CONFIDENTIALITY AND PRIVACY POLICY
At HR Covered Inc., we attach great importance to protecting the personal information of our customers, employees and representatives. In accordance with the law on the protection of personal information in the private sector, we are committed to preserving the confidentiality of personal information collected in the course of our activities. The purpose of our privacy policy is to inform you about our practices regarding the collection, use, disclosure, retention and protection of your personal information. By providing us with your personal information, you accept the terms of this policy and authorize us to process your information in accordance with it.
1. Consent
1.1 Commitment to the protection of privacy
We are committed to protecting the privacy of our users. We collect and use personal information only with their explicit consent and in compliance with applicable laws.
1.2 Acceptance of the terms of our policy
By accessing our website www.hrcovered.com or providing us with personal information, you agree to the terms of our privacy policy. This includes your consent to the collection and use of your personal information in accordance with this policy.
1.3 Right to withdraw consent
You have the right to withdraw your consent at any time. However, this is subject to certain legal or contractual restrictions. We will inform you of the possible consequences of such withdrawal, such as not being able to supply certain products or process certain requests. Your decision to withdraw will be recorded in our files.
1.4 Exceptions to the need for consent
In certain exceptional circumstances, we may collect, use or disclose personal information without obtaining your prior consent. This may occur in situations where legal, medical or security imperatives make it impossible or impractical to obtain your consent. These situations include, but are not limited to, suspected breach of contract, fraud prevention or detection, or law enforcement purposes.
2. Collection of personal information Consent
2.1 We collect personal information through various means, such as:
- Emails and communications with our customer service department
- Online application forms (including appointments)
- Cookies and similar technologies on our website
2.2 We may also collect information from third parties, such as :
- A technology service provider such as an ordering platform or newsletter service.
- A recruitment portal that allows candidates to submit their CVs and personal data.
- Professional social networks such as LinkedIn for recruitment or marketing purposes.
- A consultant who provides part of the services we offer our customers.
- An agency responsible for answering questions or handling complaints from our customers.
- A customer satisfaction survey company that collects feedback on our products and services.
- An online payment service provider to process financial transactions.
- A cloud company storing customer data.
- A digital marketing company that analyses user behaviour on our website.
- An IT security service provider that monitors threats and protects data.
- A customer relationship management (CRM) company that helps organise and analyze customer interactions.
- A logistics provider that manages product delivery and collects information on recipients.
We are committed to being transparent about our use of these technologies and to respecting our customers’ confidentiality choices.
3. Types of personal information collected Collection of
personal information Consent
3.1 We collect various types of data, including but not limited to:
- Personal details (name, postal address, email address, telephone number)
- Technical or numerical information (IP address, online activities)
- Financial information (salary, payment details, banking information)
- Health data (health history, lifestyle habits, medication taken)
- Demographic data (age, ethnic origin, nationality, place of residence)
3.2 Children’s privacy
We do not knowingly collect or solicit personal information from children under the age of 14. By using our website, you represent that you are at least 14 years old. If you are under 14, please do not attempt to send us any personal information. If we discover that we have inadvertently collected personal information from a user under the age of 14, we will attempt to delete that information from our files and records immediately. We also encourage Website users under the age of 14 to ask their parents or guardian for permission before sending any information about themselves over the Internet.
If you believe that a child under the age of 14 has provided us with personal information, please contact us using the details provided in the following section.
4. Use of personal information
4.1 We use your personal information for a range of essential activities:
- Responses to requests: For an efficient response to your requests and queries.
- Transaction management: processing payments and issuing receipts for completed transactions.
- Registrations and participations: Manage your registrations for events, training courses, newsletters, downloads from our website or participation in webinars.
- Human resources management: For internal management and administration of human resources, recruitment, employment contracts and service agreements.
- Improving user experience: Operating, maintaining and improving our website, customising your online experience, and providing requested services and information.
- Marketing communications: information, special offers and relevant news, with the option of unsubscribing at any time.
- User account management: management of your user account to access various functions on our site.
These uses are intended to enrich your experience with our services and to facilitate efficient interaction with our organisation.
4.2 We offer various options to allow you to control and limit the collection of your personal information. These options include:
- Choice of communication: You can choose to receive our communications by different means (telephone, SMS, email), or refuse them altogether.
- Account settings : When you create an account on our site, you have the option of opting out of certain services or loyalty programmes.
- Cookie management: Our site allows you to refuse or customise the use of cookies. Please note that blocking certain cookies may affect the accessibility and functionality of our site.
- Granular consent: In most cases, when we collect information for specific purposes, you have the opportunity to consent only to certain uses of your data.
It is important to note that some of these options may limit your access to all the features of our service. For example, by refusing certain cookies, some parts of our website may not function as intended, or by choosing not to create an account, certain personalization features may not be available.
5. Sharing and disclosure of personal information
5.1 Personal information collected by our organization is accessible to specific categories of our staff and to certain partner organizations in order to provide our products and services efficiently. For example:
- Customer service: Access contact information to respond to requests.
- IT Department: Accesses technical data for support and maintenance.
- Marketing department: Uses data for advertising campaigns and market research.
- Delivery partners: Receive addresses for order delivery.
- Payment service providers: Access financial information to process transactions.
- Personal information and data security officers: Access information to ensure the security and protection of data against unauthorised access or cyber attacks.
- Legal consultants: Use data to ensure compliance with applicable laws and regulations.
- Cloud service providers: host data on secure servers, enabling information to be stored and retrieved.
- Research and development partners: Access certain data to collaborate on new innovations or product/service improvements.
- Debt collection agencies: In cases of non-payment, certain information may be shared with external collection agencies.
We ensure that this information is used exclusively for the stated purposes and in a confidential manner. Data transfers outside Quebec are carried out within the framework of international collaboration, while ensuring adequate protection of information in accordance with the laws in force.
6. Links to other websites
6.1 Our website may contain links to third party websites
When you follow these links, you leave our website. Information exchanged at that point is no longer subject to our privacy policy. We recommend that you read the privacy statements of other websites you visit before providing any information.
7. Security of personal information
7.1 Security measures to protect personal information
To ensure the security and confidentiality of personal information, HR Covered Inc. adopts rigorous security measures, including both physical and technological aspects. Here are a few concrete examples:
- Access controls: Access to personal data is restricted to authorised employees only.
- Staff training: Regular staff awareness-raising on data security best practices.
- Data encryption : Protection of sensitive data using advanced encryption techniques.
- Monitoring and detection of intrusions: Implementation of systems to monitor any suspicious activity and detect potential intrusions.
- Disaster recovery plans: Drawing up plans to quickly restore data in the event of an incident such as a breakdown or cyber-attack.
These measures are designed to protect personal information from unauthorised access, use or disclosure, and to maximise its integrity and confidentiality. Although we do our utmost to protect your personal data, it is important to bear in mind that no method of transmission via the Internet or electronic storage is 100% secure. We cannot therefore guarantee their absolute security.
7.2 Staff and Board commitments
Each employee, director, volunteer, independent contractor or ad hoc advisor working on our Board committees undertakes to respect the personal information we collect. In addition, they undertake to maintain the confidentiality of information specific to our activities and not to divulge it or use it for personal gain or for the benefit of others. This commitment exists from the moment the employee, director, volunteer, independent contractor or ad hoc advisor takes up his or her post and continues indefinitely.
8. Retention and destruction of personal information
We will only retain your personal data for as long as is necessary for the purposes set out in this privacy policy. We will retain and use it to the extent necessary to comply with our legal obligations, to resolve disputes and to enforce our legal policies.
We will also retain usage data for internal analysis. This data is generally kept for a shorter period, unless it is used to enhance the security or improve the functionality of our website, or we are legally obliged to keep it for longer.
9. Your rights
9.1 Recognition and respect for your rights
As part of our privacy policy, we recognise and respect the fundamental rights of individuals affected by the personal information we hold. These rights include:
- Right of access: Individuals have the right to consult the personal information we hold about them. For example, a customer may ask to see the data collected when registering for our service.
- Right of rectification: If information is inaccurate or incomplete, data subjects may request that it be updated. For example, an employee may request that his or her incorrect postal address be corrected in our files.
- Right to erasure : Individuals can request that their personal information be removed from our primary CRM system and all other systems that process subsequent information. Individuals could ask for such erasure at any time except in cases where such dissemination causes violation of the law or a court order. This right to erasure or to be forgotten allows individuals to control the availability of their personal information on the internet.
- Right to lodge a complaint: If individuals have concerns about the processing of their data, they may lodge a complaint in accordance with our established process.
Subject to applicable laws, upon receipt of a written request from an individual and after verification of his or her identity, we will inform the individual whether we hold personal information about him or her and will disclose that information to him or her.
We may refuse a person access to their information in accordance with the laws in force, in which case we will give reasons for our refusal.
To facilitate these rights, the contact details of our Privacy Officer are clearly indicated for any questions or concerns. These measures ensure that individuals can exercise their rights with confidence and transparency.
10. Amendments to the policy
This policy may be updated to reflect changes in our practices or legal requirements. Changes will be posted on our website. We encourage you to review this privacy policy regularly to stay informed of any changes.
11. Contact
Any request or question concerning this privacy policy may be sent to the person responsible for the protection of personal information at the following address
- By email: privacy@hrcovered.com
Policy effective date: October 20, 2020
Last update: August 23, 2024