Privacy Policy

Privacy Policy – Géniarp Inc.

Effective Date: September 2024
Responsible: Isabelle Tremblay, Privacy Officer
Contact: 4650 boulevard de l’Auvergne, Québec, QC G3K 2T6 | 418-847-3333 #223

 

Preamble

Géniarp Inc. respects your privacy and is committed to protecting the personal information entrusted to us, in accordance with Quebec’s Law 25. This policy describes how we collect, use, protect, and destroy such information. It applies to our employees, clients, suppliers, and any other individuals concerned by our activities.

 

1. Purpose of the Policy

The purpose of this privacy policy is to inform users of our website www.geniarp.ca, our employees, partners, and clients about the personal information we collect, the reasons for its collection, and how it is used, protected, shared, and destroyed.

Géniarp Inc. commits to rigorously complying with Quebec’s Law 25 regarding personal information protection. This policy outlines the concrete measures in place to ensure confidentiality, security, and compliance for personal data under our responsibility.

 

2. Personal Information Collected

In the course of its activities, Géniarp Inc. collects the following information:
– Name, address, phone number, email
– Social Insurance Number (SIN), driver’s license (if required), banking details
– Photos taken on construction sites
– Professional information of clients
– Facebook profile (with consent, for addition to the company’s private group)

 

3. Consent and Records

Consent is obtained via a clear, written form specifying the purposes of data use. This form notably includes the publication of photos or addition to Géniarp’s private Facebook group. A register of all consents is maintained and kept up to date by the responsible person.

 

4. Privacy Officer

Isabelle Tremblay is designated as the Privacy Officer. She oversees internal practices, ensures compliance with Law 25, manages incidents, processes access, correction, and withdrawal requests, and maintains legal records.
Organization Chart of Access to Personal Information:
Privacy Officer

 

5. Use, Transmission, and Access to Personal Information

Data is used solely for the purposes for which it was collected, such as human resource management, internal communication, administrative operations, and internal publications (social media, newsletters). It may be shared with partners or service providers only under written confidentiality agreements. Concerned individuals may exercise their rights by writing to the responsible person (see contact details above).

 

6. Security and Technological Measures

Data is stored:
– On a secured internal server located at the main office (digital data)
– In a locked filing cabinet in the Privacy Officer’s office (paper data)
Locations are classified by sensitivity level (low, moderate, high). To ensure data security, Géniarp applies strict technical and organizational measures, including:

– Two-factor authentication
– Protected servers and complex passwords
– Firewalls, security software, and regular backup procedures
– Access controls limited to folders containing sensitive information
– Secure transmission procedures via protected platforms

Digital data is hosted exclusively on Géniarp’s internal network in a secured directory. Only three authorized persons responsible for data management have access to this directory. No other employees have access.

Access requires a password known only to authorized personnel, ensuring strong protection against unauthorized access.

Printed documents related to employees are kept in a secure filing cabinet in the Privacy Officer’s office. When absent, the office remains locked at all times to prevent unauthorized physical access.

 

7. Retention and Destruction of Information

Currently, Géniarp Inc. does not practice data anonymization but stays informed of legislative developments on this matter. Once specific regulations are issued, a formal procedure will be implemented.

Personal data is retained in active files for the duration of the employee’s employment with Géniarp Inc.

After an employee leaves the company, their data is archived securely in a separate file accessible only to authorized persons for five years. After this retention period, data is permanently and securely destroyed by shredding (paper documents) or complete deletion of digital files.

 

8. Management of Privacy Incidents

All incidents are documented in an up-to-date register. In case of serious risk of harm, affected individuals and the Commission d’accès à l’information (CAI) are notified without delay. Corrective measures are implemented promptly to resolve the situation and prevent recurrence.

The incident register is available in the Appendix of this policy.

 

9. Handling Complaints

Anyone can file a complaint related to the management of their personal information. A register is maintained, and each complaint is documented with a form containing: complainant’s name, date, nature of complaint, and measures taken.

The complaint register is available in the Appendix of this policy.

 

10. Privacy Impact Assessments (PIA)

Before implementing new systems, technological projects, or transfers outside Quebec involving personal information, a Privacy Impact Assessment (PIA) is conducted. A guide is being drafted and a register will be maintained.

 

11. Contracts and Commitments of Partners

All suppliers and partners with access to personal information must sign contracts including confidentiality clauses compliant with Law 25. These documents are regularly updated.

 

12. Training and Awareness

Each employee receives a privacy awareness session at hiring, including signing the consent form. This step explains individual responsibilities under Law 25 and Géniarp Inc.’s internal practices.

Annually, a formal meeting between management and the Privacy Officer is held to review practices, update the policy, and ensure compliance with Law 25.

Additionally, during the annual employee meeting, any legislative updates or changes regarding privacy protection are presented to all staff. These meetings aim to strengthen awareness, clarify individual responsibilities, and promote collective commitment to data confidentiality.

 

13. Accessibility of the Policy

This policy is publicly accessible on Géniarp Inc.’s website at: www.geniarp.ca/politique-de-confidentialite/. It is also provided to anyone who requests it.

 

14. Use of Cookies and Digital Tracking

When you visit our website, we may use cookies to analyze traffic and improve your experience. These files collect information such as browser type, operating system, pages visited, and duration of visits. This data does not personally identify you and can be disabled in your browser settings.

 

15. Policy Updates

This policy may be updated periodically to reflect changes in our practices or legal obligations. Any updates will be published on our website. We encourage you to review this policy regularly.

 

16. Handling Requests for Access, Correction, Withdrawal, and Deletion

Anyone can submit a written request to the Privacy Officer to access their personal information, correct it, withdraw consent, or request deletion.

Process:
– Submit the request in writing (email or mail) addressed to the Privacy Officer.
– The request must reliably identify the requester.
– An acknowledgment is sent within 10 days.
– Processing is completed within 30 days.
– A written response detailing measures taken is provided.

 

17. De-indexing of Personal Information

Upon written request, Géniarp Inc. commits to removing web pages or documents containing personal information from search engine results (de-indexing) when applicable.

Requests must be addressed to the Privacy Officer. Identity verification is required. A decision on de-indexing is communicated within 30 days. A register of requests is maintained.

This site uses cookies to ensure its proper functioning, improve performance, analyze use, personalize content and offers and then display targeted advertisements based on the information you have provided or that they have collected on social networks and other third-party sites. These cookies cannot be refused.

Read more

Your preferences regarding cookies on this website


FUNCTIONAL COOKIES (MANDATORY)

These “cookies” files are necessary for the optimal functioning of the site and cannot be deactivated. They enable the essential functions of the site (language used, configuration. Display, others) and secure our site against fraud attempts. Please note, these cookies do not store any personally identifiable information.

COOKIES TO PERSONALIZE YOUR EXPERIENCE

By accepting these “cookies” files, you are opting for an experience focused on your searches and interests. These “cookies” files allow us to provide you with recommendations for products, services and content that meet your expectations and preferences.

STATISTICAL ANALYSIS COOKIES

By accepting these cookies, you help us improve and facilitate your experience on the website. These “cookies” files are used to measure and analyze the audience that comes to our website in order to help us improve its performance and your user experience.

ADVERTISING AND SOCIAL MEDIA COOKIES

By accepting these cookie files, the advertising intended for you will be targeted according to your interests and your browsing history. These cookies are used for Customer Name advertisements displayed on third-party websites, including social media. These allow us to measure the effectiveness of our advertising campaigns and improve them.