GENERAL PRIVACY POLICY

Last revised: October 18, 2023

OUR PRIVACY COMMITMENT

Subaru Canada, Inc. (“Subaru”, “we”, “us” or “our”) values its relationship with you and is committed to maintaining the privacy and security of your personal information. Subaru has developed this Privacy Policy (this “Policy”) to inform you about how we collect, use and disclose your personal information when you purchase or lease Subaru vehicles from our Authorized Subaru Dealers in Canada (“Dealers”), purchase products or other services from Subaru or Dealers (“Dealers”), and when you use Subaru’s websites and mobile apps.

Our SUBARU STARLINK® Connected Services Privacy Policy applies to personal information we collect when you enroll for and/or use the SUBARU STARLINK® Connected Services.

SCOPE OF POLICY

“Personal Information” as used in this Policy means information about an identifiable individual. This Policy does not apply to (i) personal information we collect in our capacity as your employer; or (ii) business contact information (for example the name, title, business address and telephone number of an employee of an organization) we collect in the course of our business dealings.

SUMMARY OF OUR PRIVACY PRACTICES

SUMMARY OF OUR PRIVACY PRACTICES

Accountability

Subaru’s Privacy Officer is responsible for Subaru’s compliance with this Policy.

Collection of Personal Information

We may collect information about you, your vehicle and your online activities through your interactions with Subaru, Dealers, third-party service providers, our products and services, websites and mobile apps owned and operated by Subaru, and social media.

Use of Personal Information

We may use the information collected about you, your vehicle and your online activities to, among other things, provide you with and improve our products and services, to administer incentive programs, surveys, contests and promotions, to operate and improve our websites and mobile apps, to analyse business operations and to protect you from theft, fraud and other similar risks.

Disclosure of Personal Information

We may disclose information to our parent company (Subaru Corporation), affiliates, Dealers, third-party suppliers and service providers who act on our behalf and our third-party business partners to fulfill the purposes identified. We do not disclose information to any third parties for their independent use without your consent.

Choices

We provide you with choices over how we use and disclose your information for marketing and other purposes.

Consent

The way in which Subaru obtains your consent to collecting, using, or disclosing your personal information varies depending upon its sensitivity and applicable privacy law.

Cookies, Pixels and Other Web Tracking Technologies

We may use cookies, pixels and other web tracking technologies on our websites, mobile apps, email messages and advertisements to gather information about your visit and provide you with a personalized experience. You may disable cookies in your browser settings.

Online Tracking and Advertising

We may partner with third-party advertising companies that use their own tracking technologies on Subaru and non-Subaru websites and mobile apps in order to provide you with tailored advertisements on our behalf.

MySubaru

MySubaru is both a website and mobile app that is designed to allow you to access and store information about your vehicle in one place. When creating your personalized site, you will be asked to enter information specific to you and your vehicle. The information you provide through MySubaru will be stored in a database located in the United States.

Mobile Apps

When you access our mobile apps, we may ask you for information about you and your vehicle.

Third Party Products, Services, Websites and Mobile Apps

When using Subaru products, services, websites or mobile apps, you may be able to access third party products, services, websites and mobile apps that are not controlled by Subaru and therefore not subject to this Policy.

Subaru Dealers

Subaru and our Dealers are separate legal entities with their own privacy policies and practices. For questions about your Dealer’s privacy policy and practices, including opting out of marketing communications from your Dealer, please contact your Dealer directly.

Safeguards

We use physical, organizational and technological measures to protect personal information.

International Transfers of Personal Information

We transmit personal information outside of Canada including but not limited to the United States and Japan, for processing by third-party service providers. Your personal information may be accessible to law enforcement agencies, government agencies, courts, and national security authorities of the foreign jurisdiction.

Accuracy

We will make reasonable efforts to ensure that the personal information we have is accurate, complete and up-to-date as necessary.

Retention of Personal Information

We keep personal information we collect for as long as necessary to fulfill the purposes identified or as required or permitted by applicable privacy law.

Access and Update to Personal Information

Upon receiving a written request, we will inform you of the existence, use, and disclosure of your personal information we have in our possession and give you access to it.

Challenging Compliance

We will investigate all complaints made with respect to Subaru’s application of privacy laws.

Changes to Policy

We may update this Policy from time to time and will post the revised Policy on our websites.

Contact Us

If you have any questions or concerns regarding this Policy or Subaru’s privacy practices, please contact Subaru’s Privacy Officer at the contact information provided at the end of this Policy.

ACCOUNTABILITY

Accountability for Subaru’s compliance with its Privacy Policy rests with Subaru’s Privacy Officer, even though other individuals within Subaru may have responsibility for management of personal information or may be delegated to act on behalf of the Privacy Officer.

COLLECTION OF PERSONAL INFORMATION

Subaru collects certain information about you, your vehicle, and your online activities (as described below) through your verbal and written interactions with Subaru, our Dealers, our third-party service providers, our products and services, websites and mobile apps owned or operated by or on behalf of Subaru, and social media.

The types of information that Subaru collects about you, your vehicle, and your online activities may include but are not limited to the following:

  • contact information (e.g. name, address, telephone number, email address and alternate contact information such as the name of your employer and business contact information);
  • vehicle information (e.g. Vehicle Identification Number (VIN), license plate number, make, model, model year, colour, mileage, warranty and service history, diagnostic trouble codes, insurance information; previous vehicles owned / leased);
  • vehicle Event Data Recorder (EDR) and EyeSight data with your consent;
  • vehicle transaction information (e.g. date and terms of your vehicle purchase / lease / finance);
  • technical information when you visit websites and mobile apps owned and operated by Subaru (e.g. information about your connected devices such as mobile phone, computer or tablet, unique device identifiers, the Internet protocol (IP) address used to connect your computer to the Internet, the name of your Internet service provider, cookies, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform);
  • information about your visit to websites and mobile apps owned and operated by Subaru (e.g. login and password, the full Uniform Resource Locators (URL) clickstream to, through and from our websites and mobile apps (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (including scrolling, clicks and mouse-overs) and methods used to browse away from the page);
  • social media content (e.g. name, username, email address, profile picture, preferences, likes, dislikes, posts and messages);
  • demographic information (e.g. gender, date of birth, marital status and household composition);
  • complaints and preferences (e.g. languages, hobbies and interests, test drive information); and
  • information to verify your eligibility for certain vehicle incentive programs (e.g. schools attended and degrees conferred in connection with Subaru’s Grad Rebate Program, and participation in athletic events for Subaru’s Athlete Rebate Program).

We will limit the amount and type of personal information we collect to that which is necessary for our purposes, which are outlined in the Use of Personal Information section below. We do not target or knowingly collect any information from children or persons under the age of majority.

USE OF PERSONAL INFORMATION

Subaru may use the information collected about you, your vehicle, and your online activities (as described in the Collection of Personal Informationsection above) for the following purposes:

  • to administer your transaction including assisting you with the purchase, finance or lease of our vehicles;
  • to assist Dealers in carrying on their business and providing Subaru products and services, such as warranty and non-warranty services for vehicles, vehicle parts, extended warranty arrangements and financing of vehicle purchases;
  • to provide you with products and services related to your current and future vehicles, evaluate your satisfaction with our products and services, improve the quality, safety and security of our products and services, and develop new products and services;
  • to permit carefully selected third-party providers of products and services related to your current and future vehicles to provide their goods and services to you, such as roadside assistance providers or satellite radio providers;
  • to administer customer notification programs including government-mandated ones;
  • to establish, administer and document incentive programs;
  • to respond to your inquiries;
  • to distribute Six Star Review, The Magazine for Canadian Subaru Owners and similar Subaru magazines and publications;
  • to distribute Subaru promotional goods;
  • to permit Subaru, Dealers and/or carefully selected third parties to provide you with news, information, updates, advertising, and promotions about products and services that may be of interest to you;
  • to operate our websites and mobile apps, to improve functionality and user experience, to allow you to participate in their interactive features, to maintain safety and security, and for internal operations (including troubleshooting, data analysis, testing, research, statistical and survey purposes);
  • to display targeted advertising on our websites and mobile apps and on the websites of our third-party business partners, and to measure or understand the effectiveness of messages and advertising we serve to you and others;
  • to allow you to participate in Subaru vehicle test drives;
  • to administer your participation in surveys, contests, and promotions;
  • to analyze the operations of Subaru, Dealers, our third-party service providers, suppliers and other business partners;
  • to establish, administer and document training, development and educational requirements and programs;
  • to protect Subaru, and its customers, suppliers, Dealers and partners, from theft, fraud and similar risks;
  • to implement and manage security programs and internal controls (including computer monitoring and video surveillance); and
  • for any purpose authorized or required by law.
DISCLOSURE OF PERSONAL INFORMATION

Subaru may disclose the information it collects about you, your vehicle, and your online activities (as described in the Collection of Personal Information section above) for the purposes (as described in the Use of Personal Information section above) to the following persons or in the following circumstances:

  • our parent company (Subaru Corporation), affiliates, subsidiaries and Dealers;
  • our third-party suppliers and service providers who act on our behalf (e.g. sending communications, conducting customer research (including administering surveys), managing and analyzing data, and providing marketing services);
  • our third-party business partners (e.g. satellite radio providers and roadside assistance providers);
  • our third-party business partners that require the information to select and serve relevant messages and advertising to you and others (e.g. social networks: Facebook, Instagram, Twitter and YouTube, advertising networks, analytics providers: Google, and search engine providers: Google). We do not disclose identifiable information to these business partners, but we may provide them with aggregated or anonymized information about our existing or potential customers or website visitors. Our business partners will use the aggregated and anonymized information to help us reach our target audience with our messages and advertising on our business partners’ websites;
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud or respond to a law enforcement request; and
  • as required or permitted by applicable law (e.g. subpoena, government inquiry, litigation, dispute resolution or similar legal process).

Except as stated herein, Subaru will not disclose information about you, your vehicle, and your online activities with third parties for their independent use without your prior consent.

CHOICES

Subaru respects your privacy by providing you with certain choices over how we use and share your information. For example, you have a choice of whether you would like us to share your personal information with our roadside assistance providers or our satellite radio providers.

You also have a choice whether you would like to receive electronic marketing communications. You may choose certain communication preferences through your MySubaru account, Subaru.ca/update or you may follow the unsubscribe instructions in email and text message marketing messages you receive.

To make choices regarding cookies, pixels and web tracking technologies or interest-based advertising, please see the Cookies, Pixels and Other Web Tracking Technologies or Online Tracking and Advertising sections below.

Please note that if you choose not to receive marketing messages from Subaru, your personal information may still be used for the other purposes described in the Use of Personal Information section above.

The way in which Subaru obtains your consent to collecting, using, or disclosing your personal information varies depending upon its sensitivity and applicable privacy law. We may ask for your consent directly or our Dealers may obtain your consent on our behalf. Your consent also may be implied or implicit through your conduct when it is reasonable and legally permissible for us to do so.

We will honour any specific consents you provide to us regarding the collection, use, or disclosure of your personal information. You may withdraw or change your consent at any time, subject to legal or contractual restrictions, by giving us reasonable notice. In appropriate cases, we will inform you of any implications of withdrawing your consent. Notwithstanding the foregoing, we reserve the right to retain, collect, use, and disclose your personal information and to contact you where we are legally required or permitted to do so.

We will not, as a condition of the supply of services, require you to consent to the collection, use, or disclosure of your personal information beyond that which we require for our purposes.

In certain circumstances as permitted or required by law, we may collect, use, or disclose your personal information without your knowledge or consent. These circumstances include the following:

  • to investigate a breach of an agreement or a contravention of a law;
  • where collection or use is clearly in your interests and your consent cannot be obtained in a timely way;
  • for debt collection;
  • to act in respect to an emergency that threatens you; and
  • to comply with a subpoena, warrant or court order.
COOKIES, PIXELS AND OTHER WEB TRACKING TECHNOLOGIES

Subaru may use cookies, pixels and other web tracking technologies on our websites, mobile apps, email messages and advertisements to gather information about your visit (as described in the Collection of Personal Information section above) and provide you with a personalized experience. Cookies and pixels are industry-standard technologies used by most major commercial websites.

Our websites use cookies to distinguish you from other users of our websites and mobile apps and allows you to maintain your account login information or contact information on any request form (e.g. requesting a quote or test drive). This helps us to provide you with a good experience when you use our websites and mobile apps and also allows us to improve their functionality. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer or mobile device if you agree to it. Cookies contain information that is transferred to your computer’s or mobile device’s hard drive.

Please note that third parties (including, for example, our third-party business partners) may also use cookies or other web tracking technologies, over which we have no control.

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block cookies, all or parts of our websites and mobile apps may not function correctly and your experience on our websites and mobile apps may be hindered.

Pixels (as known as web beacons/web bugs/Javascript) are tiny graphics with a unique identifier that are used to track the online movements of web users, track what other websites you visit (both before and after visiting our websites), or to determine whether you have performed specific actions. Unlike cookies, which are stored on a user’s computer or mobile device hard drive, pixels are small graphics that are about the size of the period at the end of the sentence that are embedded invisibly on web pages or in HTML-based messages. When you access our websites or open our messages, the pixels generate a notice of that action to us or our third-party business partners.

Please note that the MySubaru website and mobile app do not respond to “do not track” beacons or other such signals. Please see the MySubarusection below for more information.

ONLINE TRACKING AND ADVERTISING

Subaru may partner with third-party advertising companies that use their own tracking technologies (including cookies, pixels and other web tracking technologies) on Subaru and non-Subaru websites and mobile apps in order to provide you with tailored advertisements on our behalf.

These third-party advertising companies may collect information about your online activity across multiple devices on Subaru and non-Subaru websites and mobile apps and use this information to make predictions about your preferences and then deliver advertisements on our behalf that are more relevant to you.

If you would like more information about advertisers’ use of tracking technologies to deliver targeted ads to you, or to opt-out of receiving targeted ads by advertising networks participating in certain opt-out programs, you can go to: https://youradchoices.ca/choices/.

We also encourage you to check the privacy policies of social networks that you belong to and to adjust your advertising settings on those social networks with regard to targeted advertising delivered on those social networks, including by Subaru if the social network is our business partner.

Please note that, even if you are able to opt-out of certain kinds of ads, you will continue to receive non-targeted ads. Further, you may continue to receive targeted content and/or ads from parties that do not participate in the opt-out programs. Also, if your browsers are configured to reject cookies when you visit the opt-out page, or you subsequently erase your cookies, use a different device or web browser(s), or use a non-browser-based method of access, your opt-out may not, or may no longer, be effective. Subaru is not responsible for the effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs.

MYSUBARU

MySubaru is both a website and mobile app that is designed to allow you to access and store information about your vehicle in one place. When creating your account, you will be asked to enter information specific to you and your vehicle. This includes your name, address, telephone number and e-mail address, as well as your Vehicle Identification Number (VIN). To protect you, and to keep this information private, you will be asked to establish a Username and Password. Your account can only be accessed with the correct Username and Password combination.

Subaru keeps a database of the information collected by this site, on your behalf, to allow you future access to your information. This database is located in the United States. Your information in the database will be commingled with information about Subaru customers in the United States and other markets but is subject to appropriate security safeguards. Please see the International Transfers of Personal Information section below to learn more about how we protect information located in foreign jurisdictions. Please note that any information you enter while registering for your account will be retained in the database regardless of whether you complete the account registration process. If you decide not to register for an account and you would like the information you entered anonymized, please contact Subaru’s Privacy Officer at the contact information at the end of this Policy.

If you have enrolled for SUBARU STARLINK® Connected Services, you will receive certain billing information. You will not be able to opt-out of receiving billing information.

As indicated in the Cookies, Pixels and Other Web Tracking Technologies section above, the MySubaru website and mobile app do not respond to “do not track” beacons or other such signals. Accordingly, when you log into your MySubaru account through the website or mobile app, Subaru will be able to identify you still and collect your information.

MOBILE APPS

Subaru has developed certain mobile apps (including MySubaru) that you may download to your mobile device. When you access our mobile apps, we may ask you for information about you and your vehicle. If you do not wish to provide this information, please decline to use the mobile app and/or uninstall the mobile app from your mobile device.

When you use Subaru’s Infotainment system, you may have access to mobile apps developed by third parties. When you download a third-party mobile app to your mobile device, the third party may ask you for information. Subaru is not responsible for any information collected by third-party mobile apps and the third-party mobile apps are not subject to this Policy. Please review carefully the privacy policies of third-party mobile apps before providing any personal information.

THIRD PARTY PRODUCTS, SERVICES, WEBSITES AND MOBILE APPS

When using Subaru products, services, websites or mobile apps, you may be able to access third party products, services, websites and mobile apps that are not controlled by Subaru and therefore not subject to this Policy. Please review carefully the privacy policies of third-party products, services, websites and mobile apps before providing any personal information.

SUBARU DEALERS

Subaru and its Dealers are separate legal entities with their own privacy policies and practices. For questions about your Dealer’s privacy policy and practices, including opting out of marketing communications from your Dealer, please contact your Dealer directly.

When you purchase or lease a vehicle or obtain service for your vehicle from your Dealer, your Dealer will share your information with Subaru. While Subaru encourages its Dealers to ensure their privacy policies and practices are compliant with applicable privacy laws, Subaru is not responsible for its Dealers’ compliance with applicable law.

SAFEGUARDS

Subaru protects the personal information it holds or controls, by establishing reasonable security arrangements against loss, theft, unauthorized access, use, disclosure, copying or modification. We train our employees on the importance of maintaining the confidentiality of personal information, and we exercise care in the disposal or destruction of personal information. Examples of safeguards include physical measures (such as locked filing cabinets and access cards), organizational measures (such as security clearances and restrictions on employee access to files and databases) and technological measures (such as passwords and firewalls). Also, we require our third-party service providers acting on our behalf to enter into contracts with us that ensure they will keep the information we share with them safe and secure.

INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

Subaru transfers information outside of Canada including but not limited to the United States and Japan, for processing by Subaru, its parent company (Subaru Corporation), affiliates or third-party service providers for some or all of the purposes described in the Use of Personal Information section above. We use contractual and other means to ensure the information is protected while in the foreign jurisdiction. However, personal information may be still accessible to law enforcement agencies, government agencies, courts, and national security authorities of the foreign jurisdiction. If you have questions about our policies and practices regarding service providers outside of Canada, please contact Subaru’s Privacy Officer at the contact information at the end of this Policy.

ACCURACY

Subaru will make reasonable efforts to ensure that the personal information we have is accurate, complete and up-to-date as necessary for the purposes for which it is to be used, including information that is disclosed to third parties, and information that is used to make a decision about an individual. Our reasonable efforts include obtaining updated information from our Dealers when you service your vehicle at the Dealer.

RETENTION OF PERSONAL INFORMATION

We keep information we collect for as long as necessary to fulfill the purposes described in the Use of Personal Informationsection above or as required or permitted by applicable privacy law. Once no longer required, we will anonymize or destroy the information.

When determining retention periods, we consider certain criteria including the following:

  • whether the purposes for which we collected the information have been fulfilled;
  • whether destroying the information will impact the services provided to you;
  • whether the information has been used to make a decision about you in which case we will continue to retain that information for at least one year after using it to make the decision to reasonably allow you time to access the information and to exhaust any access request or challenge you may bring under applicable privacy laws; and
  • retention periods required by law.
ACCESS AND UPDATE TO PERSONAL INFORMATION

You have a general right to access your personal information in our possession or custody. Upon receiving a written request (mail or e-mail) from you addressed to Subaru’s Privacy Officer clearly identifying the requested information with adequate information to identify you, we will inform you of the existence, use, and disclosure of your personal information and give you access to your personal information. If we are not able to provide a list of the organizations to which we may have actually disclosed your personal information, we will provide you with a list of organizations to which we may have disclosed the information.

We will respond to your written access request with information in a form that is generally understandable, within a reasonable timeframe (generally within 30 days) or we will provide you with an explanation if additional time is required to fulfil your request. Our response will typically be provided for a minimal handling fee which we reserve the right to vary depending on the nature of the request and the amount of information involved. We will inform you of the approximate cost to provide the response, and will provide you with the information upon receipt of payment.

You may question the accuracy and completeness of your personal information and request that we amend it as appropriate. If you demonstrate in a reasonable manner the inaccuracy or incompleteness of your personal information, we will amend the information as required. If a request is not resolved to your satisfaction, we will record the substance of the unresolved request. Where appropriate, the amended information or the existence of the unresolved request will be transmitted to third parties having access to the information in question.

In some situations, we may be permitted to refuse or not be able to provide access to certain personal information, and will upon request provide an explanation. Exceptions to the access right which are permitted or required by applicable privacy laws include the following:

  • information that contains references to other individuals or contains confidential commercial information (where such information cannot be severed from the record);
  • information collected in the course of investigating a breach of an agreement or in the course of a formal dispute resolution process; and
  • information that is subject to solicitor-client privilege.

To make access requests to us for your personal information, please contact our Privacy Officer at the contact information at the end of this Policy.

CHALLENGING COMPLIANCE

Subaru will, on request, provide information regarding our procedure for addressing any complaints made with respect to Subaru’s application of privacy laws. Subaru will investigate all written complaints, and if we find a complaint to be justified, we will take the appropriate measures, including, if necessary, amending our policies and practices.

CHANGES TO POLICY

Subaru’s commitment to your privacy includes reviewing periodically its privacy policies and practices. Accordingly, Subaru may change this Policy from time to time and the revised Policy will be posted to our websites effective as of the revised date stated on the revised Policy. It is therefore important that you review this Policy regularly.

ACCOUNTABILITYAccountability for Subaru’s compliance with its Privacy Policy rests with Subaru’s Privacy Officer, even though other individuals within Subaru may have responsibility for management of personal information or may be delegated to act on behalf of the Privacy Officer.

COLLECTION OF PERSONAL INFORMATION

Subaru collects certain information about you, your vehicle, and your online activities (as described below) through your verbal and written interactions with Subaru, our Dealers, our third-party service providers, our products and services, websites and mobile apps owned or operated by or on behalf of Subaru, and social media.

The types of information that Subaru collects about you, your vehicle, and your online activities may include but are not limited to the following:

  • contact information (e.g. name, address, telephone number, email address and alternate contact information such as the name of your employer and business contact information);
  • vehicle information (e.g. Vehicle Identification Number (VIN), license plate number, make, model, model year, colour, mileage, warranty and service history, diagnostic trouble codes, insurance information; previous vehicles owned / leased);
  • vehicle Event Data Recorder (EDR) and EyeSight data with your consent;
  • vehicle transaction information (e.g. date and terms of your vehicle purchase / lease / finance);
  • technical information when you visit websites and mobile apps owned and operated by Subaru (e.g. information about your connected devices such as mobile phone, computer or tablet, unique device identifiers, the Internet protocol (IP) address used to connect your computer to the Internet, the name of your Internet service provider, cookies, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform);
  • information about your visit to websites and mobile apps owned and operated by Subaru (e.g. login and password, the full Uniform Resource Locators (URL) clickstream to, through and from our websites and mobile apps (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (including scrolling, clicks and mouse-overs) and methods used to browse away from the page);
  • social media content (e.g. name, username, email address, profile picture, preferences, likes, dislikes, posts and messages);
  • demographic information (e.g. gender, date of birth, marital status and household composition);
  • complaints and preferences (e.g. languages, hobbies and interests, test drive information); and
  • information to verify your eligibility for certain vehicle incentive programs (e.g. schools attended and degrees conferred in connection with Subaru’s Grad Rebate Program, and participation in athletic events for Subaru’s Athlete Rebate Program).

We will limit the amount and type of personal information we collect to that which is necessary for our purposes, which are outlined in the Use of Personal Information section below. We do not target or knowingly collect any information from children or persons under the age of majority.

USE OF PERSONAL INFORMATION

Subaru may use the information collected about you, your vehicle, and your online activities (as described in the Collection of Personal Information section above) for the following purposes:

  • to administer your transaction including assisting you with the purchase, finance or lease of our vehicles;
  • to assist Dealers in carrying on their business and providing Subaru products and services, such as warranty and non-warranty services for vehicles, vehicle parts, extended warranty arrangements and financing of vehicle purchases;
  • to provide you with products and services related to your current and future vehicles, evaluate your satisfaction with our products and services, improve the quality, safety and security of our products and services, and develop new products and services;
  • to permit carefully selected third-party providers of products and services related to your current and future vehicles to provide their goods and services to you, such as roadside assistance providers or satellite radio providers;
  • to administer customer notification programs including government-mandated ones;
  • to establish, administer and document incentive programs;
  • to respond to your inquiries;
  • to distribute Six Star Review, The Magazine for Canadian Subaru Owners and similar Subaru magazines and publications;
  • to distribute Subaru promotional goods;
  • to permit Subaru, Dealers and/or carefully selected third parties to provide you with news, information, updates, advertising, and promotions about products and services that may be of interest to you;
  • to operate our websites and mobile apps, to improve functionality and user experience, to allow you to participate in their interactive features, to maintain safety and security, and for internal operations (including troubleshooting, data analysis, testing, research, statistical and survey purposes);
  • to display targeted advertising on our websites and mobile apps and on the websites of our third-party business partners, and to measure or understand the effectiveness of messages and advertising we serve to you and others;
  • to allow you to participate in Subaru vehicle test drives;
  • to administer your participation in surveys, contests, and promotions;
  • to analyze the operations of Subaru, Dealers, our third-party service providers, suppliers and other business partners;
  • to establish, administer and document training, development and educational requirements and programs;
  • to protect Subaru, and its customers, suppliers, Dealers and partners, from theft, fraud and similar risks;
  • to implement and manage security programs and internal controls (including computer monitoring and video surveillance); and
  • for any purpose authorized or required by law.

DISCLOSURE OF PERSONAL INFORMATION

Subaru may disclose the information it collects about you, your vehicle, and your online activities as described in the Collection of Personal Information section above for the purposes as described in the Use of Personal Information section above to the following persons or in the following circumstances:

  • our parent company (Subaru Corporation), affiliates, subsidiaries and Dealers;
  • our third party suppliers and service providers who act on our behalf in providing the SUBARU STARLINK® System and the SUBARU STARLINK® Services.
  • our third-party suppliers and service providers who act on our behalf (e.g. sending communications, conducting customer research (including administering surveys), managing and analyzing data, and providing marketing services);
  • roadside assistance providers;
  • emergency services dispatchers and providers;
  • anyone you designate as an emergency contact;
  • law enforcement authorities in response to your request to locate a vehicle you reported as stolen;
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud or respond to a law enforcement request; and
  • as required or permitted by applicable law (e.g. subpoena, government inquiry, litigation, dispute resolution or similar legal process).

We do not supply your payment method information to any third party, other than as required to process and service a transaction.

We may provide aggregated data derived from your use of SUBARU STARLINK® Services to third parties, but this data will be anonymized and will not include personally identifying information.

Except as stated herein, Subaru will not disclose information about you and your vehicle with third parties for their independent use without your prior consent.

The LOCATION, SPEED, and TIME OF DRIVING of fleet vehicles used by employees as company cars may be monitored by the employer or by the fleet management company leasing the vehicle to the employer.

In order to use the SUBARU STARLINK® Services, you will require a MySubaru account and a SUBARU STARLINK®Services subscription. Subaru collects, uses and discloses certain information associated with your use of Subaru websites and mobile apps including your MySubaru account. Subaru’s collection, use, and disclosure of your personal information associated with your use of Subaru’s websites and mobile apps is governed by Subaru’s General Privacy Policy, which is available to you at Subaru.ca and MySubaru.ca.

You may choose to deactivate your SUBARU STARLINK® Services at any time. However, if you do so, you will not have features such as Automatic Collision Notification and SOS Emergency Service, and Enhanced Roadside Assistance.

When you enroll for SUBARU STARLINK® Services or otherwise accept the SUBARU STARLINK® Connected Services Terms of Use, you accept and agree to be bound by, among other things, this Policy.

When you use certain SUBARU STARLINK® Services including but not limited to Locate Vehicle, Vehicle Alerts (Boundary Alert, Speed Alert, and Curfew Alert), and Vehicle Health, you may receive personal information about the other drivers and occupants of your vehicle including vehicle location. You agree to inform the other drivers and occupants of your vehicle that you are using these Services and you agree that you will have the consent of, or will have the authority to consent on behalf of, the other drivers and occupants of your vehicle to being monitored in this manner. You also agree to being monitored in this manner by an Authorized User or any other user of your SUBARU STARLINK® Services.

When you designate an individual as an “Authorized User” of your SUBARU STARLINK® Services through your MySubaru account, you will be providing certain personal information about the Authorized User to us. You agree that you will have the consent of, or will have the authority to consent on behalf of, the Authorized User to transmit his/her personal information to Subaru for this purpose.

Your consent to the collection, use or disclosure of personal information in connection with the SUBARU STARLINK®System or the SUBARU STARLINK® Services may also be implied or implicit through your conduct when it is reasonable and legally permissible for us to do so.

We will honour any specific consents you provide to us regarding the collection, use, or disclosure of your personal information. You may withdraw or change your consent at any time, subject to legal or contractual restrictions, by giving us reasonable notice. In appropriate cases, we will inform you of any implications of withdrawing your consent. IF YOU WITHDRAW YOUR CONSENT TO THE COLLECTION, USE OR DISCLOSURE OF PERSONAL INFORMATION AS DESCRIBED IN THIS POLICY, THEN YOU WILL NOT BE ABLE TO HAVE SUBARU STARLINK® SERVICES. TO WITHDRAW YOUR CONSENT, PLEASE LOG INTO MYSUBARU.CA AND UNSUBSCRIBE FROM SUBARU STARLINK®SERVICES. Notwithstanding the foregoing, we reserve the right to retain, collect, use, or disclose your personal information and to contact you where we are legally required or permitted to do so.

We will not, as a condition of the supply of services, require you to consent to the collection, use, or disclosure of your personal information beyond that which we require for our purposes.

In certain circumstances as permitted or required by law, we may collect, use, or disclose your personal information without your knowledge or consent. These circumstances include the following:

  • to investigate a breach of an agreement or a contravention of a law;
  • where collection or use is clearly in your interests and your consent cannot be obtained in a timely way;
  • for debt collection;
  • to act in respect to an emergency that threatens you; and
  • to comply with a subpoena, warrant or court order.

By enrolling for or using SUBARU STARLINK® Services, you consent to us contacting you about the Services via the SUBARU STARLINK® System in your vehicle, your mailing address, your email address, and your home, mobile or business phone number on file. You also consent on behalf of other drivers or occupants of your vehicle to allow us to contact them through the SUBARU STARLINK® System.

Subaru protects the personal information it holds or controls, by establishing reasonable security arrangements against loss, theft, unauthorized access, use, disclosure, copying or modification, commensurate with industry standards. We train our employees and Dealers on the importance of maintaining the confidentiality of personal information, and we exercise care in the disposal or destruction of personal information. Examples of safeguards include physical measures (such as locked filing cabinets and access cards), organizational measures (such as security clearances and restrictions on employee access to files and databases) and technological measures (such as passwords and firewalls).

Also, we require our third party service providers acting on our behalf to enter into contracts with us that ensure they will keep the information we share with them safe and secure. For example, our third-party service provider that processes your payment for SUBARU STARLINK® Services must comply with the Payment Card Industry Data Security Standard (PCI DSS), which is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. This includes encrypting payment information using Secure Socket Layers (SSL) and transmitting it over a private Multi-Protocol Label Switching (MPLS) network. Our third-party service provider that maintains your MySubaru account is required to encrypt all back-ups of personal information, logically separate the personal information we transmit to it from the personal information of its other customers, and use industry-standard password policies.

As an additional security measure, we provide you with a Personal Identification Number (PIN), which you are required to use when you access certain SUBARU STARLINK® Services. Our SUBARU STARLINK® Connected Services Representatives may also ask you certain security questions to authenticate your identity. You must keep your MySubaru account password, security question answers and PIN safe from unauthorized access. If others have access to this information, then they may be able to access certain SUBARU STARLINK® Services.

In providing SUBARU STARLINK® Services to you, voice and data are transmitted between our SUBARU STARLINK®Connected Services Representatives and your vehicle over a cellular telephone network. While our third-party service providers must secure data transmitted over this network, the network is complex, and the privacy and security of conversations or data transmitted to and from the vehicle cannot be guaranteed.

Subaru transfers information outside of Canada including but not limited to the United States, Sweden, India and Japan, for processing by Subaru, its parent company (Subaru Corporation), affiliates or third-party service providers for some or all of the purposes described in the Use of Personal Information section above. We use contractual and other means to ensure the information is protected while in the foreign jurisdiction. However, personal information may be still accessible to law enforcement agencies, government agencies, courts, and national security authorities of the foreign jurisdiction. If you have questions about our policies and practices regarding service providers outside of Canada, please contact Subaru’s Privacy Officer at the contact information at the end of this Policy.

Subaru will make reasonable efforts to ensure that the personal information we have is accurate, complete and up-to-date as necessary for the purposes for which it is to be used, including information that is disclosed to third parties, and information that is used to make a decision about an individual. Our reasonable efforts include obtaining updated information from our Dealers when you service your vehicle at the Dealer.

We keep information we collect for as long as necessary to fulfill the purposes described in the Use of Personal Informationsection above or as required or permitted by applicable privacy law. Once no longer required, we will anonymize or destroy the information in a secure manner.

When determining retention periods, we consider certain criteria including the following:

  • whether the purposes for which we collected the information have been fulfilled;
  • whether destroying the information will impact the services provided to you;
  • whether the information has been used to make a decision about you in which case we will continue to retain that information for at least one year after using it to make the decision to reasonably allow you time to access the information and to exhaust any access request or challenge you may bring under applicable privacy laws; and
  • retention periods required by law.
  • You are responsible for maintaining the accuracy of the information you submit to us, such as the contact information you provide as part of your enrollment for SUBARU STARLINK® Services. You may access, review, correct, or update the personal information you have provided to us, through your MySubaru account, or by making a request through email or mail to the address below.

    You have a general right to access your personal information in our possession or custody. Upon receiving a written request (mail or e-mail) from you addressed to Subaru’s Privacy Officer clearly identifying the requested information with adequate information to identify you, we will inform you of the existence, use, and disclosure of your personal information and give you access to your personal information. If we are not able to provide a list of the organizations to which we may have actually disclosed your personal information, we will provide you with a list of organizations to which we may have disclosed the information.

    We will respond to your written access request with information in a form that is generally understandable, within a reasonable timeframe (generally within 30 days) or we will provide you with an explanation if additional time is required to fulfil your request. Our response will typically be provided for a minimal handling fee which we reserve the right to vary depending on the nature of the request and the amount of information involved. We will inform you of the approximate cost to provide the response, and will provide you with the information upon receipt of payment.

    You may question the accuracy and completeness of your personal information and request that we amend it as appropriate. If you demonstrate in a reasonable manner the inaccuracy or incompleteness of your personal information, we will amend the information as required. If a request is not resolved to your satisfaction, we will record the substance of the unresolved request. Where appropriate, the amended information or the existence of the unresolved request will be transmitted to third parties having access to the information in question.

    In some situations, we may be permitted to refuse or not be able to provide access to certain personal information, and will upon request provide an explanation. Exceptions to the access right which are permitted or required by applicable privacy laws include the following:

    • information that contains references to other individuals or contains confidential commercial information (where such information cannot be severed from the record);
    • information collected in the course of investigating a breach of an agreement or in the course of a formal dispute resolution process; and
    • information that is subject to solicitor-client privilege.

    To make access requests to us for your personal information, please contact our Privacy Officer at the contact information at the end of this Policy.

    Subaru will, on request, provide information regarding our procedure for addressing any complaints made with respect to Subaru’s application of privacy laws. Subaru will investigate all written complaints, and if we find a complaint to be justified, we will take the appropriate measures, including, if necessary, amending our policies and practices.

  • Subaru’s commitment to your privacy includes reviewing periodically its privacy policies and practices. Accordingly, Subaru may change this Policy from time to time and the revised Policy will be posted to our websites effective as of the revised date stated on the revised Policy. If we make any material changes to this Policy, then we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice in your MySubaru account prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. If you continue to use SUBARU STARLINK® Services following changes to this Policy, then you will be deemed to have accepted the changes. You can access the current Policy online at MySubaru.ca and Subaru.ca or by requesting a copy by contacting us at the contact information set forth below.

    If you have any questions or concerns regarding this Policy or Subaru’s privacy practices, please contact Subaru’s Privacy Officer at:

    Privacy Officer
    Subaru Canada, Inc.
    560 Suffolk Court
    Mississauga, Ontario L5R 4J7
    Email: [email protected]