Collecting, sharing, disclosing and protecting your personal information

Security measures

We have internal policies and security standards to help protect our systems and your information against unauthorized access and use. We retain your information only for the time we need it. And we only use it for the purposes that we explain to you.

For example, we have designed our systems so that your Personal Identification Number (PIN), password and other access codes are always private and confidential.

Our agents and service providers are bound by contracts to keep your information confidential and must not use it for any unauthorized purpose. We train our employees on the procedures they must take to keep your information safe.

We have policies and procedures to:

  • prevent unauthorized access to your information
  • respond to privacy questions, complaints, or breaches
  • limit the use of your information to the purposes communicated to you
  • honour the choices you made about your information
  • retain your information for the period we need it to serve you and manage our business and legal obligations
  • securely destroy your information or convert it to an anonymous form after the time we don’t need it
  • help make sure that any service providers or agents who handle your information on our behalf, in Canada or elsewhere, protect that information

We review our procedures and security measures on a regular basis. We do this to help make sure that they remain effective and appropriate.

We may modify information to help protect your identity, such as by removing direct identifiers, aggregating or anonymizing it, before using or disclosing it for certain purposes.

Some of the ways we use your information are to support our efforts to protect your security. For example, we may ask you to provide certain information to authenticate you. This helps to prevent unauthorized access to your accounts.  And it helps to support our efforts that we are collecting the correct information from third parties.

You can obtain more information about our policies, procedures and security standards. Please contact us using the information here.

Transfers of your information to other regions

TD is a global organization. TD has affiliates and service providers across Canada and in other countries. We and they may use, store or access your information in any region in Canada and other countries. These countries may include the USA, UK, European states, India, and others where TD has a business presence. We take steps to protect your information wherever it is handled, subject to requirements to disclose it in response to legal demands or requests from governments, regulators, courts and law enforcement authorities in other jurisdictions that we deem to be valid.

Retaining and destroying your personal information

We retain your information only as long as we need it for the purposes for which it was collected, used or disclosed. We have procedures to help us determine the length of time we will retain your information. The length of time varies. It depends on the product or service, the sensitivity of the information, and the purposes for which we use it. We may retain your information after the end of your relationship with us.  For example, when we need your information:

  1. for legal or regulatory purposes

  2. to respond to issues that may arise at a later date

  3. to support the credit reporting system

  1. to support fraud prevention organizations and other risk assessments

  2. for security purposes

We have procedures to guide what we do when we no longer need your information for these purposes. We may securely destroy, delete, or erase it. Or we may convert your information to an anonymous form.

You can contact us if you have questions about how long we retain your information. Contact us using the information here.


How we use your personal information

We use your information to help us deliver and manage our products and services and for the purposes of serving you and to administer our business.