Privacy Policy

Personal information management policy and cookie file management policy

Privacy Policy and Personal Information Governance

Effective date: 2024-11-05. This text is an automatic translation. In case of discrepancy, the French version takes precedence.

This Privacy Policy (the “Privacy Policy”) Policy ») describes the measures applied by PINQ2 to ensure the protection of personal information and govern the manner in which PINQ2 collects, uses, communicates, retains, destroys and manages it. In addition, it aims to inform any interested person about the manner in which PINQ2 processes their personal information.

This Policy applies to PINQ2, including its board members, staff, consultants and volunteers, as well as its clients, suppliers, service providers, business partners and any person who interacts with PINQ2 and whose personal information is collected. It applies to the PINQ2 website, as well as to all websites controlled and maintained by PINQ2, including the individuals who visit them.

1. Definition

Personal information is information that relates to a natural person and that allows, directly or indirectly, that person to be identified. For example, it could be the name, email address, telephone number, IP address, etc.

Generally, an individual's business or professional contact information is not personal information, such as an individual's name, title, postal address, email address or work telephone number.

2. Collection and use of personal information

For the purposes of this Policy, the collection of personal information by PINQ2 includes only that which is necessary for the purposes of its activities. Here is a non-exhaustive list of the situations covered and types of information that PINQ2 could collect, their use or the intended purpose, as well as the means by which the information is collected.

PINQ2's services are not directed to minors, and more generally, PINQ2 does not intentionally obtain personal information about minors.

Target situation Types of personal information End of collection/use Means of collecting information
Website Navigation IP address, web pages viewed, length of visit to the site, device and browser type, operating system, cookies To make the browsing experience user-friendly, analyze site traffic and obtain usage statistics. See also the section below on the use of cookies. Information collected when browsing the website
Subscription to the newsletter, participation in a PINQ2 activity or event, or any business development activity First name, last name, email address, IP address To keep a person informed about PINQ2 activities, news and ecosystem.
For the organization of the activity or event, to manage the program related to this activity or event, and to improve our services and our contents.
Registration via a form to receive the newsletter, information provided directly by the individual when registering for an activity or event
Communication with PINQ2 via an online form on the website, by email or via social networks First name, last name, email address, phone number, IP address and any other personal information provided voluntarily To process a request for information or service or a comment.
To establish statistics and compile data in order to improve our service offering.
Registration via a contact form, information provided directly by the individual
Professional applications for internships or jobs Information contained which is transmitted to PINQ2 via applications (e.g. CV and cover letter, first name, last name, email address, telephone number and postal address) and for verification purposes (professional history, background) To analyze applications and carry out the required follow-ups.
To build a bank of candidates for future job openings.
Information provided by an applicant when submitting an application by email
Staff working for PINQ2 (staff, consulting, interns, etc.) First name, last name, mailing address, family information, emergency contact, social security number, financial institution, account number, information required for identification, security, group insurance or other benefits purposes For the purposes of human resources management, payroll, insurance, benefits or health. Information provided by the individual working for PINQ2, usually by email or on attached forms
Use of digital or quantum infrastructure First name, last name, email, IP address For account creation and/or verification, to provide a service. Information provided by customers or persons using the infrastructure

3. Consent

Generally, PINQ2 collects personal information directly from the individual concerned and with his or her consent. Consent may be obtained implicitly in certain situations, for example, when the individual concerned decides to provide his or her personal information after having been informed by this Policy on the use and disclosure of the information for the purposes indicated therein.

PINQ2 may use, collect or disclose personal information without consent, only in cases provided for by law and under the conditions provided for by law. For example, PINQ2 may use information for purposes that are compatible with those announced at the time of collection. Outside of these specific situations, PINQ2 will request consent before using personal information for other purposes.

4. Communication of information to third parties

The disclosure of personal information to third parties is sometimes necessary and may be done without the consent of the person concerned, in cases provided for by law. For example, PINQ2 may disclose personal information to its service providers to whom it is necessary to disclose the information in the exercise of their mandate or the execution of their contract. These service providers may be event organizers, subcontractors or cloud service providers. It is possible that the providers to whom the personal information is disclosed are located outside Quebec.
When PINQ2 must communicate personal information to third parties, it ensures in particular that it puts in place the necessary protection measures, in particular having written contracts with them which indicate the measures they must take to ensure the confidentiality of the personal information communicated, that the use of this information is only made within the framework of the execution of the contract and that they cannot keep this information after its expiry.

5. Access and security measures

Personal information is disclosed and accessible to PINQ2 personnel who reasonably need access to it to fulfill the purposes set out in this Policy. All personal information stored on PINQ2 servers is secure and is only accessible to personnel who have the right to access it, as part of their duties.

PINQ2 implements administrative security measures (e.g. the adoption of a Information Security Policy), physical (e.g. protection of PINQ2's physical workplaces) and technical (e.g. implementation of firewalls, data encryption, use of secure passwords and two-factor authentication) measures reasonable to ensure the protection of the personal information it manages.

6. Retention and destruction of personal information

Unless a minimum retention period is required by applicable law or regulation (e.g., seven years for information related to tax purposes), PINQ2 will only retain personal information for the period necessary to fulfill the purposes for which it was collected.

Personal information used by PINQ2 to make a decision about an individual must be retained for a period of at least one year following the decision in question.

At the end of the retention period or when the personal information is no longer necessary, PINQ2 will ensure:

  • to destroy them securely; or
  • to anonymize them (i.e. they no longer allow, irreversibly, the identification of the person and it is no longer possible to establish a link between the person and the personal information) in order to use them for serious and legitimate purposes.

This section may be supplemented by any policy or procedure adopted by PINQ2 regarding the retention and destruction of personal information, where applicable.

7. Management of confidentiality incidents

A privacy incident is any access to, use of, or disclosure of personal information that is not authorized by law, as well as the loss of personal information or any other breach of its protection.

For example, a privacy incident could occur when a staff member accesses personal information without authorization or discloses personal information to the wrong recipient, or when PINQ2 is the victim of a cyberattack, such as phishing or ransomware.

In the event of such an incident, PINQ2 will act in accordance with its internal procedure in this regard and will record any incident in a register of security incidents involving personal information.

PINQ2 remains responsible for confidentiality incidents that may occur with respect to personal information that it has entrusted to third parties who are responsible for its storage. Thus, all of the obligations described in this section apply to a confidentiality incident that occurs at this third party.

8. Use of cookies (Cookies)

Cookies (Cookies in English) are data files transmitted to a website visitor's computer by their web browser when they visit the site and can have several uses.

The websites controlled by PINQ2 use cookies, including:

  • To remember visitors' settings and preferences, for example for language choice and to enable tracking of the current session.
  • For statistical purposes to understand visitor behavior, content viewed and to enable improvement of the website.

Websites controlled by PINQ2 use the following types of cookies:

  • Session cookies: These are temporary cookies that are stored in memory for the duration of the website visit only.
  • Persistent cookies: They are kept on the computer until they expire and they will be retrieved the next time you visit the site.

Some cookies may be disabled by default and visitors may choose to enable these functions or not when consulting PINQ2 websites.
It is also possible to enable and disable the use of cookies by changing the preferences in the settings of the browser used.

Some PINQ2 sites use Google Analytics to enable its continuous improvement. Google Analytics allows in particular to analyze the way in which a visitor interacts with a PINQ2 website. Google Analytics uses cookies to generate statistical reports on the behavior of visitors to these websites and the content consulted.
Information from Google Analytics will never be shared by PINQ2 with third parties.
It is possible to install a browser add-on to disable Google Analytics.

PINQ2 also collects personal information through technological means such as web forms integrated into a website controlled by PINQ2 (for example, its contact form and its newsletter subscription form), questionnaires accessible online on its platforms and applications, as well as other platforms or form tools.

9. Rights relating to personal information

An individual whose personal information has been collected by PINQ2 may exercise the following rights:

  • Right to consult the personal information that PINQ2 holds about you;
  • Right to correct, update or complete personal information;
  • Right to withdraw consent to PINQ2 using and disclosing their personal information;
  • Right to lodge a complaint regarding your personal information.

PINQ2 will process the request according to its internal processes, within 30 days, except for exceptions.

10. Roles and responsibilities of PINQ2

The person responsible for the protection of personal information at PINQ2 must, generally:

  • Ensure compliance with applicable legislation regarding the protection of personal information;
  • Develop and adopt policies, procedures and practices governing the governance of personal information, relating in particular to the management of complaints, requests for access, the retention, destruction and anonymization of personal information, the management of confidentiality incidents, etc.;
  • Implement this Policy and ensure that it is known, understood and applied.

The person responsible for the protection of personal information is appointed by the PINQ2 Management Committee. In the event of absence or inability to act, the general management of PINQ2 will assume the functions of the person responsible for the protection of personal information.

PINQ2 personnel having access to personal information or otherwise involved in its management must ensure its protection and comply with all policies and procedures relating to personal information.

11. Person responsible for the protection of personal information at PINQ2

For any request, question or complaint related to personal information or this Policy, the person responsible for the protection of personal information at PINQ2, Leslie Ning, Manager of Legal Affairs and Operations, can be contacted at the following email address:

protection.donnees@pinq2.com.

The Policy may be modified at any time at the sole discretion of PINQ2 without notice. The updated version of the Policy will apply from the date of publication. Last modified date: 2024-11-05

    Subscribe to our newsletter

    Receive the latest PINQ² information directly to your email address.


      Any questions? Contact us!

      Our team is at your disposal. Please contact us and specify your requirements: