Privacy Policy

1. Context

Paprima Industries Inc. is a for-profit legal entity that processes personal information in the course of its activities.

This policy aims to ensure the protection of personal information and to govern the way in which Paprima collects, uses, communicates, stores and destroys it or how it otherwise manages it. In addition, it aims to inform any interested person about the way in which Paprima processes their personal information. It also covers the processing of personal information collected by Paprima by technological means.

2. Application and Definitions

This policy applies to Paprima, including its managers, employees, consultants, volunteers, as well as any person who otherwise provides services on behalf of Paprima. It also applies to the Paprima website, as well as all websites controlled and maintained by Paprima.

For the purposes of this document, personal information is information which concerns a person and which allows, directly or indirectly, to identify them. For example, this could be a person’s name, address, email address, telephone number, gender or banking information, health information, ethnic origin, language , etc.

Sensitive personal information is information for which there is a high degree of reasonable expectation of privacy, e.g. ex. health information, banking information, biometric information, sexual orientation, ethnic origin, political opinions, religious or philosophical beliefs, etc.

Generally speaking, an individual’s professional or business contact information does not constitute personal information, for example an individual’s name, title, address, email address or work telephone number. More particularly and for the sake of precision, within the meaning of the Act respecting the protection of personal information in the private sector of Quebec, and as of September 22, 2023, sections 3 (collection, use, communication), 4 (conservation and destruction) and 6 (data security) do not apply to information about a person relating to the exercise of a function in a company, such as their name, title, function, as well as address, l email address and workplace telephone number.

These same paragraphs also do not apply to personal information that has a public nature under the law, as soon as this policy comes into force.

3. Collection, Use and Communication

As part of its activities, Paprima may collect personal information for different purposes. The types of personal information that Paprima may collect, their use (or the intended purpose) as well as the means by which the information is collected are indicated in Appendix A of this policy.

Paprima will also inform the persons concerned, at the time of collecting personal information, of any other information collected, the purposes for which it is collected and the means of collection, in addition to other information to be provided as required by law.

Paprima applies the following general principles regarding the collection, use and communication of personal information:

Consent

Personal information is provided by the employee via signed forms or simply sent by email, which constitutes implied consent. If Paprima were to collect information via third parties, Paprima will request consent from the person(s) concerned.

Collection

In all cases, Paprima only collects information if it has a valid reason to do so. Furthermore, the collection will only be limited to the necessary information needed to fulfill the intended purpose.

Possession and Use

Paprima ensures that the information it holds is up to date and accurate when it is used to make a decision relating to the person concerned.
Paprima may only use an individual’s personal information for the reasons stated herein or for any other reasons provided at the time of collection. As soon as Paprima wants to use this information for another reason or another purpose, new consent must be obtained from the person concerned, which must be obtained expressly if it concerns sensitive personal information. However, in certain cases provided for by law, Paprima may use the information for secondary purposes without the consent of the individual, e.g. ex. :

  • When this use is clearly for the benefit of that person;
  • When necessary to prevent or detect fraud;
  • When necessary to evaluate or improve protection and security measures.

Limited access. Paper documents containing personal information are stored in a locked file cabinet and in the possession of the person responsible for the protection of personal information. When it comes to former employees, the documents can be transferred to a locked room to which only the president and the person responsible for the protection of personal information have access. The digital documents are classified in a secure directory and access to which is limited to the person responsible for payroll, the Controller and the President. Except in exceptional circumstances, Paprima will request the person’s consent before granting access to any other person.

Communication

Generally, and unless otherwise indicated in this policy or otherwise provided for by law, Paprima will obtain the consent of the individual concerned before disclosing their personal information to a third party. In addition, when consent is necessary and when it concerns sensitive personal information, Paprima must obtain the explicit consent of the person before communicating the information.

However, the communication of personal information to third parties is sometimes necessary. Thus, personal information may be communicated to third parties without the consent of the person concerned in certain cases, in particular, but not exclusively, in the following cases:

  • Paprima may communicate personal information, without the consent of the person concerned, to a public body (such as the government) which, through one of its representatives, collects it in the exercise of its responsibilities or the implementation of a program which he manages.
  • Personal information may be transmitted to its service providers to whom it is necessary to communicate the information, without the consent of the person. For example, if we change group insurance provider or payroll provider. The supplier must have a policy on the management of personal information.

Communication outside Quebec: It is possible that personal information held by Paprima may be communicated outside Quebec, for example, when Paprima uses cloud service providers whose server(s) are located outside Quebec or when Paprima does business with subcontractors located outside the province.

Additional Information on the Technologies Used

Use of cookies. Cookies are data files transmitted to a website visitor’s computer by their Web browser when they visit that site and can serve several purposes.
The websites controlled by Paprima use cookies in particular:

  • To memorize visitor settings and preferences, for example for the choice of language and to allow monitoring of the current session.
  • For statistical purposes to know the behavior of visitors, the content consulted and to enable the improvement of the website.

The websites controlled by Paprima use the following types of cookies:

  • Session cookies: These are temporary cookies that are stored in memory for the duration of the website visit only.
  • Persistent cookies: They are kept on the computer until they expire and they will be retrieved the next time you visit the site.

Certain connection cookies may be disabled by default and visitors may choose to activate these functions or not, when consulting Paprima websites.
It is also possible to activate and deactivate the use of cookies by changing the preferences in the settings of the browser used.

Other technological means used. Paprima also collects personal information through technological means such as web forms integrated into a website controlled by Paprima (for example, its contact form, its membership form to become a member, its form to register for newsletter and seminars), questionnaires accessible online on its platforms and applications, as well as other platforms or form tools (e.g. Microsoft Forms).

If Paprima collects personal information by offering a technological product or service that has privacy settings, Paprima must ensure that these settings offer the highest level of privacy by default (cookies are not covered).

4. Retention and Destruction of Personal Information

Unless a minimum retention period is required by law, applicable regulations or by the head office, Paprima will only retain personal information for the period necessary to achieve the purposes for which it was collected.

At the end of the retention period or when the personal information is no longer necessary, Paprima will ensure:

  1. To destroy them; Or
  2. To anonymize them (i.e. they no longer irreversibly allow the person to be identified and it is no longer possible to establish a link between the person and the personal information) to use them for serious and legitimate purposes.

The destruction of information by Paprima must be done in a secure manner, to ensure the protection of this information.

5. Responsibilities of Paprima

Generally speaking, Paprima is responsible for the protection of the personal information it holds.

The person responsible for the protection of personal information at Paprima is the Controller. He must, generally speaking, ensure compliance with applicable legislation regarding the protection of personal information. The manager must approve the policies and practices governing the governance of personal information. More specifically, this person is responsible for implementing this policy and ensuring that it is known, understood and applied. In the event of the absence or inability to act of this manager, the president of Paprima will assume the functions of the person responsible for the protection of personal information.

Paprima staff members having access to personal information or being otherwise involved in its management must ensure its protection and respect this policy.

6. Data Security

Paprima uses third party services to ensure data security.

7. Rights of Access, Rectification and Withdrawal of Consent

To assert their rights of access, rectification or withdrawal of consent, the person concerned must submit a written request to this effect to the person responsible for the protection of personal information of Paprima, at the email address indicated in the following section.

Subject to certain legal restrictions, data subjects may request access to their personal information held by Paprima and request its correction in the event that it is inaccurate, incomplete or ambiguous. They may also demand the cessation of the dissemination of personal information concerning them or that any hyperlink attached to their name allowing access to this information by technological means be deindexed, when the dissemination of this information contravenes the law or to a court order. They can do the same, or even require that the hyperlink allowing access to this information be reindexed, when certain conditions provided for by law are met.

Paprima’s personal information protection manager must respond in writing to these requests within 30 days of the date of receipt of the request. Any refusal must be reasoned and accompanied by the legal provision justifying the refusal. In these cases, the response must indicate the remedies under the law and the time limit for exercising them. The manager must help the applicant understand the refusal if necessary.

Subject to applicable legal and contractual restrictions, data subjects may withdraw their consent to the communication or use of the information collected.

They can also ask Paprima what personal information is collected from it, the categories of people at Paprima who have access to it and their retention period.

8. Complaint Handling Process

Reception. Any person who wishes to make a complaint relating to the application of this policy or, more generally, to the protection of their personal information by Paprima, must do so in writing by contacting the person responsible for the protection of personal information at Paprima , to the email address indicated in the following section.

The individual must indicate their name, contact details, including a telephone number, as well as the subject and reasons for their complaint, giving sufficient detail so that it can be evaluated by Paprima. If the complaint made is not sufficiently precise, the person responsible for the protection of personal information may request any additional information that he considers necessary to be able to evaluate the complaint.

Treatment. Paprima undertakes to treat any complaint received confidentially.
Within 30 days following receipt of the complaint or following receipt of all additional information deemed necessary and required by Paprima’s personal information protection manager to be able to process it, the latter must evaluate it and formulate a reasoned response, written by email to the complainant. This assessment will aim to determine whether the processing of personal information by Paprima complies with this policy, any other policies and practices in place within the organization and the applicable legislation or regulations.

In the event that the complaint cannot be processed within this period, the complainant must be informed of the reasons justifying the extension of the deadline, the progress of the processing of his complaint and the reasonable time necessary to be able to provide him with a final answer.
Paprima must create a separate file for each complaint addressed to it. Each file contains the complaint, the analysis and documentation supporting its assessment, as well as the response sent to the person who made the complaint.

It is also possible to file a complaint with the Commission d’accès à l’information du Québec or any other supervisory body regarding the protection of personal information responsible for the application of the law concerned by the subject of the complaint.

However, Paprima invites any interested person to first contact their manager of the protection of personal information and to wait for the end of the processing process by Paprima.

9. Approval

This policy is approved by Paprima’s manager of the protection of personal information, whose business contact details are as follows:

Manager for the protection of personal information

Sylvain Dallaire
75 Guthrie
Dorval (Montreal), Quebec Canada H9P 2P1
[email protected]
Phone: (514) 422-9555 #242

For any requests, questions or comments regarding this policy, please contact the person in charge by email.

 

Annex A

Here is a non-exhaustive list of the types of information that Paprima may collect, their use, or the intended purpose, as well as the means by which the information is collected. So, this includes, but is not limited to, the following.

Please note that personal information managed by Paprima is personal information of employees, job applicants and consultants. With regard to the other categories of people indicated in the table below, the information provided is, in the majority of cases, information of a professional or business nature (see section 2 on professional contact details). Please note that in the majority of cases, Paprima also collects the professional title/function of the person, the name of the organization and/or the address of the organization (see section 2 on professional contact details).

 

Relationship with Paprima Type of personal information End of collection / Use Way of collecting information
Job applicants and employees -name

-phone number

-e-mail

-banking information

-social Security number

-date of birth

-address

-Name and date of birth of spouse and children

 -management of communications with the candidate or employee

-ensure the functioning of the payroll system

-ensure the operation of group insurance

 -by email

-by telephone

-in person

-forms to complete

Download Our Brochure

To download our brochure, please share your contact info. The file will start downloading right away.

"*" indicates required fields

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. Your email address is safe with us—strictly for brochure download purposes, no marketing involved.