PRIVACY AND PERSONAL INFORMATION PROTECTION POLICY
PRIVACY AND PERSONAL INFORMATION PROTECTION POLICY
At SPI Sorel-Tracy, we place great importance on protecting the personal information of our clients, employees, and representatives. In accordance with the law on the protection of personal information in the private sector, we are committed to maintaining the confidentiality of the personal information collected as part of our activities. Our privacy policy aims to inform you about our practices regarding the collection, use, disclosure, retention, and protection of your personal information. By providing us with your personal information, you agree to the terms of this policy and authorize us to process your information accordingly.
Consent
1.1 Commitment to Privacy Protection
We are committed to protecting the privacy of our users. We collect and use personal information only with their explicit consent and in compliance with applicable laws.
1.2 Acceptance of Our Policy Terms
By accessing our website https://spisoreltracy.com or providing us with personal information, you agree to the terms of our privacy policy. This includes your consent to the collection and use of your personal information in accordance with this policy.
1.3 Right to Withdraw Consent
You have the right to withdraw your consent at any time. However, this is subject to certain legal or contractual restrictions. We will inform you of the possible consequences of such a withdrawal, such as the inability to provide certain products or process specific requests. Your decision to withdraw consent will be recorded in our records.
1.4 Exceptions to the Need for Consent
In certain exceptional circumstances, we may collect, use, or disclose personal information without obtaining your prior consent. This may occur in situations where legal, medical, or security requirements make obtaining your consent impossible or impractical. Such situations include, but are not limited to, cases of suspected contract breaches, fraud prevention or detection, or law enforcement needs.
Collection of Personal Information
2.1 We collect personal information through various means, such as:
- Emails and communications with our customer service
- Online request forms (including appointments)
- Cookies and similar technologies on our website
2.2 We may also collect information through third parties, such as:
- A technology service provider like an ordering platform or a newsletter service
- A recruitment portal that allows candidates to submit their resumes and personal data
- Professional social networks like LinkedIn for recruitment or marketing purposes
- A consultant providing part of the services we offer to our clients
- An agency handling customer inquiries or complaints
- A customer satisfaction survey company collecting feedback on our products or services
- An online payment service provider processing financial transactions
- A cloud service company storing client data
- A digital marketing company analyzing user behavior on our website
- An IT security provider monitoring threats and protecting data
- A customer relationship management (CRM) company helping organize and analyze client interactions
- A logistics provider managing product delivery and collecting recipient information
2.3 We may use advanced technologies to collect personal information, including identifying, locating, or profiling our clients (e.g., creating consumer profiles). However, we strive to ensure the privacy of our clients:
- Responsible use of technology: We employ these technologies solely to enhance our services and better understand our clients’ needs.
Feature activation: By default, these features are disabled to protect data privacy. Our clients always have the choice to activate or deactivate these features according to their preferences.
We are committed to being transparent about the use of these technologies and respecting our clients’ privacy choices.
Types of Personal Information Collected
3.1 We collect various types of data, including but not limited to:
Personal identifiers (name, mailing address, email, phone number)
3.2 Children’s Privacy
We do not knowingly collect or solicit personal information from children under the age of 14. By using our website, you declare that you are at least 14 years old. If you are under 14, please do not attempt to send us personal information. If we discover that we have inadvertently collected personal information from a user under 14, we will attempt to immediately delete this information from our files and records. We also encourage minors aged 14 or older to seek permission from their parents or guardians before providing any information online.
If you believe that a child under 14 has provided us with personal information, please contact us using the details provided in the next section.
Use of Personal Information
4.1 We use your personal information for a range of essential activities:
- Responding to requests: To effectively respond to your inquiries and requests.
Registrations and participation: Managing your registrations for events, training, newsletters, downloads from our website, or participation in webinars. - Human resources management: For internal management and administration, recruitment, employment contracts, and service agreements.
- Improving user experience: Operating, maintaining, and improving our website, personalizing your online experience, and providing requested services and information.
- Marketing communication: Sending relevant information, special offers, and news, with the option to unsubscribe at any time.
These uses aim to enhance your experience with our services and facilitate effective interaction with our organization.
4.2 We offer various options to help you control and limit the collection of your personal information. These options include:
- Communication choices: You can choose to receive our communications through different means (phone, SMS, email) or opt-out entirely.
- Cookie management: Our website allows you to refuse or customize the use of cookies. Please note that blocking certain cookies may affect the accessibility and functionality of our website.
- Granular consent: In most situations, when we collect information for specific purposes, you have the option to consent only to certain uses of your data.
It is important to note that some of these options may limit your access to all the features of our service. For example, refusing certain cookies may cause parts of our website to not function as expected, or choosing not to create an account may limit access to certain personalization features.
Sharing and Disclosure of Personal Information
5.1 The personal information collected by our organization is accessible to specific categories of our staff and certain partner organizations to effectively provide our products and services. For example:
- Customer service: Accesses contact information to respond to requests.
- IT department: Accesses technical data for support and maintenance.
- Marketing department: Uses data for advertising campaigns and market studies.
- Personal and data security officers: Access information to ensure data security and protection against unauthorized access or cyberattacks.
- Legal consultants: Use data to ensure compliance with laws and regulations.
- Cloud service providers: Host data on secure servers, allowing storage and retrieval of information.
- Research and development partners: Access certain data for collaboration on new innovations or product/service improvements.
- Debt collection agencies: In cases of non-payment, some information may be shared with external collection agencies.
We ensure that this information is used exclusively for the stated purposes and with respect for confidentiality. Data transfers outside Quebec are carried out as part of international collaborations, while ensuring adequate protection of the information in accordance with applicable laws.
Links to Other Websites
6.1 Our website may contain links to third-party websites
When you follow these links, you leave our website. The information exchanged at that time is no longer subject to our privacy policy. We recommend reviewing the privacy statements of other websites you visit before providing any information.
Security of Personal Information
7.1 Security Measures for Personal Information Protection
- To ensure the security and confidentiality of personal information, SPI Sorel-Tracy adopts rigorous security measures, including both physical and technological aspects. Here are some concrete examples:
- Physical security: Use of electronic lock systems and secure locks for office, cabinet, and file access, installation of surveillance cameras, and restricted access to areas where personal data is stored.
- Access controls: Limiting access to personal data to authorized employees only.
- Staff training: Regular staff awareness on best data security practices.
- Data encryption: Protecting sensitive data with advanced encryption techniques.
- Intrusion monitoring and detection: Implementing systems to monitor suspicious activity and detect potential intrusions.
- Disaster recovery plans: Developing plans to quickly restore data in case of incidents like outages or cyberattacks.
These measures aim to protect personal information against unauthorized access, use, or disclosure and maximize its integrity and confidentiality. While we do our best to protect your personal data, it is important to keep in mind that no method of internet transmission or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.
7.2 Staff and Board Commitment
Each employee, director, volunteer, independent contractor, or ad hoc advisor working on our board committees is committed to respecting the personal information we collect. Additionally, these individuals commit to maintaining the confidentiality of information specific to our activities and to not disclosing or using it for personal gain or the benefit of others. This commitment exists from the moment the employee, director, volunteer, independent contractor, or ad hoc advisor takes office and continues indefinitely.
Retention and Destruction of Personal Information
We will only retain your personal data for the duration necessary for the purposes stated in this privacy policy. We will retain and use it as needed to comply with our legal obligations, resolve disputes, and enforce our legal policies. We will also retain usage data for internal analysis purposes. This data is generally kept for a shorter period unless it is used to enhance security or improve the functionality of our website, or if we are legally required to keep it longer.
Your Rights
9.1 Acknowledgment and Respect for Your Rights
As part of our privacy policy, we acknowledge and respect the fundamental rights of individuals whose personal information we hold. These rights include:
- Right of access: Individuals have the right to view the personal information we hold about them. For example, a customer may request to see the data collected during their registration for our service.
- Right to rectification: If information is inaccurate or incomplete, individuals may request updates. For example, an employee can request correction of their incorrect postal address in our records.
- Right to de-indexation: Individuals may request that their personal information be removed from public access or that any hyperlink associated with their name be de-indexed if such dissemination causes harm or violates the law or a court order. This right to erasure or the right to be forgotten allows individuals to control the availability of their personal information on the internet.
- Right to file a complaint: In case of concerns about the processing of their data, individuals can file a complaint according to our established process.
Subject to applicable laws, upon receiving a written request from a person and after verifying their identity, we will inform them if we hold personal information about them and provide that information.
We may deny access to information in accordance with applicable laws, in which case we will explain the reason for the refusal.
To facilitate these rights, the contact information for our Privacy Officer is clearly provided for any questions or concerns. These measures ensure that individuals can exercise their rights with confidence and transparency.
Policy Changes
This policy may be updated to reflect changes in our practices or legal requirements. Updates will be posted on our website. We encourage you to regularly review this privacy policy to stay informed of any changes.
Contact
Any requests or questions regarding this privacy policy can be sent to the person responsible for personal information protection at the following address:
By email: administration@spisoreltracy.com
By postal mail: 26, place Charles-De Montmagny, office 210, Sorel-Tracy (Québec) Canada J3P 7E3
Effective date of the policy: September 14, 2023
Last update: August 12, 2024