The CBA complies with Canada’s federal privacy legislation, the Personal Information Protection and Electronics Documents Act (PIPEDA) in the handling of your personal information and the personal information of our employees.

This policy generally explains how we handle personal information about individuals outside of the CBA. We have a separate policy for our employees.


Collecting Personal Information
Collection and Use
Keeping Personal Information Accurate
Safeguarding Personal Information
Making Information Available About Privacy Policy and Procedures
Access to Personal Information
Notice of Change to the CBA Privacy Policy


The CBA is accountable for all personal information in our control and has a Privacy Officer who is designated to be responsible for the handling of personal information within the CBA. Our Privacy Officer can be reached by:

Email at
Mail P.O. Box 348, Commerce Court Postal Station, Toronto, Ontario, M5L 1G2

We request that you do not include any sensitive personal or banking information in any of your communications with the CBA.

Please note that the CBA is not a regulator and does not intervene in matters between banks and their customers. The CBA can only provide general information about banks in Canada. Please direct any questions directly to your bank using the process that they describe on their website or in their privacy policy.

We remain accountable for the personal information any of our service providers may collect or use on our behalf. We make sure our contracts require our service providers to comply with privacy legislation and other applicable laws and only use the information in the ways necessary for those services.

Any questions about our handling of personal information should be directed to our Privacy Officer. Please see below for more information about how access requests, complaints or questions about our handling of personal information should be dealt with.

Collecting Personal Information

The CBA limits collection of personal information to the purposes we outline below or the purposes we disclose at the time we collect it. If you reach out to the CBA with a question or request, we will only use the personal information you provide for the purposes of investigating or answering your question. If we need to use your information for any other reason, we will inform you.

When we provide industry statistics on our website or to the media, our statistics are based upon aggregate, anonymous data from our members. We do not collect personal information for this analysis.

If we use a service provider to collect personal information for any of our operations, we require the service provider to comply with privacy legislation and other applicable laws.

In limited cases, we act as a service provider for our members and certain other financial institutions. If we are transferred any personal information in this service provider role, it will be either with your consent or as otherwise permitted by federal privacy legislation.


We do not collect personal information without your consent, unless permitted by law. We make every reasonable effort to make sure that you understand how your personal information will be used.

In most cases, you can withdraw your consent for the use of your personal information. For example, you can unsubscribe directly in our email newsletters, or unfollow us on Twitter, LinkedIn or Facebook.

If there are potential consequences of withdrawing consent, we may explain those consequences to you. For example, withdrawing consent for us to use your name and e-mail address may mean that we cannot send you a reply to your question by email.

We do not sell any personal information to others.

Collection and Use

The following sections describe specific ways we may collect or use your information.

Meeting With the CBA

If you meet with us:

  • Building security may require the CBA to provide their office with your name and email address to authorize a visitor pass for our floor. Building security may also ask to see your identification before providing a visitor pass to access the elevators.
  • We have video cameras positioned at certain doors to allow our receptionist to confirm who is at the door and to remotely unlock the door. The CBA does not record or retain any video in visitor-accessible areas. The CBA also positions cameras in certain restricted areas to record video for security purposes. Visitors to these areas will be informed of any recording of video in advance.
  • Our usual practice is to not record our in-person, audio or video meetings. If there is a need to record a meeting, we will inform participants in advance of recording.
  • We offer a guest wireless network (WIFI) to provide internet access for visitors to certain CBA offices. If you choose to connect to our network, our systems will automatically capture the IP and MAC address of your device for the purposes of general network security monitoring.

The CBA as a Resource for Information

We make available a number of resources and programs to provide information on the banking industry and to promote financial literacy.

When you visit our websites:

  • We use browser cookies to track your website preferences to improve your experience. You may be able to opt-out of cookies through your browser settings, in which case some of your website preferences (e.g., language) may not be retained for your next visit. For more information, please refer to our Website Terms of Use.
  • We use Google Analytics, which collects your CBA website usage information through cookies and combines it with others’ usage information, to provide reports to us so we can analyze the total, anonymized data and trends. This helps us understand how people use our web pages, so we can improve how we provide information on our website. You can learn more about how your website usage information is collected and used and how to opt out in our Website Terms of Use and in Google Analytics’ privacy policy at We do not use Google’s advertising services and do not permit Google to share your information with third parties.

You may choose to sign up for any of our newsletters or communications via our website, or we may send you communications if we interact with you in your line of work. We will use your personal or business contact information to send these to you unless you unsubscribe by clicking the unsubscribe link at the bottom of any of those communications. These emailed communications also contain a 1x1 pixel (a transparent GIF image) to tell us whether our emails have been opened and, combined with other technology, if any links within our emails have been clicked. This use of pixels is a very common practice which allows us to increase the value of what we send to our readers. We may use this information at an aggregate level to determine which of our emails are more interesting to our readers and to deliver information that is helpful in future email campaigns. The pixel is deleted when you delete the email. If you do not wish pixels to be downloaded to your device when receiving our emails, you may consider setting your email application to prevent automatic image uploads or downloading an email or browser add‑on to block pixels.

If you choose to follow the CBA on any social media, such as Facebook, LinkedIn, X (formerly Twitter) or YouTube, our posts will be displayed to you. We do not collect or use your personal information from these networks. Please refer to the privacy policy of your social media network for your privacy options.

We administer financial education seminars if you register for the Your Money Students or Your Money Seniors programs. We provide the contact information you submit on our registration forms to a banker volunteer from one of our members, who may only use the information to schedule a session with you.

We answer your questions or requests. We request that you do not include any sensitive personal or banking information in any of your communications with the CBA. Please note that the CBA is not a regulator and does not intervene in matters between banks and their customers. The CBA can only provide general information about banks in Canada. Please direct any questions directly to your bank using the process that they describe on their website or in their privacy policy.

The CBA Working to Protect Consumers Against Financial Crime

In limited cases, we act as a service provider to our members and certain other financial institutions to securely store data and facilitate certain types of information sharing to combat financial crime, either with consent or as permitted by law. Please note, each of these financial institutions has their own privacy policy or privacy notice on their website that describes their own respective privacy practices.

The CBA as an Employer

As an employer, we may evaluate you for an employment or contract position at the CBA if you apply to a role or otherwise reach out to us about employment opportunities. We may request additional information when we extend an offer to you, for example we may request references to conduct a background check. We have a separate privacy policy for CBA employees.

Keeping Personal Information Accurate

We keep your personal information as accurate, complete, current and relevant as necessary for the purposes for which it was collected.

If your personal information changes and is necessary for ongoing interaction with us, please let us know through your regular CBA contact.

If you have any other concerns about the accuracy and completeness of the personal information you provided to us, you can contact our Privacy Officer to request that we confirm or amend your information.

Safeguarding Personal Information

The CBA takes reasonable effort to prevent unauthorized use, sharing, loss or theft of information. We ensure that personal information is stored in electronic and physical files that are secure. For example, security measures include secure locks on filing cabinets and restricted access to computers. We employ up-to-date security standards and firewalls to safeguard our systems and our public websites, and our employees are provided with secure access to our systems when they work remotely.

We may transfer personal information to the CBA’s third-party service providers, providing these service providers protect personal information in an equivalent manner and only use personal information in ways that are necessary for the services. In some cases, your personal information may be transferred to countries outside of Canada, including the United States and other foreign jurisdictions, in accordance with applicable law. In the event personal information is transferred to the U.S. or other foreign jurisdictions, it will be subject to the laws of that jurisdiction and may be disclosed to or accessed by the courts, law enforcement and governmental authorities in accordance with those laws.

The CBA has a retention policy to define how long information may be kept before being securely disposed of.

Making Information Available About Privacy Policy and Procedures

We are open about our Privacy Policy and our practices for handling personal information. We provide access to this Privacy Policy on our website. Any questions about our handling of personal information can be raised with our Privacy Officer.

Access to Personal Information

If you have provided your information to the CBA and provide us a written request, we will tell you what personal information we have about you, what it is being used for, to whom it has been disclosed, and provide access to that information.

In those limited cases when we act as a service provider for some of our members and certain other financial institutions, we may receive, store or facilitate the sharing of certain personal information on their behalf. If we receive a request for access to personal information in these cases, we will refer you to the appropriate organization who would have legal control over your personal information as they would be responsible for providing access, as required under privacy legislation.

There are some other circumstances described in privacy legislation where we may not be able to give you access to personal information we hold about you. In those cases, we will explain the reason for being unable to provide you with access. In addition, we will report our inability to provide access to the Privacy Commissioner of Canada, as required by privacy legislation.


Any questions about our handling of personal information should be directed to our Privacy Officer at the contact information outlined above.

If you are not satisfied with the way we have responded to a privacy-related question or request, the Office of the Privacy Commissioner of Canada may be contacted by:

Telephone (819) 994-5444; toll-free 1-800-282-1376
Mail 30 Victoria Street, Gatineau, Quebec K1A 1H3.

Notice of Change to the CBA Privacy Policy

We reserve the right to change this Policy and will give notice of these changes on our websites.

Privacy Policy privacy

Looking for love in all the wrong places

Romance scams are among the most common scams according to the Canadian Anti‑Fraud Centre, costing Canadians more than $50.3 million in losses in 2023.

More Videos

Your Money Students - 2023 Year in Review

Your Money Seniors - 2023 Year in Review

Demands for gift cards in payment of a debt or bill? Don’t get scammed