Governance Policy and Management of Personal Information

Purpose of the Policy

This policy aims to establish a governance framework for the responsible and secure management of personal information collected, used, and retained by our organization. We are committed to complying with data protection standards and ensuring the confidentiality, integrity and availability of personal information in accordance with applicable laws and regulations.

Scope of the Policy

This policy applies to all staff, contractors and partners working for our organization, as well as any personal data collected from customers, employees, suppliers or anyone else connected with our business.

Use of cookies (“cookies”)
We use cookies to improve your browsing experience and to better understand how you use our website. Cookies are small files that are stored on your computer when you visit our website. They contain information such as the display language and certain browsing habits. This data is used for statistical purposes, as well as to activate certain features and facilitate your navigation. The information collected by cookies is confidential at all times. You can disable or block cookies by configuring your browser settings.

Links to other websites

Our website may from time to time offer hyperlinks to other sites. The information exchanged on these sites is not subject to this Privacy Policy, but to those of the external sites concerned, if any exist. If applicable, we invite you to consult them or before communicating your personal information.

Guiding principles

a. Consent: We will obtain informed and explicit consent from individuals before collecting, using or disclosing their personal information, except where otherwise permitted or required by law.
b. Data minimization: We will only collect personal information necessary for the specified purposes and will ensure not to retain it for longer than necessary in connection with the service provided.
c. Transparency: We will inform individuals of the purpose for collecting their personal information, its intended use, and the third parties to whom such information may be disclosed, in accordance with our privacy policies.
d. Security: We will implement appropriate security measures to protect personal information from unauthorized access, use, disclosure or destruction.
e. Access and rectification: We will allow individuals to access and correct their personal information if it is inaccurate or incomplete, in accordance with applicable law.
f. Accountability: We will be responsible for compliance with this policy and will designate a person responsible for data protection within the organization.

Collection and use of personal information

a. We will collect personal information in a legal, ethical and transparent manner, informing individuals of the purpose of the collection.
b. Personal information will only be used in connection with the organization’s legitimate business or service activities, unless explicit consent is obtained from individuals for further use.

Disclosure of personal information

a. Personal information will only be disclosed to staff members or third parties who need it to perform their functions or to comply with legal obligations.
b. We will ensure that third parties to whom we disclose personal information also comply with data protection laws and regulations.

Retention of Personal Information

a. Personal information will be retained for as long as necessary to fulfill the purposes for which it was collected or as required by law.
b. When it is no longer required, personal information will be securely destroyed or anonymized, unless it must be retained by law.

Training and Awareness

a. We will provide regular training to our staff on best practices for managing personal information and data protection.
b. We will raise awareness among our employees, contractors and partners of the risks associated with mismanagement of personal information and the importance of compliance with this policy.

Respect for the rights of individuals

a. We will respect the rights of individuals regarding their personal information, including the right to access, rectification, objection, withdrawal of consent and data portability, in accordance with applicable law.
b. We will provide clear mechanisms to enable individuals to exercise these rights.

Monitoring and Compliance

a. We will regularly carry out compliance assessments to verify whether this policy is being followed and whether security measures are adequate.
b. We will take immediate corrective action in the event of non-compliance.

Communication and revision of the Policy

a. We will communicate this policy to all relevant staff, contractors and partners.
b. We will review this policy regularly to ensure that it remains relevant and complies with applicable laws and regulations.

Contact details of the Personal Information Protection Officer

For any questions regarding the processing or updating of your personal information or to express any concerns in this regard, please contact us via the following email address: vieprivee@granby-industriel.com . The person responsible for the protection of personal information will contact you within thirty (30) days of receiving your email.

Modification of this policy

We may change the content of this Privacy Policy at any time. We therefore invite you to consult it regularly in order to remain informed of the way in which we process personal information.

This version was updated on October 11, 2023