Personal information protection policy
1. CONTEXT
Louis Tanguay Informatique Inc, doing business under the name Skadra, is a private company that processes personal information in the course of its activities.
In order to protect the privacy of each and every individual, Skadra is committed to respecting the confidentiality of the personal information it collects.
To this end, it has designated the management team as the person responsible for the protection of personal information. Their contact details are as follows:
The management team: Louis Tanguay and Alexandre Beaulieu
direction@skadra.com
(+1) 418 627-9222
The purpose of this policy is to ensure the security of personal information while establishing procedures for the collection, use, disclosure, retention, destruction and management of personal data by Skadra. In addition, it aims to inform all individuals concerned about how Skadra manages their personal information.
2. APPLICATION AND DEFINITIONS
This policy applies to Skadra, including its directors, employees, consultants and any person who otherwise provides services on behalf of Skadra. It also applies to the Skadra website. Please note that Skadra only offers its services to businesses and not to individuals.
The purpose of this policy is to govern all types of personal information managed by Skadra, whether that information relates to Skadra’s clients, prospects, consultants, employees, members or any other person, including visitors to Skadra’s websites or otherwise.
For the purposes of this policy, personal information is defined as any information about an individual that directly or indirectly allows that individual to be identified. This may include information such as name, address, e-mail address, telephone number, gender, banking information, medical information, ethnic information, linguistic information, etc.
Sensitive personal information is information that has a high reasonable expectation of privacy. This can include health information, banking data, biometric information, sexual orientation, ethnic origin, political opinions, religious or philosophical beliefs, etc.
In general, a person’s professional or business contact details are not considered personal information. For example, this refers to a person’s name, title, address, e-mail address or business telephone number. More specifically, in accordance with Quebec’s Act respecting the protection of personal information in the private sector, as of September 22, 2023, sections 3 (collection, use and communication), 4 (retention and destruction) and 6 (data security) do not apply to information concerning a person’s function within a company, such as name, title, function, and work address, e-mail address and telephone number.
Furthermore, these same sections do not apply to personal information that is public by law, as of the effective date of this policy.
3. COLLECTION, USE AND DISCLOSURE
In the course of its activities, Skadra may collect various categories of data for different purposes. When collecting personal information, Skadra will inform the persons involved of any other type of data collected, the purposes of such collection, the methods used, as well as any other information required by law.
Skadra adheres to the following general principles regarding the collection, use and disclosure of personal data:
3.1. CONSENT
As a general rule, Skadra obtains the direct consent of the persons concerned for the collection of their personal data, unless the law provides an exemption. In certain situations, consent may be implied, particularly when individuals decide to provide their personal data after having been informed of the uses envisaged by the present policy. In such cases, the people concerned are given the opportunity to consult the policy the moment the personal data are collected.
Normally, Skadra also obtains the consent of those concerned before collecting their personal data from third parties, before disclosing it to third parties or for any subsequent use. However, in certain situations provided for by law, Skadra may act without consent.
3.2. COLLECTION
3.2.1. General
Skadra collects personal data only when justified. Furthermore, collection is limited to the information necessary to achieve the intended purpose.
Please note that Skadra’s services are not intended for minors, and Skadra does not intentionally collect personal data from minors unless it obtains the consent of a parent or legal guardian.
3.2.2. Website
Personal information will be collected through the interaction between you and our web site. We will also use forms, cookies and/or logs to collect information about you.
In particular, personal information may be collected through contact forms on our site. Filling in these forms and sending them to Skadra constitutes in these cases explicit consent to the collection of the data entered.
3.2.3. THIRD-PARTY DATA COLLECTION
Skadra may collect personal data from third parties, unless otherwise provided by law, after obtaining the consent of the person concerned where necessary. If the data is not collected directly from the individual, the latter may request the source of the collection from Skadra.
In certain specific situations, Skadra may collect personal data from third parties without the consent of the person concerned, subject to strict conditions, in particular when it is in the interest of the person and direct collection is not possible in a timely manner, or when it is necessary to ensure the accuracy of the data.
3.3. PRESERVATION AND USE
Skadra ensures that the personal data it holds is up-to-date and accurate at the time it is used to make decisions about the individuals concerned.
Skadra’s use of personal data is limited to the purposes indicated in this policy or to the purposes specified at the time of collection. Any change of use requires a new consent from the person concerned, especially for sensitive personal data. However, in certain situations provided for by law, Skadra may use data for secondary purposes without the individual’s consent. Here are a few examples:
- when such use is clearly to the benefit of the individual concerned;
- when necessary to prevent or detect fraud;
- when necessary to evaluate or improve protection and security measures.
3.4. LIMITED ACCESS
By controlling access to files containing personal documents, Skadra implements measures to limit access to personal information only to those employees and individuals within its organization who have the authority to access the information and for whom the information is necessary for the performance of their duties. Skadra will seek the consent of the individual before granting access to any other person.
3.5. COMMUNICATION
Unless otherwise stated in the policy or provided for by law, Skadra obtains the consent of the data subject before disclosing his/her personal data to third parties. Furthermore, in the case of sensitive personal data, explicit consent is required for disclosure.
However, it may be necessary to disclose personal data to third parties in certain situations, in particular when it is in the interest of the individual, to prevent or detect fraud, or to evaluate or improve protection and security measures. In addition, the disclosure of personal information to third parties may be required, including, but not limited to, in the following cases:
Skadra may disclose personal information, without the consent of the individual concerned, to a public institution (such as the government) which, through one of its representatives, collects it in the exercise of its powers or the implementation of a program under its management.
Personal information may be transmitted to service providers to whom it is necessary to communicate the information, without the consent of the individual, for example, to service providers.
