express participates in advertising programs offered by various social media and online partners such as Facebook and Google. These programs allow us to serve you with advertising when you use those services. We use information we hold about you to help ensure those advertisements are relevant to you.

We may use information from one app to provide you with Targeted Advertising on another app. For example, if you begin completing an online form on the Amex app and do not complete it, we may follow up with Targeted Advertising through social media and online partners. In this context we do not share the relevant online activity with the third party.

To opt-out of these advertising programs, please see What are your choices about how we market to you? below.


How do we share your information?

Some Online Information is Personal Information.

How we treat your Personal Information

We do not share Personal Information with anyone except as described below. We may share Personal Information as required or as permitted by law, such as:
  • with credit bureaus and similar institutions to report or ask about your financial circumstances, and to report or collect debts you owe;
  • with regulatory authorities, courts, and governmental agencies to comply with legal orders, legal or regulatory requirements, and government requests;
  • with our Service Providers, regulatory authorities, and governmental agencies to detect and prevent fraud or criminal activity, and to protect the rights of American Express or others;
  • within the American Express Family of Companies;
  • with our Service Providers who perform services for us and help us operate our business (we require Service Providers to safeguard Personal Information and only use your Personal Information for the purposes we specify);
  • with financial institutions or Co-brand Partners with whom American Express jointly offers or develops products and services (but they may not use your Personal Information - in particular your email address - to independently market their own products or services to you unless you consent that they can do so);
  • in the context of a sale of all or part of the American Express Family of Companies or their assets; or
  • for specific products or services, when you have given your consent.

We may transfer Personal Information to Service Providers or companies within the American Express Family of Companies throughout the world, for example, to process transactions and provide you with our products or services. Regardless of where we process your information, we still protect it in the manner described in this online privacy statement and according to the applicable laws.

[For more information about how Amex Canada uses your Personal Information, see the Amex Canada Privacy Code which is Amex Canada’s privacy policy, as well as the Privacy Notice and consent to use personal information for your Amex Canada product or service, if it applies.]


How we handle Aggregated Information and De-identified Information

Aggregated Information or De-identified Information does not identify you individually; it helps us to analyze patterns among groups of people. We may share Aggregated Information or De-identified Information in several ways, for example:

How do we keep and safeguard your information?

We use administrative, technical and physical security measures to protect your Personal Information. These measures include computer safeguards and secured files and facilities. We take reasonable steps to securely destroy or permanently de-identify Personal Information when we no longer need it. We will keep your Online Information only as long as we must to deliver our products and services, unless we are required by law or regulation or for litigation and regulatory investigations to keep it.


What are your choices?

You will always have a right to access, update, and change or correct your Personal Information. If you want to do so or if you have any questions about how we process your Personal Information, please see the Amex Canada Privacy Code.

You have choices about how American Express uses your information, such as how we market to you or how we manage Cookies and Similar Technologies.

If you do not want us to collect information about you using Cookies and Similar Technologies you can disable or delete them. Most computer systems and browsers offer their own privacy settings. We encourage you to use them to enhance your choices. Most browsers’ advanced settings (such as those in Internet Explorer, Google Chrome or Safari) allow you to disable Cookies and Similar Technologies.

Important: If you do disable or delete Cookies and Similar Technologies, some site features and services may not work. You will need to manage your settings for each computer and browser you use to access the Internet.

For more information go to About Cookies.



What are your choices about how we market to you?

You can choose how you would like to receive marketing communications, including direct marketing - whether we send them to you through postal mail, email and/or telephone. If you choose to not receive marketing communications from us, we will honour your choice. Please be aware that if you choose not to receive such communications, certain offers attached to the products or services you have chosen may be affected. We will still communicate with you in connection with servicing your account, fulfilling your requests, or administering any promotion or any program in which you have elected to participate.

For additional information and to manage your marketing preferences, please see Additional Information and Marketing Preferences .

American Express participates in Targeted Advertising programs. We use information we have about you in order to provide you with advertising messages that are relevant to you. We participate in the Digital Advertising Alliance of Canada (DAAC) self-regulatory program and adhere to the DAAC Principles for Online Behavioural Advertising and DAAC’s Application of Self-Regulatory Principles to the Mobile Environment. The DAAC program is designed to provide information about and greater control over online advertising. It enables you to opt out from online behavioural advertising served by participating companies. The DAAC program applies to websites and mobile applications. You can use the Ad Choices opt out tool to opt-out online or get the free DAAC App Choices App for each of your mobile devices. With the App Choices App you can set your preferences for Targeted Advertising and use of data across apps. Click here to learn more about the DAAC and your choices.

If you do not want to receive Targeted Advertising from American Express in apps, you can also turn off mobile device ad tracking or reset the advertising identifier in your device settings, where these tools are available from your device platform, on each of the devices that you use. If you do not want to receive Targeted Advertising using Precise Location Data, you can also turn off location-based services in your device settings.

In addition, we also work with online and social media companies (e.g., Facebook, Google) to deliver Targeted Advertising on those platforms. If you have not opted out of email marketing with us, we may use your email address as a basis for serving you Targeted Advertising on these third party platforms. You may also opt out of Targeted Advertising directly through those third party platforms.

Do you have questions about the online privacy statement?

If you have any questions about our online privacy statement, please talk to one of our customer service representatives at Amex Canada Click here for a list of contact numbers or, write to:


Chief Privacy Officer
Amex Canada
PO Box 3204, STN F
Toronto, Ontario
M1W 3W7


Glossary



Aggregated Information - data or information, relating to multiple people, which has been combined or aggregated. Aggregated Information includes information that we create or compile from various sources, including card transactions or certain data from Cookies and Similar Technologies.

American Express (we, our, us), - the American Express Company as identified at the beginning of this online privacy statement.

Amex Canada Privacy Code - This Privacy Code sets out the privacy policy of Amex Bank of Canada and Amex Canada Inc. (“Amex Canada”), and applies to their products, services and customers (including prospective customers) in Canada. The Code is consistent with the American Express Data Protection and Privacy Principles, which apply to all American Express operations worldwide.

Business Partners- any third parties with whom we conduct business and have a contractual relationship, such as a business that accepts American Express branded cards.

Co-brand Partners - businesses we partner with to offer cards featuring both brand logos.

Cookies and Similar Technologies - a cookie is a small data file that a website transfers to your computer's hard drive. We may place cookies when you visit our website or another company’s website where our ads appear or when you make purchases, request or personalize information, or register for certain services. If you accept the cookies used on our website, websites that are “powered by” another company on our behalf, or websites where our ads appear, you may give us access to information about your interests. We may use that information to personalize your experience. Similar technologies such as web beacons, pixels, gifs, and tags also do the same thing. We use the term Cookies and Similar Technologies in this statement to refer to all technologies that collect information in this way.Please click for more information about cookies.


De-identified Information - data or information used in a way that does not identify you to a third party. We often derive De-Identified Information from Personal Information. It includes information that we may collect from various sources, such as card transactions or certain data from Cookies and Similar Technologies.

IP Address - a number assigned to a device when connecting to the Internet.

Online Information - data or information collected on the American Express websites and apps as well as on websites and apps of third parties relating to topics about our business which includes Personal Information, Aggregated Information and De-Identified Information.

Other Information - American Express internal information (for example, transaction data), external data that financial companies use to process applications and complete transactions, and other online and offline information we collect from or about you.

Personal Information- information that can identify a person, such as name, address, telephone number, and email address.

Precise Location Data- data that allows the location of a mobile device to be used for the purposes of delivering Targeted Advertising.

Service Providers - any vendor, third party and/or company that performs business operations on our behalf, such as printing, mailing, and other communications services (email, direct mail, etc.), marketing, data processing, servicing, collections, or ad management.

Targeted Advertising - ads we, or our Service Providers or Third-Party Ad-Servers, display on websites outside the American Express Family of Companies based on the preferences or interests inferred from our data, such as transaction data, or data collected from a particular computer or device regarding web viewing behaviours or app use over time and across different websites and mobile apps. Targeted Advertising may occur across browsers or mobile devices that have been associated together.Targeted Advertising includes Online Behavioural Advertising. We participate in the Digital Advertising Alliance of Canada (DAAC) self-regulatory program and adhere to the DAAC Principles for Online Behavioural Advertising. The DAAC program is designed to provide information about and greater control over online advertisements. It also enables you to opt out from online behavioural advertising served by any, or all of the participating companies.Click here to learn more about the DAAC and your choices.

Third-Party Ad-Servers - companies that provide the technology to place ads on websites (and apps) and track how ads perform. These companies may also place and access cookies on your device. The information they collect from our websites is in a form that does not identify you personally.

Back to top
Back to top