OBJECTIVES
To ensure that:
- Manesco complies with regulatory provisions and its self-regulation requirements regarding the protection of personal information;
- Manesco's obligations regarding the protection of personal information are professionally respected in a secure environment and subject to adequate monitoring.
POLICY
Responsible Person:
Sébastien Gagnon is hereby designated as responsible for the implementation of this policy.
OUR 10 COMMITMENTS
There are 10 principles that we must follow in accordance with the Personal Information Protection Act.
- Responsibility: An organization is responsible for the personal information it manages and must designate one or more individuals to ensure compliance with the principles outlined below.
- Purpose Specification: The purposes for which personal information is collected must be determined by the organization before or at the time of collection.
- Consent: You must obtain informed consent from an individual to collect, use, and disclose their personal information, except where it would be inappropriate to do so.
- Limiting Collection: The organization must only collect personal information necessary for the purposes it has identified. Information must be collected in a fair and lawful manner.
- Limiting Use, Disclosure, and Retention: Personal information must not be used or disclosed for purposes other than those for which it was collected, unless the individual consents or the law requires it. Personal information should only be retained as long as necessary to fulfill the specified purposes.
- Accuracy: Personal information must be as accurate, complete, and up-to-date as is necessary for the purposes for which it is to be used.
- Safeguards: Personal information must be protected by appropriate security measures in line with its level of sensitivity.
- Openness: An organization must ensure that accurate information about its policies and practices regarding the management of personal information is easily accessible to anyone.
- Individual Access: An organization must inform any individual who requests it about the existence of their personal information, how it is used, and any third-party disclosures, and allow them to access it. Individuals should also have the opportunity to challenge the accuracy and completeness of their information and make necessary corrections.
- Challenging Compliance: Any individual should be able to complain about non-compliance with the principles outlined above by contacting the person or persons responsible for the organization's compliance.
PERSONAL INFORMATION PROTECTION OFFICER
Sébastien Gagnon is the Personal Information Protection Officer, and all complaints and inquiries should be directed to him directly.
COLLECTION AND USE OF INFORMATION
We collect the information necessary to carry out the tasks we have committed to perform.
CONSENT
To open a file, obtain information, and update it, the client must sign a consent form that will be placed in their file.
RETENTION AND DESTRUCTION OF PERSONAL INFORMATION
We retain complete client records for a minimum of seven years. All records that have been subject to complaints or legal issues will be kept indefinitely. At the end of the required retention period, documents containing personal information will be destroyed in accordance with current rules and policies.
Personal Information Protection Officer:
