Protection of personal information policy

Responsibility

TRINIC TOITURES fully assumes responsibility for safeguarding the personal information under its control. All data collected, used, disclosed, retained, or destroyed is subject to the provisions of this policy, with the primary goal of preserving individual confidentiality.

To ensure the most effective protection of personal information, the Data Security Officer at TRINIC TOITURES must:

• Supervise and review internal personal information handling practices and procedures, as well as compliance with applicable laws;
• Recommend measures to ensure the continued protection of personal information in alignment with privacy impact assessments;
• Implement necessary measures within the company to protect information;
• Ensure compliance and train staff on best practices for safeguarding personal information;
• Coordinate, investigate, and respond to personal information protection requests and complaints;
• Communicate with concerned individuals and the Commission d’accès à l’information (CAI) in the event of a data breach or incident;
• Maintain a register of incidents related to personal information.
• The protection of personal information is everyone’s responsibility. No retaliation may be taken against an individual who files a complaint regarding personal information protection or participates in a CAI investigation process.

Collection of Personal Information

Personal information is collected to allow TRINIC TOITURES to carry out its functions and conduct its activities in compliance with applicable laws and standards. TRINIC TOITURES collects personal information only when necessary and for specific, pre-defined purposes. Information is collected directly from the individual concerned and with their consent, except where an exception is provided by law.

See Appendix A for a non-exhaustive list of collected information and intended uses. Most personal information collected concerns employees, to meet the company’s legal obligations. Personal information from other individuals may be requested to assist employees in emergencies (e.g., emergency contacts), and it is the employee’s responsibility to obtain their consent before providing such details.

Regarding client information, data is collected for record-keeping, management software, contracts, and billing. We place the utmost importance on the confidentiality and security of client data. All collected information—whether contact details or other personal data—is handled with the highest diligence and in compliance with privacy laws. We implement robust security measures to prevent unauthorized access and regularly train our staff in best practices for data confidentiality. We view the protection of our clients’ personal information as a fundamental responsibility to ensure their trust and well-being.

Consent and Accuracy of Personal Information

TRINIC TOITURES ensures that the collection of personal information is for clear, justified, and specific purposes and that it is obtained with the individual’s free and informed consent. Consent is required for any collection, use, or disclosure of personal information.

Before collecting personal data, we will obtain your informed consent in writing and separately, providing clear details about the purpose of the collection and how the information will be used. Your consent is essential to ensure your data is protected.

Limiting the Use of Personal Information

We collect and use personal information only when necessary and for purposes for which consent has been obtained. TRINIC TOITURES may be required to provide certain information to meet legal and regulatory compliance processes.

Information may be shared with third parties as necessary for the purposes listed in Appendix A. TRINIC TOITURES is not responsible for the actions or usage practices of these third parties. Personal information will not be used or disclosed for purposes other than those specified, unless required by law.

Protection of Your Personal Information

TRINIC TOITURES takes all reasonable precautions and implements significant physical and technical measures to prevent the unauthorized or illegal use or access to personal information. Measures include, but are not limited to:

• Using personal information only when necessary;
• Ensuring confidentiality and restricting disclosure unless authorized by the person concerned;
• Protecting records with selective, limited access to authorized personnel only;
• Securing office access via locked doors and access codes;
• Secure shredding of paper documents;
• Two-factor authentication for all platform logins;
• Immediate removal of access following termination of a business relationship.
• All individuals are responsible for helping to protect personal information. If you suspect that sensitive data has been compromised, you must immediately notify the Data Protection Officer.

Retention Period for Personal Information

TRINIC TOITURES complies with minimum retention periods according to the category of personal information and applicable laws. If the collected data is no longer needed and its retention is neither necessary nor required by law, it will be destroyed, deleted, or anonymized.

Commitment to Transparency

TRINIC TOITURES is committed to transparency regarding the handling, procedures, and purposes for which personal information is used, with clients, employees, interns, and business partners.

Access to Your Personal Information

An individual may request access to their personal information and to the means used for its collection. Exceptions may apply when the file contains personal information about another person, in which case the individual will be informed. If the information is inaccurate, they may request corrections.

For consultation, withdrawal, or modification of personal information, contact info@trinictoitures.com. You may withdraw your consent for the disclosure of your personal information at any time by sending a written request to the Data Protection Officer. A response will be provided within 30 days of receipt. If the requested information cannot be shared, legal justification will be provided.

Filing a Complaint

Anyone who believes that their personal information has been collected, retained, used, disclosed, or destroyed in violation of this policy may file a confidential complaint with the Data Protection Officer at info@trinictoitures.com. Complaints must include the complainant’s name, contact details, phone number, the subject of the complaint, and sufficient details for proper evaluation.

A response will be provided within 30 days of receipt. If the complaint lacks sufficient details, additional information may be requested. The Data Protection Officer will investigate all complaints, mitigate any damage, and implement necessary corrective actions.

It is also possible to file a complaint with the Commission d’accès à l’information du Québec. However, TRINIC TOITURES encourages concerned individuals to first contact the Data Protection Officer and allow the internal process to be completed.

Approval

This policy is approved by the Data Protection Officer of TRINIC TOITURES.

Data Protection Officer

TRINIC TOITURES

819 210-5528
142, rue de Varennes, Unit 15
Gatineau, Quebec (J8T 8G5)
info@trinictoitures.com

For any request, question, or comment regarding this policy, please contact the officer by email.

Appendix A