Last update: February 29, 2024
PRIVACY POLICY OF 9411-4089 QUÉBEC INC.
9411-4089 Québec inc. (” 365E.pro “, ” we “or our “We are committed to protecting the personal information we collect in the course of our business. This privacy policy (the ” Policy “) The “Privacy Policy” describes in clear and simple terms how we respect our obligations to protect personal information, and more specifically our practices regarding the collection, use, disclosure, retention and destruction of your personal information. Our Privacy Officer (the ” PRP Manager “) ensures that the Policy is respected and implemented. You can reach him using the following contact details:
Bernard Durand
PRP Manager
1433, rue du Zéphyr, Québec, QC, G2G 1N6
Tel. : 418-561-2376
Email: bernard.durand@365e.pro
In order to ensure the implementation of the Policy, please be assured that we have implemented internal practices concerning the management of your personal information. These practices include frameworks for :
– The security of your personal information;
– Managing and preventing confidentiality incidents;
– Performing privacy impact assessments;
– Retention of your information throughout its life cycle.
Our commitment to you is clear:
– Be concise, clear and transparent;
– Obtain your consent when necessary;
– Allow you to exercise your rights regarding your personal information;
– Protect the confidentiality of your personal information.
Our Policy has been developed in compliance with applicable privacy legislation, including the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. P-21. 5, the Act respecting the protection of personal information in the private sector, RLRQ, c. P-39.1 and similar provincial legislation.
2.1 Login or authenticate yourself
2.2 Providing you with our products and services
2.3 Communicating with you
2.4 Managing our risks
2.5 Meeting our legal and regulatory obligations
2.6 Send you advertising offers, promotions or any other communications by e-mail, paper mail or telephone.
4.1 Safety measures
4.2 Managing confidentiality incidents
5.1 To our service providers and partners
5.2 To courts, law enforcement authorities, regulators, government officials or prosecutors
5.3 To other third parties
8.1 Access to your personal information
8.2 Correcting your personal information
8.3 Obtaining information on the processing of your personal information
8.4 Being informed if you are the subject of a decision based exclusively on automated processing
8.5 Withdrawing your consent
8.6 Dissatisfaction with the management of your personal information
The Policy applies to personal information collected in the course of all our activities, with the exception of personal information collected in respect of our employees, former employees and applicants for employment with us. It applies in particular to personal information collected when you visit our Web site, when we receive your registration for our training courses or when you contact us by any other means of communication. The Policy therefore applies, for example:
– To our past, present and future customers;
– To all users of our website;
– To all users registered for our training courses;
– To anyone who comes into contact with us.
Please note, however, that you remain responsible for protecting your personal information when you visit other third-party websites. Our Policy does not apply to the collection, use, disclosure or retention of your personal information by other websites, although some links on our website may allow you to access content from other third parties. We are not responsible for their privacy policies and encourage you to read any privacy notices or policies governing these third parties.
This Policy does not apply to the personal information of our employees, former employees or applicants for employment with us in the context of their employment, past, present or future, as another policy applies specifically to them and is available to them by contacting the PRP Manager.
Personal information means any information concerning a natural person that allows that person to be identified directly or indirectly, whether taken separately or combined with other information. For greater clarity, personal information is any information that identifies :
– directly a person, for example an identifier such as a name, location data, government ID; or
– indirectly through the combination of several specific elements specific to its physical, physiological, genetic, psychological, economic, cultural or social identity.
Please note that we collect only the personal information necessary to provide you with our products and services. Below are the categories of personal information we collect and examples of each category.
– Identity and contact information, e.g. :
o Name and surname;
o E-mail address;
o Postal address.
– Business information, for example :
o Number of products purchased;
o Subscriber number;
o Training courses viewed and completed;
o Position (job title).
– Financial and billing information, for example :
o Billing contact email address;
o Billing postal address;
o Amount invoiced and overdue.
– Information about your communications with us, for example
o History and minutes of our discussions with you;
o E-mail exchanges;
o Online chat;
o Information entered in the “Contact” section of the website;
– Information about your digital interactions, such as :
o E-mail address;
o Information about your devices;
o Route and navigation history;
o Length of visits.
To learn more about our use of cookies, please see our Cookie Policy.
In the event that we collect sensitive personal information about you, such as medical, biometric or other intimate information, which gives rise to a reasonable expectation of privacy, please be assured that we will first obtain your express consent.
Please also be aware that personal information may be collected when you attend one of our training sessions (for example, in the event that one of our broadcasts is recorded). Should this situation arise, please be advised that you will be notified and that, in all cases, subsequent use of the recording will only be made once the faces and names of those attending the training have been removed. These records are for internal use only, to ensure quality assurance of our products and services. In general, we collect your personal information in order to offer you our products and services and to improve them. Except as provided by law, if we need to use your personal information for purposes other than those set out in this Policy, we will obtain your consent before doing so.
We collect your personal information, to the extent permitted by law, in order to :
2.1 Login or authenticate yourself
When we wish to register you as a new customer, we require certain information to identify you. This information will be used in particular to find your file and to ensure that your information is associated with your account when you wish to benefit from our products and services and the associated guarantees.
2.2 Providing you with our products and services
When you do business with us, it is necessary for us to process some of your information in order to determine your eligibility for our products and services, to advise you appropriately based on your needs, to process your complaints and to assist you in all your dealings.
2.3 Communicating with you
As part of our business relationship with you, we may need to contact you from time to time in order to :
– Inform you of important changes applicable to your products and services;
– Send us your proof of training;
– Notify you of changes to our Terms and Conditions, Privacy Policy or Cookie Policy;
– Offer you training;
– Inform you of new products or other useful information.
2.4 Managing our risks
As a company, we need to take a number of preventive actions to manage the risks associated with our activities, in order to avoid financial losses, operational breakdowns and internal and external fraud. To do this, we may monitor any suspicious activity in your account.
2.5 Meeting our legal and regulatory obligations
In running our business, we must comply with certain legal and regulatory obligations. We are therefore obliged to collect your information in order to, for example :
– Comply with the Income Tax Act;
– Defend us in the event of claims or legal proceedings.
2.6 Send you advertising offers, promotions or any other communications by e-mail, paper mail or telephone.
In order to offer you a more personalized service, we may use your personal information to communicate offers likely to meet your needs, our latest promotions, newsletters or surveys, for example.
In order to adequately personalize these communications, we may analyze your personal information for profiling purposes. This allows us to avoid sending you communications that do not correspond to your expectations.
Please note that you may withdraw your consent to receive these communications at any time.
Most of the time, we collect your personal information directly from you or, in some cases, directly from employers who may register their employees for training courses. There are, however, situations where we may collect your personal information from other sources, with your consent or as required by law.
We are committed to protecting personal information in our possession in accordance with industry standards. To this end, we implement reasonable security measures to protect your personal information.
4.1 Safety measures
Our security measures are adapted to the amount and sensitivity of personal information.
|
MEASUREMENT TYPES |
EXAMPLES OF MEASURES |
| Technical measures | – Use strong internal passwords;
– Multi-factor authentication; – Microsoft 365 data protection; – Intelligent remote monitoring and management; – Active MDR cybersecurity protection. |
| Administrative measures | – Access management on a “need-to-know” basis;
– Internal policies and training on the protection of personal information; – Our employees are bound by confidentiality undertakings that survive the end of their employment; |
Note, however, that the transmission of personal information over the Internet is never completely secure. While we take every precaution to protect your personal information, we cannot guarantee the security of personal information transmitted over the Internet. You choose to transmit information through this channel at your own risk.
4.2 Managing confidentiality incidents
We take any potential or attempted Privacy Incident seriously. For the purposes of this Policy, a “Privacy Incident” means any unauthorized access, use or disclosure of personal information, as well as the loss of personal information or any other breach of the security of such information. Any Privacy Incident is taken seriously and will be communicated to the relevant supervisory authorities and individuals in accordance with applicable privacy laws.
If you believe that your personal information has been compromised or if you have any concerns in this regard, we invite you to contact our PRP Manager at the contact details provided in article 9.
Within our company, access to your personal information is limited to those employees who require access in order to perform their duties. Our employees are made aware of the need to protect personal information, and policies are in place to ensure their protection.
However, in order to offer you affordable, quality products and services, we must communicate some of your personal information outside our company. Rest assured that we require third parties to whom we disclose your personal information to respect the standards set by law and the security measures necessary to protect your personal information. We never sell your personal information and will only disclose it where required by law or with your consent.
5.1 To our service providers and partners
In order to carry out certain purposes described in the Policy, we do business with service providers to whom we may communicate or give access to your personal information when necessary for the performance of their service contract.
However, rest assured that we have written contracts in place with our service providers in order to :
– Guarantee the confidentiality of your personal information;
– Ensure that information is used only for the purpose of providing the service;
– To ensure that the provider does not retain any personal information when it is no longer required for the performance of the service, except for that contained in backup systems which will be deleted according to the deletion cycle predetermined by the provider;
– Ensure that the service provider contacts us immediately in the event of a confidentiality incident or any attempt to do so.
The categories of service providers with whom we do business include the following:
– IT and technical services;
– Communications and marketing firms;
– Accounting firms;
– Law firms;
– Security service;
– Application developer;
– Cloud hosting service.
5.2 To courts, law enforcement authorities, regulators, government officials or prosecutors
More specifically, we may disclose your personal information to comply with a search warrant, to respond to an investigative body, to comply with a court order, if we believe disclosure is necessary to comply with applicable laws, if required by law, to pursue a legal claim or to assert a defence.
5.3 To other third parties
We may need to disclose your personal information to other third parties in certain specific circumstances, always within the limits permitted by law or after obtaining your consent, for example:
– As part of a business transaction (a merger, an acquisition by another company, obtaining a loan or financing, for example);
– In the event of insolvency or bankruptcy.
Yes. The subcontractors with whom we do business and other third parties to whom we disclose your personal information may operate outside Quebec and Canada.
In all cases where we disclose your personal information outside Quebec or Canada, we ensure that your personal information is handled securely and in accordance with this Policy and that a written agreement exists with the third party regarding the handling of your personal information. In addition, before we disclose your personal information outside Quebec, we always conduct a privacy impact assessment to evaluate, among other things, the risks inherent in the disclosure as well as the applicable legal regime of the state where your information would be disclosed.
We do not share your personal information unless it is adequately protected.
We ensure that third parties to whom we disclose your personal information undertake to :
– Restrict access to personal information only to those employees who need access to it in order to perform their duties;
– Destroy personal information once the purpose of the communication has been fulfilled, with the exception of personal information contained in backup systems, which will be deleted according to the deletion cycle predetermined by the third party;
– Notify us immediately in the event of a confidentiality incident;
– Do not use personal information for purposes other than those expressly stated.
The personal information we collect is retained only as long as necessary to fulfill the purposes set out in section 2 of the Policy and to comply with our legal and regulatory obligations. We have internal procedures and policies in place to ensure that your personal information is subject to a specified retention schedule and that it is securely destroyed once that schedule has passed. If the information has been anonymized, it is no longer possible to identify you directly or indirectly, since this process is irreversible.
If you have any questions concerning the conservation of your personal information, please contact our PRP Manager using the contact details provided in article 9.
As mentioned in the previous section, your personal information may be stored outside Quebec and Canada. We assure you that the location where your personal information is stored does not affect the protection and security of your personal information. Please refer to article 4 for further details.
To find out about our specific retention periods according to the types of personal information we collect and the purposes for which it is used, please consult Article 2.
8.1 Access to your personal information
Subject to the exceptions provided by law, you have the right to request a copy of, or access to, the personal information we hold about you. You may exercise your right of access by contacting our PRP Manager at the contact details provided in article 9. Also note that :
– Access to your personal information is free. However, in certain circumstances, notably if the request is excessive or unfounded, we may charge certain administration fees for the transcription, reproduction or transmission of your personal information, or if you wish to obtain additional copies. We will inform you of any such charges before processing your request;
– We generally respond to all requests for access within 30 days of receiving any necessary information. If we are unable to grant access, or if additional time is required to satisfy a request, we will inform you in writing.
8.2 Correcting your personal information
If you consider that your personal information is inaccurate or incomplete, you may rectify it by contacting our PRP Manager at the contact details provided in section 9. It is your responsibility to inform us of any changes to your personal information so that we can ensure that your personal information is kept up to date.
8.3 Obtaining information on the processing of your personal information
You have the right to obtain additional information relating to the processing of your personal information. If you cannot find the answer to your questions in the Policy, you can contact our PRP Manager using the contact details provided in article 9.
8.4 Being informed if you are the subject of a decision based exclusively on automated processing
If we use your personal information to make a decision based exclusively on automated processing, we will notify you no later than the time we inform you of the decision. In such a case, you also have the right, upon request :
– be informed of the information used to make the decision;
– the reasons and the main factors and parameters that led to the decision; and
– rectify the personal information used to render the decision;
– present your comments to a member of our team, who can review the decision if necessary.
You can exercise this right by contacting our PRP Manager using the contact details provided in article 9.
8.5 Withdrawing your consent
When you give your consent for secondary purposes, i.e. purposes that are not essential to offering you our products and services, you may withdraw it at any time, without consequence.
However, if you refuse to provide us with personal information that is necessary for us to offer you our products and services or that is required by law, we may no longer be able to provide you with some of our services. In this case, we may have to cancel our commitment to you. However, you will be informed if such a situation arises.
8.6 Dissatisfaction with the management of your personal information
If you have any questions, concerns or dissatisfaction with this Policy or with the management of your personal information, you may contact our PRP Manager at the coordinates provided in section 9.
Your privacy is important to us. We have appointed a PRP Manager to ensure compliance with and implementation of applicable privacy legislation. You can reach him using the following contact details:
Bernard Durand
PRP Manager
1433, rue du Zéphyr, Québec, QC
Tel. : 418-561-2376
Email: bernard.durand@365e.pro
This Policy takes effect on the date indicated at the top of the page and replaces all previous versions. The history of previous versions of the Policy can be obtained on request from our PRP Manager.
This Policy may be updated at our sole discretion to reflect changes in our practices and in privacy legislation. When the Policy is updated, the changes will be specifically brought to your attention and a notice will be available on the home page of our website. When changes are of a significant nature or require your consent, we will notify you by e-mail if we have your e-mail address.
