Privacy policy
Last update: April 30, 26
1. Introduction
At Sécurité Info Services (hereinafter « we », « us », « our »), protecting your personal information is at the heart of our concerns. This privacy policy explains how we collect, use, disclose, retain, and protect your personal information when you visit our website securiteinfoservices.com (hereinafter « the Site ») or use our services.
We are committed to complying with Québec Law 25 and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) .
2. Person Responsible for the Protection of Personal Information (PRPPI)
In accordance with Law 25, we have designated a person responsible for the protection of personal information:
Name: Sonia Ngo
Email : info@securiteinfoservices.com
Phone : (450) 661-2226
You may contact our PRPPI regarding any matter relating to the collection, use, or disclosure of your personal information.
3. Personal Information We Collect
We only collect information necessary for the purposes described in this policy.
| Category | Examples of Information Collected | Purpose |
|---|---|---|
| Identification information | First name, last name, professional title | Identify you, personalize our exchanges |
| Contact information | Email address, phone number, postal address (if applicable) | Contact you, send you communications |
| Professional information | Company name, position, industry | Tailor our services to your context |
| Connection information | IP address, browser type, pages visited, visit duration | Analyze audience, improve the Site |
| Communications | History of our exchanges (emails, contact forms) | Follow up on your requests |
We do not collect sensitive information (medical data, biometrics, political opinions, etc.) without your explicit consent.
4. How We Collect Your Information
We collect your personal information through the following means:
- Contact form : when you send us a request via our site
- Free diagnostic request : when you complete our assessment form
- Newsletter subscription : when you sign up for our communications
- Testimonials or comments : when you share your experience with us
- Cookies and tracking technologies : when you browse the Site (see Section 9)
5. Use of Your Personal Information
We use your personal information solely for the following purposes:
- Respond to your inquiries
- Provide our cybersecurity services (audits, SOC, consulting, etc.)
- Send you information about our offerings (if you have consented)
- Improve our Site and services (audience analysis)
- Comply with our legal and regulatory obligations
- Manage security incidents or complaints
We do not sell, rent, or share your personal information for commercial purposes with third parties without your explicit consent.
6. Consent
We obtain your consent in a free, informed, and specific manner:
- Explicit consent : when you fill out a contact form or subscribe to our newsletter (checkbox)
- Implied consent : when collection is necessary to fulfill a request you initiated (e.g., quote request)
You may withdraw your consent at any time by contacting us at [email address]. Withdrawal of consent may, however, limit our ability to provide you with certain services.
7. Disclosure to Third Parties
We only disclose your personal information to third parties in the following cases:
| Recipient | Circumstances | Protection Measures |
|---|---|---|
| Service providers (hosting, email platform, analytics tools) | Technical necessity to provide our services | Written contracts imposing equivalent security obligations |
| Legal authorities (CAI, RCMP, court) | Legal or judicial obligation | Disclosure strictly limited to legal requirement |
| Technical experts (penetration testing, audits) | Carrying out a service on your behalf | Confidentiality agreement + limited access to strictly necessary data |
We do not transfer your personal information outside Québec without first conducting a Privacy Impact Assessment (PIA) and establishing an adequate level of protection.
8. Retention of Personal Information
We retain your personal information only as long as necessary for the purposes for which it was collected, or to comply with our legal obligations.
| Type of Information | Retention Period |
|---|---|
| Contact requests (non-clients) | 12 months |
| Client data (active) | Duration of contractual relationship + 5 years |
| Invoices and accounting records | 7 years (in accordance with tax laws) |
| Marketing communications (newsletter) | Until unsubscription |
| Connection logs | 12 months |
Upon expiry of these periods, your information is anonymized or securely destroyed (cryptographic erasure, physical destruction of media).
9. Cookies and Tracking Technologies
Our Site uses cookies and similar technologies to ensure its proper functioning, analyze audience usage, and improve your user experience.
To learn more about the types of cookies used, their purposes, and how to manage your preferences, please consult our Cookie Policy:
https://www.securiteinfoservices.com/en/cookie-policy/
10. Your Rights
In accordance with Law 25 and PIPEDA, you have the following rights:
| Right | What It Means | Response Time |
|---|---|---|
| Right of access | Obtain the list of personal information we hold about you | 30 days |
| Right of rectification | Correct inaccurate or incomplete information | 30 days |
| Right to withdraw consent | Withdraw your consent for a specific purpose | Immediate |
| Right to erasure | Request deletion of your information (unless legal retention applies) | 30 days |
| Right to portability | Receive your information in a structured format (where applicable) | 30 days |
How to exercise your rights : Send your request by email to info@securiteinfoservices.com or by mail to 3009 Blvd. de la Concorde E #101, Laval, Quebec H7E 2B5, Canada
We may request reasonable proof of identity before processing your request.
11. Security of Personal Information
We implement technical and organizational security measures to protect your personal information from unauthorized access, misuse, loss, or disclosure:
- Data encryption in transit (TLS 1.3)
- Data encryption at rest (AES-256)
- Strict access controls (least privilege)
- Multi-factor authentication (MFA) for administrator access
- Logging of access to personal data
- Encrypted and off-site backups
- Annual training of our staff on data protection
In the event of a privacy incident affecting your personal information, we commit to:
- Notify you as soon as possible (and within 72 hours if a risk of serious harm is identified)
- Notify the CAI within 72 hours (if required)
- Document the incident in our privacy incident register
12. Transfers Outside Québec
If we need to transfer your personal information outside Québec (e.g., cloud provider with servers located elsewhere), we comply with Law 25 requirements, including:
- Conducting a Privacy Impact Assessment (PIA)
- Implementing Standard Contractual Clauses (SCCs) or equivalent to ensure an adequate level of protection
- Prior notification to affected individuals (where applicable)
Currently, our main service providers are located in : Canada
13. Children’s Privacy
Our Site is not intended for children under 14 years of age. We do not knowingly collect personal information from minors. If we discover that a minor’s personal information has been collected without parental consent, we will delete it promptly.
14. Changes to This Policy
We may amend this privacy policy to reflect changes in our practices or legal obligations. Any changes will be posted on this page with the “last updated” date.
In the event of a material change, we will notify you by email (if we have your contact information) or via a banner on our Site.
We encourage you to review this page regularly.
15. Complaints and Oversight
Si vous estimez que nous n’avons pas respIf you believe we have not respected your rights regarding the protection of your personal information, you may:
- Contact us first – Our PRPPI will review your complaint and respond within 30 days
- Contact the CAI – If our response is not satisfactory
Commission d’accès à l’information du Québec (CAI)
Phone : 1-888-528-7741
Website : www.cai.gouv.qc.ca
16. Contact Us
For any questions regarding this privacy policy or exercising your rights:
Person Responsible for the Protection of Personal Information (PRPPI)
Sécurité Info Services
3009 Blvd. de la Concorde E #101, Laval, Quebec H7E 2B5, Canada
Email : info@securiteinfoservices.com
Phone : (450) 661-2226