top of page
Privacy Policy
Effective date: [01-11-2023].
Date of last update: [05-04-2024]
1. General Information
a) Introduction
Purpose of this Policy. The protection of privacy is important to Casgrain & Compagnie Limitée (hereinafter the "Company", "We", "Us", "Our"). For this reason, We have implemented safeguards and practices for the sound management of Your Personal Information following the applicable laws of Quebec and Canada.
Supplement to Terms and Conditions. This privacy policy (the "Policy"), which should be read in conjunction with Our Terms and Conditions, describes Our practices concerning the collection, use, processing, disclosure, retention, and destruction of Personal Information of persons benefiting from Our Services, visitors to this Website and its users (hereinafter "You", "Your").
Consent. By using Our website https://www.casgrain.ca/ (the "Website") or any of Our Services, You agree that We may collect, use, disclose, communicate, disclose, and retain (hereinafter "Process" or "Processing") Your Personal Information in accordance with the terms described herein. If You do not agree to abide by and be bound by this Policy, You may not visit, access, or use Our Website or Services, or share Your Personal Information with Us.
Policy limitations. This Policy does not apply to Personal Information of the Company's employees, representatives and consultants, or any other person affiliated with the Company, or to any information that does not constitute Personal Information as defined by applicable laws in Quebec and Canada.
b) Data Protection Officer
Contact details of the Data Protection Officer. All comments, questions, and complaints regarding the Company's Privacy Policy and practices may be addressed to Our Data Protection Officer at the following:
Phone number: 514-397-2302
Email: rprp@casgrain.ca
Address: 1200 McGill College Avenue, 21e floor, Montreal, Quebec H3B 4G7
2. Definitions
Definitions of certain notions and expressions. The following notions and expressions, when they appear with a capitalized first letter in the Policy, have the meaning attributed to them hereinafter, unless otherwise implied or explicit in the text:
"Company", "We", "Us", "Our": Casgrain & Company Limited.
"Service Provider" means any individual or entity that processes Personal Information on behalf of the Company. This includes third-party companies or individuals employed by the Company to facilitate the Services, to provide the Services on behalf of the Company, to perform services related to the Services, or to assist the Company in analyzing the use of the Services.
"Cookie Banner": pop-up window requesting Your consent to certain collection of Your Personal Information on the Website.
"Personal information" means any information that relates to a natural person and allows that person to be identified, i.e., that directly or indirectly reveals something about the identity, characteristics (e.g., abilities, preferences, psychological tendencies, predispositions, mental abilities, character and behavior of the person concerned) or activities of that person, regardless of the nature of the medium or the form in which the information is accessible (written, graphic, sound, visual, computerized or other).
"Data Protection Officer" (hereinafter "DPO"): the person in charge of applying this Policy, whose contact information is identified in section 1b) Data Protection Officer of this Policy.
"Services": Services refers to the Website applications, Our pages on social networks and any programs and services rendered to You therein.
"Website" means this website: https://www.casgrain.ca/.
"Cookies": Cookies are text files that are installed on Your computer or mobile device. These cookies may contain information about Your search history, the web pages You visit and Your web browser.
"Process", "Treatment": This term covers all operations that may affect or concern personal information, including collection, use, storage, destruction, communication, or transmission.
"You", "Your", "Yours": The persons benefiting from Our Services, the visitors to the Website, and all users
having recourse to the Company's Services.
3. Personal Data Processing
3.1 Collection of Personal Information
3.1.1 Collection methods
Various means. We collect Your Personal Information through Our Website or other technological means in a variety of ways:
• Automatically. When You connect to Our Website, the device You use to connect will communicate Personal Information to Us;
• Communicated e-mails. By e-mails that You communicate to Us using one of the e-mail addresses available on Our Website;
• Cookies. Cookies include those identified in Our Cookie Policy;
• Partners. By third parties who collect Your Personal Information for Us as identified in section 3.4.2 - Disclosure of Personal Information of this Policy.
Profiling and Identification. Our Website uses a cookie to profile Your activities on Our Website and to identify unique visitors. This cookie is used for the purposes stated in our Privacy Policy. Access, Disclosure, and Transfer of Personal Information Cookie Policy. We disable these functions by default. You can activate them via the Cookie Banner.
3.1.2 Personal information collected
Categories of information collected. In the course of Our activities, We may collect and process various types of Personal Information, including the information listed below:
• identifying information, including Your last name, first name, and e-mail address;
• technical or numerical information, including connection information and other information about Your activities on the Website, such as Your IP address, the pages You consulted, the time and date of Your visits, Your number of connections, Your domain name, the address of the referring site (if You access the Website from another site), the type of browser You use, the operating system of Your device and other hardware and software information;
• information that You choose to provide or transmit to Us, for example, when You communicate with one of Our employees or representatives.
Limiting processing to necessary and legitimate purposes. In each case, Personal Information is processed in accordance with the legitimate and necessary purposes listed in section 3.3 - Use of Personal Data below.
3.2 Refuse optional collection
Withdrawing consent. Unless the Law or Your contractual obligations provide otherwise, You may refuse or withdraw Your consent to certain specific uses or disclosures of Your Personal Information:
• by selecting "decline" in the Cookie Banner; or
• by sending a request to Our DPO at the coordinates identified in section 1b) of this policy.
3.3 Use of Personal Information
Purposes of Personal Information. We may use Your Personal Information for the purposes described below:
- operate, maintain, supervise, develop, improve, and offer the functionalities of Our Website;
- Introduce you to our services;
- apply for a job;
- perform Our contractual obligations to You;
- develop, improve, and offer new Services;
- answer Your questions and provide You with assistance if needed;
- detect and prevent fraud, errors, spam, abuse, security incidents, and other harmful activities; or
- for any other purpose imposed or permitted by applicable law.
3.4 Access, disclosure, and transfer of Personal Information
Access and Disclosure. We may transfer, disclose or provide access to Your Personal Information to Our employees and Service Providers who need to know that information in order to operate Our Website, perform Our Services, conduct Our business or serve You.
3.4.1 Access to Personal Information within the Company
Limiting access to Personal Information. Your Personal Information is only accessible to Our directors, employees, or representatives who require access to Your Personal Information in order to perform their duties. As such, Your Information may be accessible to :
- Our DPO; and
- Our IT services ("Information Technology").
3.4.2 Disclosure of Personal Information
Safeguards for disclosure to third parties. We will only disclose Your Personal Information to Our Service Providers if they have previously agreed in writing to maintain the confidentiality of Your Personal Information in accordance with applicable laws and Our Information Governance Program through the implementation of various safeguards and information governance measures. These measures are proportionate to the sensitivity of the Personal Information processed or communicated. Without limitation, Our Service Providers may only use Your Personal Information in a confidential manner in accordance with Our instructions and only for the purposes for which it was provided. Furthermore, We only provide Our Service Providers with the Personal Information that is necessary for the performance of their mandate or contract, and We require such Service Providers to destroy the Personal Information in an appropriate manner upon termination of the contract or as soon as its use is no longer necessary.
Our Service Providers. Although We try to avoid sharing Your Personal Information with third parties, We may use Service Providers to perform various services on Our behalf, such as IT management and security, marketing, and data analysis, hosting, and storage. We have defined below certain cases in which such sharing may take place:
- We use the services of the LinkedIn social network to converse with You and with candidates or prospects for recruitment purposes. For more information, please consult LinkedIn's privacy policy;
- We use Indeed's services to converse with You and with candidates or prospects for recruitment purposes. For more information, please consult Indeed's privacy policy;
- We use Microsoft services (Outlook and the Microsoft Office suite) to store Our documents and e-mails. For more information, see Microsoft's privacy policy;
All categories of Personal Information identified in section 3.1 - Collection of Personal Information may be communicated or stored through this service.
- We use the services of Wix to host Our Website;
All categories of Personal Information identified in section 3.1 - Collection of Personal Information may be communicated or stored through this service.
- We use Metatracer on Our digital systems to facilitate the detection and management of Your Personal Information and that of Our employees, all to ensure Our compliance with privacy laws.
Metatracer collects, as Personal Information, only identifying information.
3.4.3 Communication outside Quebec
Disclosure of Personal Information Outside Quebec. We may communicate Your Personal Information outside of Quebec or mandate an entity located outside of Quebec to collect, use, or retain Your Personal Information on Our behalf.
Safeguards when communicating outside Quebec. Before disclosing Your Personal Information to third
parties outside Quebec, We conduct a privacy impact assessment to evaluate the risks that may affect the security of Your Personal Information. This assessment also identifies appropriate security measures to reduce or eliminate these risks. The communication will then be subject to a written agreement binding these third parties to respect such measures.
3.4.4 Compliance with legislation, responding to legal requests, preventing harm, and protecting Our rights
Specific disclosures of Your Personal Information. We may disclose Your Personal Information when We believe such disclosure is authorized, necessary, or appropriate, including:
- to respond to requests from public and governmental authorities, including public and governmental authorities outside Your country of residence;
- to protect our business ;
- to comply with legal proceedings;
- to protect Our rights, the privacy of Our employees, officers, and directors, Our security, and Our property;
- to protect Your privacy and Your rights, or the privacy and rights of third parties;
- to enable Us to pursue available remedies or limit the damages We may suffer; and
- when it is compliant or mandatory according to applicable laws, including laws outside Your country of residence.
3.4.5 Commercial transaction
Possibility of commercial transactions. We may share, transfer or communicate, in strict compliance with this Policy and the provisions of the Act respecting the protection of personal information in the private sector, RLRQ c P-39.1 (the "Private Sector Act"), and the Act to modernize legislative provisions respecting the protection of personal information, LQ 2021, c 25 (the "Act 25", assented to on September 22, 2021), Your Personal Information in the event of a sale, transfer or assignment, in whole or in part, of the Organization or Our assets (for example, as a result of a merger, consolidation, change of control, reorganization, bankruptcy, liquidation or any other business transaction, including in connection with the negotiation of such transactions). In such a case, We will inform You before Your Personal Information is transferred and is governed by another privacy policy.
3.5 Consent
Consent for Collection, Use, or Disclosure of Personal Information. Unless otherwise required by law, the Company obtains Your consent to the collection, use, and disclosure of its Personal Information. However, if You provide Us with Personal Information about other persons, You must ensure that You have duly notified them that You are providing Us with their information in addition to obtaining their consent to such disclosure.
Consent requirements. We will seek Your manifest, free, informed, and purposeful consent before using or disclosing Your Personal Information for purposes other than those set out herein. We will also seek Your express consent whenever sensitive Personal Information is involved in any of the Company's processing activities. We will ask for Your consent for each specific purpose in clear and simple terms, separate from any other information provided to You.
BY USING OUR WEBSITES, TRANSMITTING YOUR PERSONAL INFORMATION BY E-MAIL, OR USING AN ONLINE FORM, YOU CONSENT TO THIS PRIVACY POLICY AND THE COLLECTION AND PROCESSING OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THE PRIVACY POLICY.
Refusal to use the Website. If You do not consent, please stop using the Websites. Except where otherwise provided by law, You may withdraw Your consent at any time upon reasonable notice. Please note that if You choose to withdraw Your consent to the collection, use, or disclosure of Your Personal Information, certain features of Our Website may no longer be available to You or We may no longer be able to offer You some of Our services.
3.6 Retention of Personal Information
Retention of Personal Information. Subject to applicable laws, We retain Your Personal Information only for as long as is necessary to fulfill the purposes for which it was collected, unless You consent to Your Personal Information being used or processed for another purpose.
Additional information. To obtain more information about the periods during which Your Personal Information is kept, please contact Our DPO using the contact details provided in article 1b) - Data Protection Officer of this Policy.
4. Your rights
List of rights. As a data subject, You may exercise the rights set out below by contacting Our Privacy Officer in writing at the address provided in Article 1b) - Data Protection Officer of the Policy. Please note that We may ask You to verify Your identity before responding to any of these requests.
- You have the right to be informed of the Personal Information We hold about You, its use, disclosure, retention, and destruction, subject to exceptions provided by applicable law;
- You have the right to access Your Personal Information, to request a copy of the documents containing Your Personal Information, subject to the exceptions provided by applicable law, and to obtain, if applicable, additional details on how We use, communicate, store and destroy it by communicating a written request to Our Privacy Officer at the coordinates identified in section 1b) - Data Protection Officer for this Policy;
- You have the right to have the Personal Information We hold about You rectified, amended, and updated if it is incomplete, equivocal, out of date, or inaccurate by sending a written request to Our Privacy Officer at the contact information identified in section 1b) - Privacy Officer for this Policy ;
- You have the right to withdraw or modify Your consent to the collection, use, and communication of certain of Your Personal Information collected (as identified in section 3.1 - Collection of Personal Information of this Policy) at any time, subject to applicable legal and contractual restrictions;
- You have the right to ask Us to stop disseminating Your Personal Information and to de-index any link attached to Your name which gives access to this information if such dissemination contravenes the law or court order;
- You have the right to request that Your Personal Information be communicated to You or transferred to another organization in a structured and commonly used technological format;
- The right to be informed of any privacy incident concerning Your Personal Information that could cause You serious harm. To this end, we maintain a register of all privacy incidents and assess the harm they may cause; and
- You have the right to file a complaint with the Commission d'accès à l'information, subject to the conditions set out in the applicable law.
5. Questions and complaints
Complaint Process. You may address any complaints regarding Our practices and policies for the protection of Your Personal Information by contacting Our Privacy Officer using the contact information identified in section 1b) - Data Protection Officer.
Questions. You may also contact Our Privacy Officer with any questions regarding this Privacy Policy using the contact information identified in section 1b) - Data Protection Officer.
Necessity to Identify You. To process Your request, You may be asked to provide an appropriate identification document or to identify Yourself in some other way.
6. Cookies and similar technologies
Use of cookies. Cookies are small text files that are stored on Your device or browser. They make it possible to collect certain information when You visit the Website, including Your preferred language, the type and version of Your browser, the type of device You are using and Your device's unique identifier. While some cookies are deleted after Your browser session ends, other cookies are retained on Your device or browser to enable Your browser to be recognized the next time You visit the Website. We use cookies and other similar collection technologies such as Pixels (collectively "Cookies") to help Us operate, protect and optimize the Website and the Services We offer.
Certain uses of cookies. While some of the Cookies We use are deleted after Your browser session ends, other Cookies are retained on Your device or browser to enable Us to recognize Your browser the next time You visit the Website. In particular, they enable Us to guarantee the operation of the Website, to improve the user's browsing experience and to provide certain data that enables Us to better understand the traffic and interactions that take place on Our Website, as well as to detect certain types of fraud. Cookies do not damage Your device and cannot be used to retrieve Your Personal Information.
Possible browser settings. You can set Your browser to notify You when Cookies are set on Your visit to the Website, so that You can decide in each case whether to accept or reject the use of some or all Cookies. Please note that disabling Cookies on Your browser may adversely affect Your browsing experience on the Website and prevent You from using some of its features.
Cookie policies. To learn more about how We use Cookies, You may consult Our "Cookie Policy".
7. Safety measures
Objectives of Our Security Measures. We have implemented physical, technological, and organizational security measures to adequately protect the confidentiality and security of Your Personal Information against loss, theft, or any unauthorized access, infringement, disclosure, reproduction, communication, use, or modification. These measures include :
• Administrative measures. On the administrative front, the adoption of a series of measures, policies and procedures as part of the implementation of our Information Governance program, including :
- govern the access, disclosure, retention, de-identification, destruction or anonymization of Personal Information;
- determine the roles and responsibilities of Our employees throughout the life cycle of Personal Information and documents;
- establish procedures for intervention and response in the event of a confidentiality incident;
- govern the process for requests and complaints relating to the protection and handling of Personal Information.
• Technical measures. On a technical level, the use of several means such as :
- the use of a secure server and Secure Socket Layer (SSL) technology;
- limitation of access privileges to Personal Information in accordance with section 3.4.1 - Access to Personal Information within the Company and
- use of a firewall system.
Incomplete list of measures. Given the public nature of this Policy, we have not provided an exhaustive list of the measures we are implementing.
Impossibility of guaranteeing a complete absence of risk. Despite the measures described above, We cannot guarantee the absolute security of Your Personal Information. If You have reason to believe that Your Personal Information is no longer secure, please contact Our Privacy Officer immediately using the contact details set out in section 1b) - Data Protection Officer above.
8. Changes to this Privacy Policy
Right to change this Policy. We reserve the right to modify this Policy at any time in accordance with applicable law. In the event of a change, We will post the revised version of the Privacy Policy and update the update date in the footer of the Privacy Policy. We will notify You reasonably before the effective date of the new version of Our Policy. If You do not agree to the new terms of the Privacy Policy, please do not continue to use Our Website and Services. If You continue to use Our Web Site or Services after the new version of Our Policy becomes effective, Your use of Our Web Site and Services will be governed by the new version of the Policy.
9. Links to third-party websites
Responsibility for Third Party Websites. From time to time, We may include on Our Website references or links to websites, products, or services provided by third parties ("Third Party Services"). These Third-Party Services, which are not operated or controlled by the Company, are governed by privacy policies entirely separate from and independent of ours. We therefore assume no responsibility for the content and activities of these sites. This Policy applies only to the Website and the Services we offer.
10. Individuals under 14 years of age
Consent of minors under the age of 14. We do not knowingly collect or use Personal Information from persons under the age of 14. If You are under the age of 14, You must not provide Us with Your Personal Information without the consent of Your parent or guardian. If You are a parent or guardian and You become aware that Your child has provided Us with Personal Information without consent, please contact Us using the contact details set out in section 1b) above to request that We delete that child's Personal Information from Our systems.
11. Applicable laws
Laws of Quebec and Canada. The laws of Canada and Quebec, excluding its conflict of law rules, will govern this agreement and Your use of the Website. Your use of the Website may also be subject to other local, provincial, national, or international laws
bottom of page