9411-4089 QUÉBEC INC. PRIVACY POLICY
9411-4089 Québec inc. (“365E.pro”, “we”, “us” or “our”) are committed to protecting the personal information we collect in the course of our business. This privacy policy (the “Policy”) describes in simple and clear terms how we comply with our privacy obligations and more specifically our practices with respect to the collection, use, disclosure, retention and destruction of your personal information. Our Privacy Officer (the “Privacy Officer”) is responsible for ensuring compliance with and implementation of the Policy. You can reach him using the following contact details:
Bernard Durand
PRP Manager
1433 du Zéphyr Street, Quebec City, QC, G2G 1N6
Phone: 418-561-2376
Email: bernard.durand@365e.pro
To ensure the implementation of the Policy, please be assured that we have implemented internal practices regarding the management of your personal information. These practices include in particular frameworks concerning:
- The security of your personal information;
- Management and prevention of confidentiality incidents;
- Conducting privacy impact assessments;
- Retention of your information throughout its lifecycle.
Our commitment to you is clear:
- Be concise, clear and transparent;
- Obtain your consent when necessary;
- To allow you to exercise your rights regarding your personal information;
- To protect the confidentiality of your personal information.
Our Policy has been developed in accordance with applicable privacy laws, including the Personal Information Protection and Electronic Documents Act, S.C. 2000, c. 5, the Act Respecting the Protection of Personal Information in the Private Sector, CQLR, c. P-39.1 and other similar provincial statutes.
Content of the Policy
WHO IS OUR POLICY FOR?
WHAT PERSONAL INFORMATION DO WE COLLECT AND FOR WHAT PURPOSES?
2.1 Identify or authenticate you
2.2 Providing you with our products and services
2.3 Communicating with You
2.4 Managing our risks
2.5 To comply with our legal and regulatory obligations
2.6 To send you advertising offers, promotions or any other communications by electronic, paper mail and telephone
HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
HOW DO WE PROTECT YOUR PERSONAL INFORMATION?
4.1 Security measures
4.2 Management of Privacy Incidents
TO WHOM MAY WE SHARE YOUR PERSONAL INFORMATION?
5.1 To our service providers and partners
5.2 To courts, law enforcement authorities, regulatory authorities, public servants or prosecutors
5.3 To other third parties
CAN YOUR PERSONAL INFORMATION BE SHARED OR STORED OUTSIDE OF QUEBEC OR CANADA?
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION?
8.1 Access to Your Personal Information
8.2 Rectification of Your Personal Information
8.3 Obtaining Information About the Processing of Your Personal Information
8.4 To be informed if you are the subject of a decision based solely on automated processing
8.5 Withdrawing your consent
8.6 Dissatisfaction with the management of your personal information
HOW DO I CONTACT OUR PRIVACY OFFICER?
POLICY UPDATE
WHO IS OUR POLICY FOR?
The Policy applies to personal information collected in the course of all of our activities, except for personal information that we collect about our employees, former employees and job applicants with us. It applies in particular to personal information collected when you visit our website, when we receive your registration for our training courses or when you contact us by any other means of communication. The Policy therefore applies, for example:
- To our past, current and future customers;
- To all users of our website;
- To all users registered for our training;
- To anyone who contacts us.
However, please be aware that you remain responsible for protecting your personal information when viewing content from other third-party websites. Our Policy does not apply to the collection, use, disclosure or retention of your personal information by other websites, although certain links on our website may allow you to access content from other third parties. We are not responsible for their privacy policies and encourage you to read the privacy notices or policies governing these third parties.
This Policy does not apply to the personal information of our employees, former employees or applicants for employment with us in the context of their past, present or future employment as another policy applies specifically to them and is available to them by contacting the PRP Manager.
WHAT PERSONAL INFORMATION DO WE COLLECT AND FOR WHAT PURPOSES?
Personal information means any information about a natural person that directly or indirectly identifies that individual, whether alone or in combination with other information. For greater clarity, personal information is any information that identifies:
- directly an individual, such as an identifier such as a name, location data, government ID; or
- indirectly through the combination of several specific elements specific to his or her physical, physiological, genetic, psychological, economic, cultural or social identity.
Please be aware that we only collect personal information that is necessary to provide you with our products and services. Below are the categories of personal information we collect as well as examples for each category.
Identity information and contact information, for example:
- Name and surname;
- Email address;
- or postal dress.
Commercial information, for example:
- Number of products purchased;
- Subscriber number;
- Training viewed and completed;
- Position (job title).
Financial and billing information, such as:
- Email address of the billing contact;
- Billing mailing address;
- Invoiced and overdue amount.
Information about your communications with us, for example
- History and record of our discussions with you;
- Email exchanges;
- Online chat;
- Information entered in the “Contact” section of the Website;
Information about your digital interactions, such as:
- Email address;
- Device information;
- Navigation route and history;
- Duration of visits.
To learn more about our use of cookies, please see our Cookie Policy. https://plateforme.365e.pro/home/politique-en-matiere-de-cookies/
In the event that we collect sensitive personal information about you, information that, by its medical, biometric or other intimate nature, gives rise to a high degree of reasonable expectation of privacy, please be assured that we will obtain your express consent in advance.
Please also be aware that personal information may be collected when you attend one of our training sessions (for example, in the event that one of our broadcasts is recorded). If this situation arises, please be aware that you will be notified and in any case, the subsequent use of the recording will only occur once the faces and names of the persons attending the training are removed. These recordings are for internal use only to ensure quality assurance of our products and services. Generally, we collect your personal information for the purpose of providing you with our products and services and to improve them. Except as required by law, if we need to use your personal information for purposes other than those identified in the Policy, we will obtain your consent before using that information.
We collect your personal information, to the extent permitted by law, in order to:
2.1 Identify or authenticate you
When we want to register you as a new customer, we need certain information to identify you. This information will be used in particular to find your file and to ensure that your information is associated with your account when you wish to benefit from our products and services as well as the guarantees associated with them.
2.2 Providing you with our products and services
When you do business with us, it is necessary for us to process some of your information in order to determine your eligibility for our products and services, to advise you appropriately according to your needs, to handle your complaints and to assist you in all your steps.
2.3 Communicating with You
In the course of our business relationship with you, we may need to communicate with you from time to time in order to:
- Notify you of important changes to your products and services;
- Send you your proof of certificates of training taken;
- Notify you of changes to our Terms and Conditions, Privacy Policy, or Cookie Policy;
- To offer you training;
- To inform you of news or other useful information.
2.4 Managing our risks
As a company, it is necessary for us to take certain preventive actions as part of the risk management of our activities in order to avoid financial losses, disruptions of operational services and internal and external fraud. This may include monitoring for suspicious activity on your account.
2.5 To comply with our legal and regulatory obligations
In the operation of our business, we must comply with certain legal and regulatory obligations. We therefore have an obligation to collect your information in order to, for example:
- Comply with the Income Tax Act;
- Defend ourselves against claims or legal demands.
2.6 To send you advertising offers, promotions or any other communications by electronic, paper mail and telephone
In order to provide you with a more personalized service, we may use your personal information to communicate offers that may meet your needs, such as our most recent promotions, newsletters or surveys.
In order to properly personalize these communications, we may analyze your personal information for profiling purposes. This allows us to avoid sending you communications that do not meet your expectations.
Please be aware that you have the opportunity at any time to withdraw your consent to receive these communications.
HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
Most of the time, we collect your personal information directly from you or, sometimes, directly from the employer who may enroll their employees in training. However, there are situations where we may collect your personal information from other sources, with your consent or as required by law.
HOW DO WE PROTECT YOUR PERSONAL INFORMATION?
We are committed to protecting the personal information in our possession in accordance with our industry standards. To do this, we put in place reasonable security measures to protect your personal information.
4.1 Security measures
Our security measures are adapted according to the amount of personal information and the sensitivity of the information.
TYPES OF MEASURES
EXAMPLES OF MEASURES
Technical measures
- Use of strong internal passwords;
- Multi-factor authentication;
- Microsoft 365 data protection;
- Intelligent remote monitoring and management;
- Active MDR cybersecurity protection.
Administrative measures
- Access management based on the “need to know”;
- Internal policies and training on the protection of personal information;
- Our employees are bound by confidentiality commitments that survive their termination of employment;
Note, however, that the transmission of personal information over the Internet is never completely secure. Although we implement all of these measures to protect your personal information, we cannot guarantee the security of personal information transmitted over the Internet. You choose to transmit information through this channel at your own risk.
4.2 Management of Privacy Incidents
We take any incident or attempted Privacy Incident, whether potential or actual, seriously. For the purposes of the Policy, a “Privacy Incident” means any unauthorized access, use or disclosure of personal information as well as the loss of personal information or any other breach of the protection of such information. Any Privacy Incident is taken seriously and will be reported to supervisory authorities and data subjects in accordance with applicable privacy laws.
If you believe that your personal information has been compromised or if you have any concerns about it, we invite you to contact our PRP Manager using the contact details provided in section 9.
TO WHOM MAY WE SHARE YOUR PERSONAL INFORMATION?
Within our company, access to your personal information is limited to those employees who need to know in the course of performing their duties. They are aware of the protection of personal information and policies are in place to ensure that it is protected.
However, in order to provide you with affordable, quality products and services, we need to share some of your personal information outside of our company. Please be assured that we require third parties to whom we disclose your personal information to comply with the standards set out in the law and the security measures necessary to protect your personal information. We never sell your personal information and we only disclose it as required by law or where we have obtained your consent.
5.1 To our service providers and partners
In order to carry out certain purposes described in the Policy, we do business with service providers to whom we may disclose or provide access to your personal information when necessary for the performance of their service contract.
However, rest assured that we have written contracts in place with our service providers in order to:
- To ensure the confidentiality of your personal information;
- Ensure that the information is used only for the performance of the service;
- Ensure that the Provider does not retain any personal information when it is no longer necessary for the performance of the Service, except for information contained in backup systems that will be deleted according to the deletion cycle predetermined by the Provider;
- To ensure that the service provider contacts us immediately in the event of a confidentiality incident or any attempts to do so.
The categories of service providers we do business with include:
- Information technology and technical services;
- Communication and marketing firms;
- Accounting firms;
- Law firms;
- Security service;
- Application developer;
- Cloud hosting service.
5.2 To courts, law enforcement authorities, regulatory authorities, public servants or prosecutors
Specifically, we may disclose your personal information in response to a search warrant, to respond to an investigative body, to respond to a court order, if we believe disclosure is necessary to comply with applicable laws, if required by law, in connection with a legal claim, or to assert a defence.
5.3 To other third parties
We may need to disclose your personal information to other third parties in certain specific cases, always to the extent permitted by law or with your consent, for example:
- In the context of a commercial transaction (e.g. a merger, acquisition by another company, obtaining a loan or financing);
- In the event of insolvency or bankruptcy.
CAN YOUR PERSONAL INFORMATION BE SHARED OR STORED OUTSIDE OF QUEBEC OR CANADA?
Yes. It is possible that the subcontractors with whom we do business as well as other third parties to whom we communicate your personal information carry out activities outside of Québec and Canada.
In all cases where we communicate your personal information outside of Quebec or Canada, we ensure that your personal information is treated securely and in accordance with this Policy and that a written agreement exists with the third party regarding the processing of your personal information. In addition, before disclosing your personal information outside of Québec, we always conduct a privacy impact assessment to assess, among other things, the risks inherent in the disclosure as well as the applicable legal regime of the state where your information would be communicated.
We do not share your personal information unless it is adequately protected.
We ensure that the third parties to whom we disclose your personal information agree to:
- Restrict access to personal information only to those employees for whom it is necessary to have access to it in the course of carrying out their duties;
- Destroy personal information once the purpose of the disclosure has been fulfilled, except that information contained in backup systems that will be deleted according to the deletion cycle predetermined by the third party;
- Notify us immediately in the event of a confidentiality incident;
- Not use personal information for purposes other than those expressly provided.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
The personal information we collect is retained only for the period necessary to fulfill the purposes set out in section 2 of the Policy and to comply with our legal and regulatory obligations. We have internal policies and procedures in place to ensure that your personal information is subject to a specified retention schedule and that it is securely destroyed after that period. If the information has been anonymized, it is no longer possible to identify you directly or indirectly as this is an irreversible process.
If you have any questions regarding the retention of your personal information, we invite you to contact our Privacy Officer using the contact information provided in section 9.
As mentioned in the previous section, your personal information may be stored outside of Québec and Canada. We assure you that the location of your personal information does not affect the protection and security of your personal information. We refer you to Article 4 for more details.
To find out about our specific retention periods based on the types of personal information we collect and its purpose, we invite you to consult section 2.
WHAT ARE YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION?
8.1 Access to Your Personal Information
Subject to exceptions provided by law, you have the right to request a copy of or access to the personal information we maintain about you. You can exercise your right of access by contacting our PRP Manager using the contact details provided in section 9. In addition, also note that:
- Access to your personal information is free of charge. In certain circumstances, including if the request is excessive or unfounded, we may charge certain administration fees for the purposes of transcribing, copying, transmitting your personal information or if you request additional copies. We will inform you of these fees, if any, before proceeding with your request;
- We generally respond to all access requests within 30 days of receiving any necessary information. Where we are unable to grant access, or if additional time is required to comply with a request, we will notify you in writing.
8.2 Rectification of Your Personal Information
If you believe that your personal information is inaccurate or incomplete, you may correct it by contacting our Privacy Officer using the contact information provided in Section 9. It is your responsibility to inform us of any changes to your personal information so that we can ensure that we keep your personal information up to date.
8.3 Obtaining Information About the Processing of Your Personal Information
You have the right to obtain additional information related to the processing of your personal information. If you do not find the answer to your questions in the Policy, you can contact our PRP Manager using the contact details provided in section 9.
8.4 To be informed if you are the subject of a decision based solely on automated processing
If we use your personal information to make a decision based solely on automated processing, we will notify you at the latest at the time we notify you of the decision. In such a case, you also have the right, upon request:
- be informed of the information used to make the decision;
- the reasons for the decision, as well as the main factors and parameters that led to the decision; and
- have the personal information used to make the decision corrected
- Present your observations to a member of our team who can review the decision if necessary.
You can exercise this right by contacting our PRP Manager using the contact details provided in section 9.
8.5 Withdrawing your consent
When you provide consent for secondary purposes, i.e., purposes that are not essential to providing you with our products and services, you may withdraw your consent at any time without consequence.
However, if you refuse to provide us with personal information that is necessary for us to provide you with our products and services or as required by law, we may no longer be able to provide you with some of our services. In this case, we may have to cancel our commitment to you. However, you will be informed of the occurrence of such a situation.
8.6 Dissatisfaction with the management of your personal information
If you have any questions, concerns or dissatisfaction with this Policy or the management of your personal information, you may contact our Privacy Officer using the contact information provided in section 9.
HOW DO I CONTACT OUR PRIVACY OFFICER?
The protection of your personal information is important to us. We have appointed a Privacy Officer who oversees compliance with and implementation of applicable privacy legislation. You can reach him using the following contact details:
Bernard Durand
PRP Manager
1433 du Zéphyr Street, Quebec City, QC
Phone: 418-561-2376
Email: bernard.durand@365e.pro
POLICY UPDATE
This Policy is effective as of the date at the top of the page and supersedes all previous versions. The history of previous versions of the Policy can be obtained by a request to our PRP Manager.
The Policy may be updated at our sole discretion in accordance with changes in our practices and legislation relating to the protection of personal information. When the Policy is updated, the changes will be specifically notified to you and a notice will be available on the home page of our website. Where changes are of a material nature or require your consent, we will notify you by email if we have your email address.