Personal Information Protection Policies

Privacy Policy

Techno Metal Post invites you to read its privacy policy to find out the rules applied to the protection of personal information collected by technological means.

1. Tools Used to Collect Personal Information

   No third party collects personal information on our behalf.

   1. Website Registration Form

      The data collected from these forms is transmitted to the dealers, who are then responsible for processing them.

      • Request Information
      • Apply
      • Become a Dealer
      • Contact the Head Office
   2. Digital site management platform
   3. Use of log files and cookies

2. Information Collected

   1. Identification Information

      • Surname
      • First name
      • Email address
      • Phone number
      • Mailing address

   2. Technical/Digital Information

      • IP address
      • Operating system
      • Pages visited and queries
      • Connection date and time

   3. The information is collected for the following purposes:

      • Identification
      • Creating a file for the application process
      • Information/Promotional offers
      • Statistics
      • Contact
      • Improved service and a personalized welcome

3. Consent

   We will obtain your consent before collecting, using or disclosing your personal information, except where permitted by law to do so without consent.

4. Automated Decisions

   We do not use automated decision-making systems to process your personal information.

5. Methods available to opt-out of the collection of certain personal information

   Refuse cookies, and use the website without certain features.

6. Individuals with access to personal information

   Only staff members who need to process your personal information as part of their duties can access it. These individuals have access only to the necessary information in order to perform their duties.

   • Dealers
   • Information Technology Department
   • Administration Department
   • Managers

7. Privacy Impact Assessment (PIA)

   Techno Metal Post is committed to conducting PIAs to protect personal information and respect the privacy rights of individuals.

8. Security Measures

   The personal information we collect is kept in a secure environment with restricted access. People working for us are required to respect the confidentiality of your information.

   We are committed to maintaining a high degree of confidentiality of your transactions, by incorporating the latest technological innovations. We regularly assess our security measures.

   To ensure your personal information’s security, we use the following measures:

   • Physical measures, such as locked filing cabinets;
   • Technological measures, such as firewalls;
   • Administrative measures, such as the implementation of a privacy policy.

   1. Security Incidents

      Techno Metal Post has implemented a procedure to manage confidentiality incidents. If an incident occurs that poses a high risk of serious harm, individuals whose personal information is affected will be promptly notified.

      If you wish to report a security incident, please contact the Privacy Officer. Their contact details can be found at the end of this policy.

9. Your Rights Regarding Your Personal Information

   1. Withdraw Your Consent

      You may request to opt out of your consent to the use, disclosure and retention of your personal information. The processing of your request will depend on the situation and the intended purpose.

   2. Access, Correct or Update Your Personal Information

      Steps in processing an application:

      • You must send a written request to the organization's Privacy Officer. Their contact details can be found at the end of this policy.
      • An acknowledgement of receipt will be sent to you confirming that your request has been considered. Your request will be processed within 30 days of receipt.
      • You will receive our response in writing.

   3. File a complaint according to the process outlined in the Complaints Policy

   4. Right to Data Portability

      You have the right to receive your personal information in a digital manner, which has been collected directly or indirectly from you, in a structured, commonly used electronic format.

      Steps in processing an application:

      • You must send a written request to the organization's Privacy Officer. Their contact details can be found at the end of this policy.
      • An acknowledgement of receipt will be sent to you to confirm that your request has been considered. Your request will be processed within 30 days of receipt.
      • You will receive our response in writing.

10. Contact Information for the Privacy Officer

    Name: Cédric Malitte
    Title: IT Director
    Email: info@technometalpost.com
    Phone: 1-877-332-2139

Personal Information Management Policy

1. Roles and Responsibilities

   1. The President

      • Ensures that obligations under the Access to Documents and Protection of Personal Information Act are met throughout the company.
      • May designate a member of the Techno Metal Post management team to assume responsibility related to the access to information and the protection of personal information.
      • Approves this policy as well as the procedures put in place to ensure its implementation.
      • Promotes the implementation, distribution and adoption of this policy throughout the organization.

   2. The Committee on Access to Information and the Protection of Personal Information

      This Committee is headed by the Privacy Officer and composed of managers and certain executives.

      • Defines and approves corporate governance policies and guidelines.
      • Validates the annual action plan.
      • Authorizes the planning of training and informational activities.
      • Reviews annual reports on complaints related to personal information management and recommends strategies for improvement.
      • Evaluates the effectiveness of privacy safeguards annually.
      • Offers recommendations on applicable personal information protection measures, through the Privacy Impact Assessment (PIA).
      • Advises on specific measures to be followed regarding surveys that collect personal information.

   3. Privacy Officer

      • Ensures the company's compliance with the Access to Information Act.
      • Oversees the implementation of policies, ensuring that legal, regulatory and administrative obligations are respected.
      • Supports managers and staff by accompanying them in the interpretation and application of the rules.
      • Offers recommendations and advises the Committee.
      • Submits policies to the Committee for approval, and ensures they are regularly updated.
      • Receives, processes, and logs complaints in the dedicated register.
      • Processes requests for access to or correction of personal information held by the organization.

   4. Managers

      • Ensure that policies, procedures and directives are properly followed.
      • Ensure that their team members use secure methods to handle personal information.
      • Work with the Privacy Officer and the Committee to ensure the company's compliance with obligations.
      • Intervene in the event of non-compliance with policies by a team member.
      • Promote a culture of personal information protection by raising awareness within their team.
      • Ensure that team members complete the required training on personal information protection.

   5. Document Management Coordinator

      • Ensures that the retention periods for personal information, as defined in the company's data destruction schedule, comply with applicable standards and policies.
      • Ensures that destruction methods of personal information are secure and confidential.
      • Ensures that the personal information held by the company is accurate, up-to-date and complete, so that it is relevant and reliable for the purposes for which it is used.
      • Conducts the PIA in collaboration with the Committee, when required.

   6. The Administration Department

      • Protects data and information assets in line with the company’s policies.
      • Supports the Committee in developing strategic directions and identifying priorities related to information security.

   7. Company Staffe

      • Familiarizes themselves with and adheres to the policies.
      • Adopts appropriate measures to preserve the confidentiality and security of the personal information to which they have access.
      • Limits their access to only the personal information necessary for the performance of their duties;
      • Uses the personal information only for the purposes for which it was collected.
      • Informs their manager of any privacy-related incidents.
      • Participates in training offered by the company regarding the protection of personal information.

2. Rules for the Retention and Destruction of Personal Information

   Techno Metal Post personnel securely destroy personal information once its intended purpose has been fulfilled, in accordance with the timelines outlined in our personal information destruction schedule, and the company's records management policies. Duration periods vary depending on the type of information and applicable legal obligations.

3. Types of Information Held by the Company

   Certain identification, financial, work, educational and training, social or family situation, technical and digital information is collected by Techno Metal Post.

4. Use of Personal Information

   Techno Metal Post employees will use personal information only for the purposes for which it was collected. Any additional use must be authorized in advance by the manager or the person in charge of access. They are responsible for ensuring that any new use complies with applicable laws (or requires the individual’s consent).

   Company employees who use personal information in the course of their duties must:

   • Limit their use of the data for the purpose of performing their duties.
   • Ensure confidentiality at all times.
   • Inform their immediate supervisor and the person in charge of access, without delay, of any situation where the confidentiality of personal information may have been compromised.

5. Correcting Inaccurate or Inadequate Personal Information

   Steps in processing an application:

   • You must send a written request to the organization's Privacy Officer. Their contact details can be found at the end of this policy.
   • Your request will be processed within 30 days of receipt. An acknowledgement of receipt will be sent to you to confirm that your request has been considered.
   • We will send you our response in writing.

Complaint Handling Policy

You may make a complaint if you believe that the management of your personal information is not in accordance with our policies or the law.

1. Steps for Handling a Complaint

   • Complaints can be made in writing, by phone, by e-mail or through any other official communication channel of Techno Metal Post. Contact information can be found at the end of this policy.
   • Your request will be processed within 30 days of receipt.
   • We will send you our response in writing.

2. Contact Information for Forwarding a Complaint

   1. Contact information for Techno Metal Post

      • Mailing address: 1700 Rue Setlakwe, Thetford Mines, QC, G6G 8B2
      • Email: info@technometalpost.com
      • Phone: 418 332-2139

   2. Contact information for the Commission d'accès à l'information

      • Website: www.cai.gouv.qc.ca
      • Phone: 1-888-528-7741