This policy explains how we process and protect personal data that we collect through technologies such as email or online interactions. At Laporte, we adhere to these principles to preserve the confidentiality of your information and to comply with legal requirements.

1. Who is this policy for?

The rules described in this policy apply to you if we collect your personal information by technological means in the course of our business. For example, this policy applies to:

  • If you visit our website https://laporteconsultants.com
  • if you contact us by email
  • if you use our contact form
  • if you use our application form
  • if you contact us by phone

2. When do we collect your personal information, and how can we limit its collection?

To learn about  the types of personal information we collect through technology, from whom and why we collect it, and the steps you can take to limit the collection, please review the information set out below.

We consider “personal information” to be any information about you that can be directly or indirectly identified to you (for example, by combining it with other information).

We do our best to keep your personal information accurate, complete and up-to-date when we use it. We rely on you to notify us when this information changes. To do so, you can write to us at rpersonnels@laporteconsultants.com

2.1. When you browse our website

To learn more about how we use cookies and your choices in relation to these tracking technologies, please see our Cookie Policy https://laporteconsultants.com/en/cookie-policy/

2.2. When you write to us by email or via a contact form

When you correspond with us by email or through a contact form, we collect your email address and the personal information contained in your messages. The types of information and the reason for the collection depend on the context in which we are interacting.

Here are the most common situations:

  • When you send a contact request. We collect personal information to open the file. We collect your name, email address and message as well as optional additional information (title, company, region, phone number).
  • When you send a complaint email. We collect personal information to open the file and process the complaint. In this email, we advise you to provide us with only the information necessary to process your request. We collect your name, mailing address, email address and telephone number. If you have a legal representative, we collect the same information about your legal representative. We also collect a description of the complaint, the name of the company, the name and title of the individuals involved, and their contact information (mailing address, telephone and email address). Note that some of this information is not personal information (for example, contact information for representatives).
  • When you write to us for any other reason. We collect the personal information contained in your email address to respond to your questions or requests for information, or to assist you with your access or privacy procedures.

2.3. When you apply for a job

When you apply for a job or internship through the unsolicited application form or through an internship or job offer (via our form on the LAYAN website or platform), we collect the personal information necessary to evaluate your application and to contact you as part of the hiring process.

We collect the following personal information:

  • Documents related to your application (resume, cover letter, etc.), your full name, email address and telephone number, through the website where you are applying
  • Information contained in email exchanges
  • Information discussed during a telephone or video conversation, such as when conducting reference checks about your work performance

We may check references for the person(s) most likely to get the job, not for all applicants. We contact the references you provide to us, with your consent.

2.4. When you call us

When you call us, we may collect certain personal information. For example, to develop a business relationship or to deal with a privacy complaint.

We collect the following personal information in connection with call history:

  • date and time of the call
  • language chosen
  • duration of the call
  • menus used by the caller
  • waiting time

2.5. When you view shared materials in response to an access request you have made

If you make a request for access to documents, information or personal information that we hold, we may share documents with you to respond to your request. In some cases, we will send you a secure link and password by email. As a security measure, this link expires after a certain amount of time.

When you view the documents, we collect your IP address and the date and time of access.

3. We respect your consent

When we collect, use and disclose your personal information, we always do so for specific purposes. Your consent is valid for as long as necessary to achieve these purposes. We may then retain your personal information for as long as necessary to fulfill our retention obligations outlined in the law and in our retention schedule.

We always respect the purposes for which we collected your personal information. If we wish to use or disclose your personal information for any other purpose, we will ask for your consent, except as permitted by law.

4. We may share your personal information with others within the organization and with external organizations

4.1. To whom we may share your personal information

We may share your personal information with other individuals or organizations, as necessary to fulfill the purposes described in this policy (see Part 2 of this document) or as permitted by law. The type of information shared depends on your situation.

We may disclose your personal information to individuals within the organization (as described in section 5.1) and to the following external organizations:

  • To the administrator of our website
  • To our information technology management providers

4.2. Personal Information Outside Québec

Our company’s data is stored in a data center located in the state of California, USA. We selected this hosting provider because of their rigorous commitment to compliance with high security standards, including ISO 27018 and ISO 27001, which ensures optimal protection and privacy of our data.

We may disclose your personal information in another province of Canada or outside of Canada. This information will be shared in the context of our collaboration across our various offices around the world, including:

  • France
  • Belgium
  • Switzerland
  • The United States

In this case, your personal information is also subject to the laws of that region.

Before we disclose your personal information, we take protective measures. When necessary, we conduct a Privacy Impact Assessment, which is a process that considers all factors that may impact your privacy and assesses whether the information will be adequately protected. We also enter into a contract or agreement that includes appropriate security measures for the information disclosed.

5. How We Protect Your Personal Information

5.1. We limit access to your personal information

Only staff members who need to process your personal information to perform their duties may access it. These individuals only have access to the information necessary to perform their duties.

We have established the roles and responsibilities of staff members throughout the processing cycle of your personal information, from collection to destruction. We review them regularly to keep them up to date.

5.2. We have robust security measures in place

We have implemented several types of measures to protect your personal information from loss, theft and unauthorized access, use or disclosure. They include:

  • physical measures, such as locked premises
  • technological measures, such as a firewall
  • organizational measures, e.g. the adoption of thematic security policies

5.3. We retain your personal information for a limited period of time

We will retain and use your personal information for as long as necessary to fulfill the purposes for which it was collected, to comply with our operational requirements and legal obligations, to resolve disputes, to protect our assets, to provide services, and to enforce our contracts.

We take reasonable steps to delete the personal information we collect when (1) we have a legal obligation to do so; (2) we no longer have a reason to retain the information; and (3) if you ask us to delete your information, unless we determine that doing so would violate our existing and legitimate legal, regulatory, contractual, or similar obligations. We may also decide to delete your personal information if we believe it is incomplete, inaccurate, or that maintaining its storage is contrary to our legal obligations or operational objectives.

To the extent permitted by law, we may retain and use anonymous, anonymized, and aggregated information for performance reporting, benchmarking, and other purposes, as well as for product and service improvements. When we delete data, it is deleted from our active servers and databases; however, they may remain in our archives when it is impractical or impossible to delete them.

6. Your rights

6.1. Withdrawing your consent

You may request to withdraw your consent to the use, disclosure and retention of your personal information.

The processing of this request depends on the situation and the purpose sought. As the case may be:

  • you can withdraw your consent, but we will no longer be able to provide you with a service that depends on it (for example, if you wish to withdraw an application you have filed).
  • you may not withdraw your consent, as the processing of your personal information is necessary or mandatory.

In all cases, we may need to retain certain personal information to comply with our legal obligations.

6.2. Accessing and correcting your personal information

You have rights related to your personal information. You can ask us:

  • to access it
  • to correct or update them

Here are the steps to process an application:

  • you must send a written request to the Privacy Officer. You will find their contact information at the end of this policy.
  • we will process your request within a reasonable time (usually 30 days). This time frame may vary depending on the number of requests at the time.
  • you will receive our response in writing.

7. Complaints Procedure

Here are the steps to process an application:

7.1. Reception

You must send a written request to the Privacy Officer. You will find their contact information at the end of this policy;

The individual will be required to indicate:

  • their name.
  • contact information, including a telephone number.
  • the subject matter and reasons for the complaint, including sufficient detail for the complaint to be assessed by the Corporation.

If the complaint is not sufficiently specific, the Privacy Officer may request any additional information they deem necessary to assess the complaint.

7.2. Treatment

The Company undertakes to treat any complaint received confidentially.

Within 30 days of receipt of the complaint or receipt of any additional information deemed necessary and required by the Company’s Privacy Officer in order to process the complaint, the latter must evaluate the complaint and provide a written reasoned response to the complainant by email. The purpose of this assessment will be to determine whether the Company’s handling of personal information complies with this Policy, any other policies and practices in place within the organization, and applicable legislation or regulations.

In the event that the complaint cannot be dealt with within this period, the complainant must be informed of the reasons justifying the extension of the time limit, the status of the processing of the complaint and the reasonable time necessary to be able to provide a final response.

The Corporation must maintain a separate file for each of the complaints addressed to it. Each file contains the complaint, the analysis and documentation to support its assessment, as well as the response sent to the person making the complaint.

It is also possible to file a complaint with the Commission d’accès à l’information du Québec or any other privacy oversight body responsible for enforcing the law concerned by the subject of the complaint.

However, the Company invites any interested person to first contact their Privacy Officer and to wait for the completion of the processing process by the Company.

8. Updating the Policy

We may change this Privacy Policy at any time without notice and will post the revised Privacy Policy. The revised Policy will be effective 30 days after it is posted on the Service. Your continued access to or use of the Service after such date will constitute your acceptance of the revised Privacy Policy. We therefore recommend that you check this page periodically.

9. Do you have a question, a complaint, a comment?

We have appointed a Privacy Officer. This person ensures that we comply with the rules outlined in this policy and in the law. You may contact our Privacy Officer at:

Email: rpersonnels@laporteconsultants.com
Address:  400 Avenue Ste-Croix Suite 2320, Montreal H4N 3K4 (Attn: Privacy Officer)
Telephone: 514 733-1073

Updated: February 20, 2024