PRIVACY POLICY

PLANISO^®

PRIVACY POLICY AND PERSONAL INFORMATION PROTECTION

PLANISO^® places great importance on protecting the personal information of its clients, employees, and representatives. In accordance with the Personal Information Protection Act in the private sector, we are committed to maintaining the confidentiality of personal information collected in the course of our activities. Our privacy policy is intended to inform you about our practices regarding the collection, use, disclosure, retention, and protection of your personal information. By providing us with your personal information, you agree to the terms of this policy and authorize us to process your information in accordance with it.

1. Consent

1.1 Commitment to Privacy Protection
We are committed to protecting the privacy of our users. We collect and use personal information from client organizations only with their explicit consent and in compliance with applicable laws.
1.2 Acceptance of Our Policy Terms
By accessing our website (insert website address) or providing us with personal information, you agree to the terms of our privacy policy. This includes your consent to the collection and use of your personal information in accordance with this policy.
1.3 Right to Withdraw Consent
The client organization has the right to withdraw its consent at any time. However, this is subject to certain legal or contractual restrictions. We will inform you of the possible consequences of such withdrawal, such as the inability to process certain requests. Your decision to withdraw will be recorded in our files.
1.4 Exceptions to the Need for Consent
In certain exceptional circumstances, we may collect, use, or disclose personal information without obtaining prior consent. This may occur in situations where legal, medical, or security imperatives make obtaining your consent impossible or impractical. Such situations include, but are not limited to, cases of suspected breach of contract, fraud prevention or detection, or law enforcement needs.

2. Collection of Personal Information

PLANISO^® does not collect any personal information without the consent of the client organization. The information found in the client organization’s environment is that which has been provided by its members.
2.1 We collect personal information through various means, such as :

• Emails and communications with our customer service;
• Online application forms (including appointments);
• Mobile application provided to our clients;
• Cookies and similar technologies on our website;
• Import list provided by the client organization.

2.2 We may also collect information through third parties, such as :

• A technology service provider like an ordering platform or a newsletter service;
• A recruitment portal that allows candidates to submit their resumes and personal data;
• Professional social networks like LinkedIn for recruitment or marketing purposes;
• A consultant providing part of the services we offer to our clients;
• An agency responsible for handling questions or processing complaints from our clients;
• A customer satisfaction survey company collecting feedback on our products or services;
• An online payment service provider for processing financial transactions;
• A cloud computing company storing client data;
• A digital marketing company analyzing user behavior on our website;
• An IT security service provider monitoring threats and protecting data;
• A customer relationship management (CRM) company assisting in organizing and analyzing customer interactions;
• A logistics provider managing product delivery and collecting information about recipients.

2.3 We may use advanced technologies to collect personal information, including to identify, locate, or profile our clients (e.g., to create consumer profiles). However, we aim to protect the privacy of our clients :

• Responsible use of technology : We use these technologies solely to enhance our services and better understand the needs of our clients;
• Function activation : By default, these functions are disabled to protect data privacy. Our clients always have the choice to enable or disable these features based on their preferences.

3. Types of Personal Information Collected

3.1 We collect various types of data, including but not limited to :

• Personal identifiers (name, postal address, email, phone number);
• Technical or digital information (IP address, online activities);
• Financial information (payment details)

3.2 Children’s Privacy
We do not knowingly collect or solicit personal information from children under 14 years of age. By using our website, you represent that you are at least 14 years old. If you are under 14, please do not attempt to send us any personal information. If we learn that we have inadvertently collected personal information from a user under 14, we will take steps to delete that information from our files and records. We also encourage users under the age of 14 to ask their parents or guardians for permission before sending any information about themselves over the Internet.
If you believe that a child under 14 has provided us with personal information, please contact us using the details provided in the following section.

4. Use of Personal Information

4.1 We use your personal information for a range of essential activities :

• Response to requests : To efficiently respond to your requests and inquiries;
• Transaction management : Processing payments and issuing receipts for completed transactions;
• Registrations and participation : Managing your registrations for events, training, newsletters, downloads from our website, or participation in webinars;
• Human resources management : For internal management and administration of human resources, recruitment, employment contracts, and service agreements;
• Enhancing user experience : Operating, maintaining, and improving our website, personalizing your online experience, and providing requested services and information;
• Marketing communication : Sending information, special offers, and relevant updates, with the option to unsubscribe at any time;
• Account management : Managing your user account to access various features of our site.

4.2 We offer various options to allow you to limit the collection of your personal information. These options include :

• Communication preferences : You can choose to receive our communications via different means (phone, SMS, email), or opt out completely;
• Account settings : When creating an account on our site, you have the option to not participate in certain services or loyalty programs;
• Cookie management : Our site allows you to refuse or customize the use of cookies. Please note that blocking certain cookies may affect the accessibility and functionality of our site;
• Granular consent : In most cases, when we collect information for specific purposes, you have the option to consent only to certain uses of your data.

It is important to note that some of these options may limit your access to all features of our service. For example, refusing certain cookies may cause some parts of our website to not function as intended, or choosing not to create an account may make certain customization features unavailable.

5.1 The personal information collected by our organization is accessible to specific categories of our staff and certain partner organizations, in order to provide our products and services effectively. For example :

• Customer service : Accesses contact information to respond to requests;
• IT department : Accesses technical data for support and maintenance;
• Marketing department : Uses data for advertising campaigns and market research;
• Delivery partners : Receive addresses for order delivery;
• Payment service providers : Access financial information for transaction processing;
• Personal and data security officers : Access information to ensure data security and protection against unauthorized access or cyberattacks;
• Legal consultants : Use data to ensure compliance with laws and regulations;
• Cloud service providers : Host data on secure servers, enabling data storage and retrieval;
• Research and development partners : Access certain data to collaborate on new innovations or improvements to products/services;
• Collection agencies : In cases of non-payment, some information may be shared with external collection agencies.

We ensure that this information is used solely for the stated purposes and in accordance with confidentiality. Data transfers outside Québec are conducted as part of international collaborations, while ensuring adequate protection of information in accordance with applicable laws.

6. Links to Other Websites

6.1 Our website may contain links to third-party websites
When you follow these links, you leave our website. The information exchanged at that time is no longer subject to our privacy policy. We recommend that you review the privacy statements of other websites you visit before providing any information.

7. Security of Personal Information

7.1 Security Measures for Protecting Personal Information
To ensure the security and confidentiality of personal information, PLANISO^® adopts rigorous security measures, including both physical and technological aspects. Here are some concrete examples :

• Physical security : Use of electronic locking systems and security locks for access to offices, cabinets, and file folders, installation of surveillance cameras, and restriction of access to areas where personal data is stored;
• Access controls : Limiting access to personal data to authorized employees only;
• Staff training : Regular awareness of staff on best data security practices;
• Data encryption : Protecting sensitive data using advanced encryption techniques;
• Intrusion detection and monitoring : Implementing systems to monitor for suspicious activity and detect potential intrusions;
• Disaster recovery plans : Developing plans to quickly restore data in the event of an incident such as a failure or cyberattack.

7.2 Commitment of Staff and the Board of Directors
Every employee, administrator, volunteer, independent contractor, or ad hoc advisor working within our board committees commits to respecting the personal information we collect. Additionally, these individuals commit to maintaining the confidentiality of information related to our activities and not to disclose or use it for personal gain or the benefit of others. This commitment exists from the moment an employee, director, volunteer, independent contractor, or ad hoc advisor starts and continues indefinitely.

8. Retention and Destruction of Personal Information

We will retain your personal data only for the period necessary for the purposes outlined in this privacy policy. We will retain and use it as long as necessary to meet our legal obligations, resolve disputes, and enforce our legal policies.
We will also retain usage data for internal analysis purposes. This data is typically retained for a shorter period unless used to enhance security or improve the functionality of our website, or if we are legally required to keep it for a longer period.

9. Your Rights

9.1 Recognition and Respect for Your Rights
As part of our privacy policy, we recognize and respect the fundamental rights of individuals concerning the personal information we hold. These rights include :

• Right of access : Individuals have the right to review the personal information we hold about them. For example, a customer can request to see the data collected during their registration for our service;
• Right to rectification : If information is inaccurate or incomplete, individuals can request its update. For example, an employee can request correction of an incorrect postal address in our records;
• Right to de-indexing : Individuals can request that their personal information be removed from publication or that any hyperlink associated with their name be de-indexed if such publication causes harm or violates the law or a court order. This right to erasure or forgetting allows individuals to control the availability of their personal information online;
• Right to file a complaint : In case of concerns regarding the processing of their data, individuals can file a complaint in accordance with our established process.

Subject to applicable laws, upon receipt of a written request from an individual and after verifying their identity, we will inform the individual if we hold personal information about them and provide that information.
We may refuse access to personal information in accordance with applicable laws, in which case we will provide a reason for the refusal.

10. Policy Changes

This policy may be updated without notice to reflect changes in our practices or legal requirements. Changes will be posted on our website. We encourage you to review this privacy policy regularly to stay informed of any changes.

11. Contact

Any requests or questions regarding this privacy policy can be sent to the personal information protection officer at the following address :

• By email : normand.gagnon@planiso.com;
• By mail : 393 Racine Street East, Suite 200, Chicoutimi, Quebec, G7H 1T2, 418-549-1939.

Effective date of the policy :

September 14, 2023
Last updated :
May 29, 2024