1. General Information
Data privacy is important to Mazout G. Bélanger Inc. (hereinafter referred to as the “Entity“, ” We”, “Us“, “Our“). For this reason, We have implemented safeguards and management practices for your Personal Information in accordance with applicable laws in Quebec and Canada.
By using our https://www.mazoutbelanger.com/ (the “Website“) or any of our services, you agree that We may collect, use, process, disclose and retain your Personal Information in accordance with the terms described herein. If you do not agree to abide by and be bound by this Policy, you are not permitted to visit, access or use Our Website or Services, or share your Personal Information with Us.
This Policy does not apply to the Personal Information of the Entity’s employees, representatives and consultants, or to any other person affiliated with the Entity, as well as to any information that does not constitute Personal Information as defined by applicable laws in Quebec and Canada.
b) Data Protection Officer
Name and title: Gabriel Degrandmaison, IT & Special Projects Coordinator
Telephone : 450-435-3538, ext. 236
Email : email@example.com
Address : 402-11800, rue de l’Avenir, Mirabel (Québec) J7J 2T1
The following words and expressions, when they appear with a first capital letter in the Policy, shall have the meaning ascribed below, unless otherwise implied or explicitly stated in the text:
“Service Provider” means any natural or legal person who processes Personal Information on behalf of the Entity. These are third-party companies or individuals employed by the Entity to facilitate the Services, provide the Services on behalf of the Entity, perform services related to the Services, or assist the Entity in analyzing the use of the Services.
“Personal Information” means any information that relates to a natural person and allows him or her to be identified, i.e. that directly or indirectly reveals something about the identity, characteristics (e.g., skills, preferences, psychological tendencies, predispositions, mental capacities, character and behaviour of the person concerned) or activities, regardless of the nature of the support tool and regardless of the form in which the information is accessible (written, graphic, audio, visual, computerized or otherwise).
“Data Protection Officer” means the person who is responsible for the application of this Policy and whose contact information is identified in Section 1 of this Policy.
“Services“: Services refers to the Website and our social media pages and the services and products rendered to you.
3. Processing of Personal Information
3.1 Collection of Personal Information
In the course of our business, We may collect different types of Personal Information including the information listed below:
- contact information, such as your first and last names, address, email address and telephone number, and, if available, your username and password;
- information relating to Services, such as information about the Services We have rendered to you;
- information you choose to provide or share with Us, for example, when you fill out a form, respond to surveys, apply for a job opening, or contact one of our employees or representatives;
- information collected automatically when you use the Website and our Services, including:
- login information and other information about your activities on the Website, such as your IP address, the pages you viewed, the time and date of your visits, the number of connections, the type of browser you use, the operating system of your device, and other hardware and software information;
- Demographic and geolocation data, such as your IP address, a precise or approximate location determined from your IP address, or your mobile device’s GPS (depending on your device settings).
In each case, such Personal Information is processed in accordance with the legitimate and necessary purposes listed in section 3.2 below.
3.2 Use of Personal Information
We may use your Personal Information for the legitimate purposes described below:
- operate, maintain, monitor, develop, improve and offer all features of Our Website;
- present and/or provide Services to you;
- allow you to apply for job openings;
- carry out our contractual obligations to you;
- developing, improving, and offering new Services;
- send you messages, updates, security alerts;
- for marketing and business development purposes, if you have previously consented to the processing of your Personal Information for those purposes;
- answer your questions and provide you with assistance as needed;
- collect reviews and feedback in connection with our Services;
- conduct research, analysis and statistics in connection with Our business and Services;
- detect and prevent fraud, errors, spam, abuse, security incidents, and other harmful activities;
- for any other purpose permitted or required by law.
3.3 Disclosure of Personal Information
We may share your Personal Information with our employees (including human resources and IT departments), contractors, consultants, agents, Service Providers and other trusted third parties, who need the information to help Us operate Our Website, conduct Our business activities or serve you, provided that such Service Providers have previously agreed in writing to ensure the confidentiality of your Personal Information in accordance with applicable laws and Our information governance program.
We do not sell, trade, or otherwise disclose your Personal Information to third parties.
3.3.1 Service Providers and Other Third Parties
Although We try to avoid sharing your Personal Information with third parties, We may use Service Providers to perform various services on Our behalf, such as IT management and security, marketing, data analytics and data hosting services. We have defined below the cases in which such sharing may take place:
Before disclosing your Personal Information to Service Providers outside the province of Quebec or depending on the nature of the Personal Information disclosed, We conduct privacy impact assessments. When We disclose your Personal Information to Service Providers, We insure that the Personal Information disclosed and provided is strictly necessary to carry out their mandate. As part of the contracts with our Service Providers, We are committed to adhering to the principles set out in this Policy. Our Service Providers are required to use Personal Information securely and confidentially, as directed by us, and only for the purposes for which it was provided. We provide sufficient assurances that adequate safeguards are in place to commensurate with the sensitivity of the Personal Information processed or disclosed. When Our Service Providers no longer need your Personal Information, We require them to destroy that data appropriately.
3.3.2 Complying with Legislation, Responding to Legal Requests, Preventing Harm, and Protecting Our Rights
We may disclose your Personal Information where We believe such disclosure is authorized, necessary or appropriate, including:
- to respond to requests from public and government authorities, including public and government authorities outside your country of residence;
- to protect Our business;
- to comply with legal process;
- to protect Our rights, privacy, safety, property, or those of others;
- to allow Us to pursue available remedies or limit the damages We may sustain; and
- in accordance with applicable laws, including laws outside your country of residence.
3.3.3 Business Transaction
3.4 Consent to Personal Information
To the extent possible, the Entity obtains consent directly from the data subject to the collection, use and disclosure of their Personal Information. However, if you provide Personal Information about other individuals to Us, you must ensure that you have given them due notice that you are providing their information to Us in addition to obtaining their consent to such disclosure.
We will collect your explicit, clear, free and informed consent and identify specific purposes for which consent is required before using or disclosing your Personal Information for purposes other than those set out herein. We will also collect your explicit consent whenever sensitive Personal Information is involved in any of the Entity’s processing activities. We will ask for your consent for each specific purposes in plain and clear terms, and distinctively from any other information.
If You do not consent, please stop using the Website. Except where otherwise required by law, You may withdraw your consent at any time upon reasonable notice. Please note that if You choose to withdraw your consent to the collection, use or disclosure of Your Personal Information, certain features of Our Website may no longer be available to You or we may no longer be able to offer You some of Our services.
3.5 Retention of Personal Information
Subject to applicable law, We retain your Personal Information only for as long as necessary to fulfill the purposes for which it was collected, unless you consent to your Personal Information being used or processed for another purpose. As an indication, the duration of certain information may extend up to 7 years following the end of the Services rendered by the Entity to you. In addition, Our retention periods may be changed from time to time due to legitimate interests (e.g., to ensure the security of Personal Information, to prevent abuse and breaches, or to prosecute criminals).
For more information on the periods for which your Personal Information is retained, please contact Our Data Protection Officer using the contact information provided in section 1b) of this Policy.
4. Your Rights
As a data subject, you may exercise the rights set out below by contacting Our Data Protection Officer in writing at the contact information provided in section 1b) of the Policy. Please note that We may ask you to verify your identity before responding to any of these requests.
- You have the right to be informed of the Personal Information We hold about you, its use, disclosure, retention and destruction, subject to the exceptions provided by applicable law;
- You have the right to access your Personal Information, to request a copy, including hard copy, of the documents containing your Personal Information, subject to the exceptions provided by applicable law, and to obtain, where applicable, additional details about how we use, disclose, retain and destroy it;
- You have the right to have the Personal Information We hold about you corrected, amended and updated if it is incomplete, ambiguous, out of date or inaccurate;
- You have the right to withdraw or modify your consent to the Entity’s collection, use, disclosure or retention of your Personal Information at any time, subject to applicable legal and contractual restrictions;
- You have the right to ask Us to stop disseminating your Personal Information and to de-index any link to your name that provides access to that information if such disclosure would contravene the law or a court order;
- You have the right to request that your Personal Information be disclosed to you or transferred to another organization in a accessible and commonly used technological format;
- The right to be notified of a privacy incident involving your Personal Information that may cause you serious harm. To this end, we maintain a register of all confidentiality incidents and assess the harm they may cause to data subjects;
- You have the right to file a complaint with the Commission d’accès à l’information, subject to the conditions set out in applicable law.
In order to comply with your request, you may be asked to provide appropriate identification or otherwise identify yourself.
5. Cookies and Other Tracking Technologies
You can configure your browser so that you are informed about Cookies’ settings when you visit the Website, so that you can decide, in each case, whether to accept or refuse the use of some or all of the Cookies. Please note that disabling Cookies on your browser may adversely affect your browsing experience on the Website and prevent you from using some of its features.
6. Security Measures
The Entity has implemented physical, technological and organizational security measures to adequately protect the confidentiality and security of your personal information against loss, theft or any unauthorized access, disclosure, copying, communication, use or modification. These measures include, but are not limited to:
On the administrative side, the adoption of a series of policies and procedures as part of the implementation of Our information governance program, including:
- regulate the access, communication, retention, de-identification, including anonymization and/or, where applicable, destruction of Personal Information;
- determine the roles and responsibilities of Our employees throughout the life cycle of Personal Information and documents;
- establish procedures in regard to confidentiality incidents;
- govern the process of requests and complaints relating to the protection and processing of Personal Information.
On the technical level, the use of several means such as:
- the use of a secure server. All sensitive information provided is transmitted via Secure Socket Layer (SSL) technology and then encrypted in Our payment gateway provider database only to be accessed by authorized persons with limited access rights to such systems, which are required to keep the information confidential;
- the use of backup systems, network monitoring software, etc. ;
- the use of encryption and segregation of duties, access controls and internal audits.
We have not exhaustively listed the set of measures we are putting in place given the public nature of this Policy.
Despite the measures described above, We cannot guarantee the absolute security of your Personal Information. If you have reason to believe that your Personal Information is no longer protected, please contact Our Data Protection Officer immediately using the contact information provided in Section 1(b) above.
8. Links to Third-Party Websites
From time to time, We may include references or links to Our Facebook page, websites, products or services provided by third parties (the “Third-Party Services“) on Our Website. These Third-Party Services, which are not operated or controlled by the Entity, are governed by privacy policies that are entirely separate and independent from ours. We therefore assume no responsibility for the content and activities of these sites. This Policy applies only to the Website and the Services offered by Us. The Policy does not extend to third-party services such as Our Facebook Page.
9. Individuals Under the Age of 14
We do not knowingly collect or use Personal Information from anyone under the age of 14. If you are under the age of 14, you should not provide Us with your Personal Information without the consent of your parents or guardian. If you are a parent or guardian and you become aware that your child has provided Personal Information to Us without consent, please contact Us using the contact information provided in Section 1(b) above to request that We delete that child’s Personal Information from Our systems.
10. Applicable Laws
The laws of Canada and Quebec, excluding conflict of law rules, will govern this Agreement and your use of the Website. Your use of the Website may also be subject to other local, provincial, national or international laws.