Privacy Policy and Protection of Personal Information

We place the utmost importance on the confidentiality and security of the personal information we collect from our clients, partners, employees, candidates, and visitors. In accordance with Law 25, which modernizes the protection of personal information in Québec, we are committed to handling your information responsibly, transparently, and securely.  

1. Accountability and Data Governance

We have appointed a Privacy Officer, as required by Law 25, whose contact information is provided at the bottom of this page. This officer ensures compliance with legal obligations, manages requests related to individual rights, and oversees all security practices.  

2. Personal Information Collected

We collect only the information needed based on the nature of our interaction:

• Clients and partners: identification details, contact information, and data related to projects or services delivered.
• Candidates: resume, contact details, professional background, skills, and information relevant to the recruitment process.
• Website visitors: technical information such as IP address, browser configuration, pages viewed, and cookie preference settings.

 

3. Purposes of Using Personal Information

The information collected is used solely to:

• provide our services and ensure project follow‑up;
• review and respond to job applications;
• process requests submitted through our platforms;
• support internal management, continuous improvement, and service development;
• comply with legal obligations.

 

4. Consent

We obtain free, informed, and explicit consent whenever required. This includes collecting information for recruitment purposes and the use of non-essential cookies. You may withdraw your consent at any time.  

5. Disclosure of Personal Information

We never disclose your personal information to third parties without your authorization, except as permitted by law. When working with external service providers, they must comply with strict confidentiality agreements and protect data according to required security standards. We implement physical, administrative, and technological measures to protect your information from unauthorized access, loss, disclosure, or improper use.  

7. Retention and Destruction

We retain personal information only for the period necessary to fulfill the purposes for which it was collected. Once those purposes have been met, the information is securely destroyed or anonymized, in accordance with legal requirements.  

8. Your Rights

Under Law 25, you have the following rights:

• the right to access your personal information;
• the right to correct inaccurate or incomplete data;
• the right to withdraw your consent;
• the right to request the deletion of your information when its retention is no longer necessary;
• the right to data portability, in accordance with the law’s implementation schedule.

  You may exercise your rights at any time by contacting us.  

9. Management of Privacy Incidents

In the event of an incident involving personal information (e.g., unauthorized access, loss, theft, or leak), we immediately apply our internal response process, which includes:

• assessing the nature of the incident;
• implementing measures to limit potential impacts;
• notifying, when required, the Commission d’accès à l’information and affected individuals, in accordance with Law 25.

 

10. Updates to the Policy

This policy may be updated to reflect legislative, technological, or operational changes.  

11. Contact

For any questions or to exercise your rights, please contact our Privacy Officer: loi-25@groupemesar.com