Privacy and Personal Data Protection Policy
PREAMBLE
DS@HR Inc. is committed to protecting the privacy of its shareholders, employees, and customers and to ensuring the confidentiality of the personal information entrusted to it in the scope of its activities, all in compliance with the Act respecting the protection of personal information in the private sector (the “Act”).
PURPOSE
This Privacy and Personal Data Protection Policy outlines the guidelines for collecting, using, disclosing, and retaining personal information obtained in the scope of DS@HR Inc. activities. The policy also details how DS@HR Inc. safeguards the acquired personal information and provides the right of access to such information.
SCOPE OF APPLICATION
This Privacy and Personal Data Protection Policy applies to all DS@HR Inc. employees and its local representatives.
PERSONAL DATA
Personal data is defined as any information or combination of information relating to a natural person allowing for his or her identification, such as name, address, telephone number or e-mail address and billing information held by DS@HR Inc. in the scope of its activities. This list is not exhaustive. Personal information must be protected, regardless of the medium in which it is stored and its format, whether written, graphical, auditory, visual, electronic, or otherwise.
DATA COLLECTION
DS@HR Inc. needs to collect information about its shareholders, employees, and customers to provide high quality services or in the scope of the duties performed at DS@HR Inc. The nature and sensitivity of the information collected may vary depending on the services provided by or to DS@HR Inc. and the legal requirements with which DS@HR Inc. must comply. The purpose for which a file requiring personal information is created is determined before or at the time of collection, for example, at the time of a subscription, telephone assistance, software purchase request, or any other service offered by DS@HR Inc. Information is generally collected to facilitate software sales, open technical service tickets, confirm a person’s identity, transmit service invoices, and communicate information concerning DS@HR Inc. and its products.
No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties
CONSENT, COLLECTION AND USE
DS@HR Inc. informs individuals concerned that it collects information about them, specifies the purposes of the collection, and explains how the information will be used. Consent must be given by the individual concerned or by a duly authorized person. DS@HR Inc. collects personal information directly from the individuals concerned, unless it has obtained consent to collect such information from third parties or as authorized by law. Consent may be withdrawn at any time, subject to legal or contractual restrictions.
LIMITS ON COLLECTION, USE AND DISCLOSURE
DS@HR Inc. collects personal information only for the purposes of its activities, primarily outlined in the “DATA COLLECTION” section. Furthermore, this personal information is accessible only to authorized persons who need it in the performance of their duties.
DS@HR Inc. may not disclose personal information to anyone without prior consent, except as provided by law. For example, DS@HR Inc. may communicate personal information contained in a file it holds without the consent of the person concerned, notably to the Director of Criminal and Penal Prosecutions, if the information is required for prosecuting an offence under a law applicable in Quebec.
RETENTION AND DESTRUCTION
DS@HR Inc. retains personal information only as long as necessary for its intended purpose in accordance with legislative restrictions. After, DS@HR Inc. shall destroy such information in accordance with the Act. During the destruction process, all necessary measures are taken to ensure confidentiality and prevent unauthorized access.
NOMINATIVE LISTS
DS@HR Inc. does not sell the personal information entrusted to it during its activities.
ACCURACY
DS@HR Inc. makes every effort to ensure the accuracy and completeness of the personal information it holds as necessary for the purposes for which it is collected, used, or disclosed.
RESPONSIBILITY
DS@HR Inc. is responsible for personal information in its possession, including information entrusted to third parties. DS@HR Inc. takes reasonable measures to educate and train its employees and local representatives on its policies and procedures designed to protect personal information.
SECURITY MEASURES
Security measures are in place to protect personal information against loss or theft, and unauthorized access, disclosure, copying, use, or modification. These security measures include organizational actions such as restricting access to necessary information, physical precautions, and technological measures, among others the use of passwords (frequently updating passwords and using firewalls, etc.).
INFORMATION ACCESS AND CORRECTION REQUEST
To obtain access to or correct personal information, the request must be sent in writing along with proof of identity to the person in charge of personal information protection at the address below.
The requester may be the individual to whom the personal information in question refers, his or her legal representative, parent, guardian, life insurance or death benefit beneficiary, heir, or the person in charge of liquidating his or her estate.
The person in charge of protecting personal information must respond in writing to such a request within 30 days of receipt.
In charge of personal data protection:
Patrice Brunette
DS@HR Inc.
800 avenue Sainte-Anne
Suite 400 Saint-Hyacinthe (Québec) J2S 5G7
confidentialite@dsahr.ca
CONCERNS AND COMPLAINTS
DS@HR Inc. employees and representatives are available to respond to questions and concerns regarding the protection of personal information, and any individual may inquire by contacting the person in charge of protecting personal information at 579-225-0422 or by e-mail at confidentialite@dsahr.ca. All complaints concerning the protection of personal information must be directed to the person in charge of the protection of personal information at the email address mentioned above.
REVISIONS
DS@HR Inc. management owns this policy and must review it at least every three years
|
DOCUMENT HISTORY Version |
Adoption date | Description | Name and position |
| 1.0 | 2023-09-14 | New policy |
Patrice Brunette, IT Director and Data Protection Officer |
| 2.0 | 2024-04-14 | Privacy and personal data protection policy |
Patrice Brunette, IT Director and Data Protection Officer |
| 3.0 | 2025-06-13 | Privacy and personal data protection policy |
Patrice Brunette, IT Director and Data Protection Officer |