Start of menu
Close Menu

American Express Online Privacy Statement Canada

Effective Date: December 19th, 2013

At American Express, we are committed to safeguarding your privacy. We want you to know how we may collect, use, share, and keep information about you and the choices that are available to you.

When we provide American Express products or services to you, we may also give you specific additional details about how we will use your personal information. If you have an American Express product or service that is not provided by American Express (such as a card issued by a bank other than Amex Bank of Canada), please review the relevant privacy notice that covers such product or service or contact your product or service provider for information about their privacy practices.

This online privacy statement applies to American Express websites, online applications that run on smart phones, tablets, and other mobile devices (“apps”) as well as your use of, or access to any of our online services or content and other online programs that we offer with our partners that link to this statement. It does not apply to those websites that have their own online privacy statements such as the American Express Network website, amexnetwork.com.

Our websites and apps are not intended for children under 13 years of age. We do not knowingly solicit data online from, or market online to, children under 13 years of age.

In this statement, we describe how Amex Bank of Canada, Amex Canada Inc. (Amex Canada), and our Business Partners and Service Providers offer or participate in any service or benefit provided in relation to our products or services (together we, us, our or Amex Canada). We explain how we collect, use, disclose, and safeguard Personal Information and Other Information. This statement includes descriptions and examples to help you understand the nature of the Online Information that we collect, use, disclose and safeguard. This is a part of the Amex Canada Privacy Code which is Amex Canada’s privacy policy as well as the Privacy Notice and Consent to Use of Personal Information for your Amex Canada product or service, if it applies.

Since we may change this online privacy statement, we recommend that you check the current version available from time to time. If we make changes to this statement, we will update the “Effective Date” at the top of this page.

What is in this online privacy statement?
What information does this online privacy statement cover?

This online privacy statement describes how we (and our Service Providers) may collect, use, share, and keep information that we get about you online. We gather Online Information if you:
  • Visit or use our websites or apps;
  • Participate in the online programs we offer with our Business Partners;
  • Receive or reply to electronic communications from us;
  • View or click on our ads or other online content; and
  • Interact with us through social media websites and other websites and apps.

In this statement, we also explain how we may combine Online Information with Other Information and how we then use the combined information.


What information do we collect online and how do we collect it?

The types of information we collect depends on which product or service you use.

Sometimes you give information directly to us (or to our Service Providers). For example, you might give us your name, account number, email, mailing address, phone number, or date of birth when you:
  • fill out an online form or survey, including when you complete a card application or book travel with us;
  • register, log into or update the settings on your account using our online services;
  • register or enroll in our programs;
  • enter a contest or register for a marketing offer; or
  • buy something on our websites or apps.

We (and our Service Providers or Third-Party Ad-Servers) also collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-Identified Information such as how you arrive at our website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information. For example, if you click Remember Me when you log in to our website, a cookie will store your username.

We (and our Service Providers or Third-Party Ad-Servers) may collect information using Cookies and Similar Technologies about:
  • the device you use to browse our websites or use our apps (for example, we may collect information about the operating system or the browser version and the type of device you use to open electronic communications from us);
  • the IP Address and information related to that IP Address (such as domain information, your internet provider and general geographic location);
  • browsing history on our websites or apps (such as what you search for, the pages you view, how long you stay, and how often you come back);
  • how you search for our websites or apps, from which website or app you came from, and which of our Business Partners' websites you visit;
  • which ads or online content from us and our Business Partners you view, access, or click on;
  • whether you open our electronic communications and which parts you click on (for example, how many times you open the communication); and
  • the location of your mobile device (for example, to help prevent fraud or when you register to receive location-based content on our mobile websites or apps).

We (and our Service Providers or Third-Party Ad-Servers) may also collect information made publicly available through third-party platforms (such as online social media platforms), through online databases or directories, or that is otherwise legitimately obtained.


How do we use the information we collect about you?

We may use Online Information we collect about you on its own or combine it with Other Information to:
  • deliver products and services, including to:
    • recognize you when you return to our websites or use our apps;
    • complete transactions;
    • tell you about updates to your accounts, products, and services;
    • update you about new features and benefits;
    • answer questions and respond to your requests made through our websites or apps and through third-party websites (including social media);
    • use the location of your mobile device for location-based services that you may request;
    • determine how to best provide services to you and manage your accounts, such as the best way and time to contact you;
    • improve our websites or apps and make them easier to use;
  • advertise and market our products and services – and those of our Business Partners – including to:
    • present content that is tailored to your interests, including Targeted Advertising;
    • send or provide you with ads, promotions, and offers;
    • analyze whether our ads, promotions, and offers are effective;
    • help us determine whether you may be interested in new products or services;
  • conduct research and analysis, including to:
    • better understand our customers and our website or app users;
    • allow you to give feedback by rating and reviewing our products and services and those of our Business Partners;
    • produce data analytics, statistical research, and reports;
    • review and change our products and services;
  • manage fraud and security risk, including to:
    • detect and prevent fraud or criminal activity;
    • safeguard the security of your information;
  • assess credit risks relating to our business, including to:
    • evaluate and process your applications for our products and services and manage your existing accounts; (for example, to contact you with important information about your account) and
  • use it in other ways as required or permitted by law or with your consent.

How do we share your information?

Some Online Information is Personal Information.

How we treat your Personal Information

We do not share Personal Information with anyone except as described below. We may share Personal Information as required or as permitted by law, such as:
  • with credit bureaus and similar institutions to report or ask about your financial circumstances, and to report or collect debts you owe;
  • with regulatory authorities, courts, and governmental agencies to comply with legal orders, legal or regulatory requirements, and government requests;
  • with our Service Providers, regulatory authorities, and governmental agencies to detect and prevent fraud or criminal activity, and to protect the rights of American Express or others;
  • within the American Express Family of Companies;
  • with our Service Providers who perform services for us and help us operate our business (we require Service Providers to safeguard Personal Information and only use your Personal Information for the purposes we specify);
  • with financial institutions or Co-brand Partners with whom American Express jointly offers or develops products and services (but they may not use your Personal Information - in particular your email address - to independently market their own products or services to you unless you consent that they can do so);
  • in the context of a sale of all or part of the American Express Family of Companies or their assets; or
  • for specific products or services, when you have given your consent.

We may transfer Personal Information to Service Providers or companies within the American Express Family of Companies throughout the world, for example, to process transactions and provide you with our products or services. Regardless of where we process your information, we still protect it in the manner described in this online privacy statement and according to the applicable laws.

[For more information about how Amex Canada uses your Personal Information, see the Amex Canada Privacy Code which is Amex Canada’s privacy policy, as well as the Privacy Notice and consent to use personal information for your Amex Canada product or service, if it applies.]


How we handle Aggregated Information and De-identified Information

Aggregated Information or De-identified Information does not identify you individually; it helps us to analyze patterns among groups of people. We may share Aggregated Information or De-identified Information in several ways, for example:

How do we keep and safeguard your information?

We use administrative, technical and physical security measures to protect your Personal Information. These measures include computer safeguards and secured files and facilities. We take reasonable steps to securely destroy or permanently de-identify Personal Information when we no longer need it. We will keep your Online Information only as long as we must to deliver our products and services, unless we are required by law or regulation or for litigation and regulatory investigations to keep it.


What are your choices?

You will always have a right to access, update, and change or correct your Personal Information. If you want to do so or if you have any questions about how we process your Personal Information, please see the Amex Canada Privacy Code.

You have choices about how American Express uses your information, such as how we market to you or how we manage Cookies and Similar Technologies.


What are your choices about how we market to you?

You can choose how you would like to receive marketing communications, including direct marketing - whether we send them to you through postal mail, email and/or telephone. If you choose to not receive marketing communications from us, we will honour your choice. Please be aware that if you choose not to receive such communications, certain offers attached to the products or services you have chosen may be affected. We will still communicate with you in connection with servicing your account, fulfilling your requests, or administering any promotion or any program in which you have elected to participate.

For additional information and to manage your marketing preferences, please click here .

We participate in the Digital Advertising Alliance of Canada (DAAC) self-regulatory program and adhere to the DAAC Principles for Online Behavioural Advertising. The DAAC program is designed to provide information about and greater control over online advertisements. It also enables you to opt out from online behavioural advertising served by any, or all of the participating companies. Click here to learn more about the DAAC and your choices.


Do you have questions about the online privacy statement?

If you have any questions about our online privacy statement, please talk to one of our customer service representatives at Amex Canada Click here for a list of contact numbers or, write to:


Chief Privacy Officer
Amex Canada
101 McNabb Street
Markham, Ontario
L3R 4H8


Glossary



Aggregated Information - data or information, relating to multiple people, which has been combined or aggregated. Aggregated Information includes information that we create or compile from various sources, including card transactions or certain data from Cookies and Similar Technologies.

American Express (we, our, us), - the American Express Company as identified at the beginning of this online privacy statement.

Amex Canada Privacy Code - This Privacy Code sets out the privacy policy of Amex Bank of Canada and Amex Canada Inc. (“Amex Canada”), and applies to their products, services and customers (including prospective customers) in Canada. The Code is consistent with the American Express Data Protection and Privacy Principles, which apply to all American Express operations worldwide.

Business Partners- any third parties with whom we conduct business and have a contractual relationship, such as a business that accepts American Express branded cards.

Co-brand Partners - businesses we partner with to offer cards featuring both brand logos.

Cookies and Similar Technologies - a cookie is a small data file that a website transfers to your computer's hard drive. We may place cookies when you visit our website or another company’s website where our ads appear or when you make purchases, request or personalize information, or register for certain services. If you accept the cookies used on our website, websites that are “powered by” another company on our behalf, or websites where our ads appear, you may give us access to information about your interests. We may use that information to personalize your experience. Similar technologies such as web beacons, pixels, gifs, and tags also do the same thing. We use the term Cookies and Similar Technologies in this statement to refer to all technologies that collect information in this way. For more information about cookies, please click here .


De-identified Information - data or information used in a way that does not identify you to a third party. We often derive De-Identified Information from Personal Information. It includes information that we may collect from various sources, such as card transactions or certain data from Cookies and Similar Technologies.

IP Address - a number assigned to a device when connecting to the Internet.

Online Information - data or information collected on the American Express websites and apps as well as on websites and apps of third parties relating to topics about our business which includes Personal Information, Aggregated Information and De-Identified Information.

Other Information - American Express internal information (for example, transaction data), external data that financial companies use to process applications and complete transactions, and other online and offline information we collect from or about you.

Personal Information- information that can identify a person, such as name, address, telephone number, and email address.

Service Providers - any vendor, third party and/or company that performs business operations on our behalf, such as printing, mailing, and other communications services (email, direct mail, etc.), marketing, data processing, servicing, collections, or ad management.

Targeted Advertising - ads we, or our Service Providers, display on websites outside the American Express Family of Companies based on the preferences or interests inferred from our data, such as transaction data, or data collected from a particular computer or device regarding web viewing behaviours over time and across different websites.Targeted Advertising includes Online Behavioural Advertising. We participate in the Digital Advertising Alliance of Canada (DAAC) self-regulatory program and adhere to the DAAC Principles for Online Behavioural Advertising. The DAAC program is designed to provide information about and greater control over online advertisements. It also enables you to opt out from online behavioural advertising served by any, or all of the participating companies.Click here to learn more about the DAAC and your choices.

Third-Party Ad-Servers - companies that provide the technology to place ads on websites (and apps) and track how ads perform. These companies may also place and access cookies on your device. The information they collect from our websites is in a form that does not identify you personally.

Back to top
Back to top