Confidentiality Policy and Protection of Personal Information

The information contained on this site, although legal in nature, does not constitute legal advice.

General Information

Privacy protection is important to Bâtisso (hereinafter referred to as "Entity", "We", "Our"). For this reason, we have implemented protective measures and sound management practices for your personal information in accordance with applicable laws in Quebec and Canada.

This privacy policy (the "Policy") describes our practices regarding the collection, use, processing, disclosure, and retention of personal information of our clients, visitors, and users.

By using our website www.batisso.com (the "Website") or any of our services, you agree that we may collect, use, process, disclose, and retain your personal information in accordance with the terms described herein. If you do not agree to comply with and be bound by this Policy, you are not authorized to visit, access, or use our Website or services, nor to share your personal information with us.

This Policy does not apply to the personal information of employees, representatives, and consultants of the Entity, or to any other person affiliated with the Entity, as well as to any information that does not constitute personal information as defined by applicable laws in Quebec and Canada.

Personal Information Protection Officer

Questions, comments, and complaints regarding the Policy and the Entity's privacy practices can be addressed to our Personal Information Protection Officer at the following contact details:

  • Phone: 1 833 360 3067
  • Email: info@batisso.com
  • Address: 1570 Rue Ampère #502, Boucherville, Quebec J4B 7L4

Definitions

The following words and expressions, when they appear with a capitalized first letter in the Policy, have the meanings assigned to them below, unless otherwise implied or explicitly stated in the text:

  • Service Provider: Any natural or legal person who processes personal information on behalf of the Entity. These are third-party companies or individuals employed by the Entity to facilitate services, provide services on behalf of the Entity, perform services related to the services, or assist the Entity in analyzing the use of the services.
  • Personal Information: Any information that relates to a natural person and allows them to be identified, i.e., that reveals directly or indirectly something about the identity, characteristics (e.g., abilities, preferences, psychological tendencies, predispositions, mental abilities, character, and behavior of the person concerned), or activities of that person, regardless of the nature of the medium and the form in which that information is accessible (written, graphic, sound, visual, computerized, or otherwise).
  • Personal Information Protection Officer: The person responsible for applying this Policy and whose contact details are identified in section 1 of this Policy.
  • Services: Services refer to the website and our pages on social networks.

Processing of Personal Information

1. Collection of Personal Information

As part of our activities, we may process different types of personal information, including the information listed below:

  • Contact details, such as your first and last name, email address, and phone number;
  • Information related to products or services, such as information about the services we have provided to you;
  • Information related to transactions and payments, such as the payment method used, date and time, payment amount, billing postal code, address, and other related information;
  • Information you choose to provide or transmit to us, for example, when you make a reservation at our premises, by phone, or on our Website, fill out a form, respond to surveys, apply for one of our job offers, or communicate with one of our employees or representatives;
  • Information collected automatically when using the Website and our services.

In each case, this personal information is processed in accordance with the legitimate and necessary purposes listed in the article below.

2. Use of Personal Information

We may use your personal information for the legitimate purposes described below:

  • To operate, maintain, supervise, develop, improve, and offer all the functionalities of our Website;
  • To allow you to apply for job offers;
  • To allow you to acquire our services and carry out transactions related to our services;
  • To fulfill our contractual obligations to you;
  • To develop, improve, and offer new services;
  • To send you messages, updates, security alerts;
  • For any other purpose permitted or required by law.

3. Disclosure of Personal Information

We may disclose your personal information to our employees (notably the marketing and sales departments), contractors, consultants, agents, service providers, and other trusted third parties (collectively, the "Service Providers"), who need this information to help us operate our Website, carry out our business activities, or serve you, provided that these Service Providers have previously agreed in writing to ensure the confidentiality of your personal information in accordance with applicable laws and our information governance program.

We do not sell, trade, or otherwise disclose your personal information to third parties.

4. Service Providers and Other Third Parties

Although we strive to avoid disclosing your personal information to third parties, we may use Service Providers to perform various services on our behalf, such as IT management and security, marketing, as well as data analysis, hosting, and storage. We have defined below the cases in which such sharing may occur:

  • We use Moneris services to carry out commercial transactions on our services. Consult their privacy policy;
  • We use JurisWeb services. Consult their privacy policy;
  • We use Google Analytics to analyze Website traffic, establish statistics, and communicate with clients and prospects. Consult their privacy policy (available in English only);
  • We use MailChimp services. Consult their privacy policy;
  • We use Applauz services as employee recognition software. Consult their privacy policy;
  • We use Sharepoint services to store certain documents and closed files. Consult their privacy policy;
  • We use Google Ads to analyze the audience of our services, establish statistics, and communicate with clients and prospects. Consult their privacy policy;
  • We use ADP services for managing our employees' records. Consult their privacy policy;
  • We use the services of Jobilico, Indeed, Emploi Québec, and Université Laval to recruit our employees. Consult their respective privacy policies here, here, and here;
  • We use the services of the social networks Facebook and Instagram of the Meta group to communicate about our services and products. Consult their privacy policy;
  • We use LinkedIn services to communicate about our services and products. Consult their privacy policy;
  • We use YouTube to present our products and services. Consult Google’s privacy policy;
  • We use Facebook services to communicate about our activities and present our products and services. Consult Meta’s privacy policy.

Before disclosing your personal information to Service Providers outside the province of Quebec or depending on the nature of the personal information disclosed, we conduct a privacy impact assessment. When we disclose your personal information to Service Providers, we enter into written contracts with them before your personal information is disclosed, and we only provide the personal information necessary for them to fulfill their mandate. In the context of these contracts with our Service Providers, we commit to ensuring that the principles outlined in this Policy are respected, and these Service Providers are required to use personal information confidentially, following our instructions, and only for the purposes for which they were provided. We provide sufficient guarantees regarding the implementation of appropriate protective measures proportional to the sensitivity of the personal information processed or disclosed. When our Service Providers no longer need your personal information, we ask them to destroy this data appropriately.

Compliance with Legislation, Response to Legal Requests, Prevention of Harm, and Protection of Our Rights

We may disclose your personal information when we believe such disclosure is authorized, necessary, or appropriate, including:

  • To respond to requests from public and government authorities, including public and government authorities outside your country of residence;
  • To protect our activities;
  • To comply with legal procedures;
  • To protect our rights, privacy, security, our property, yours, or those of third parties;
  • To allow us to pursue available remedies or limit damages that we may incur;
  • In accordance with applicable laws, including laws outside your country of residence.

5. Business Transaction

We may share, transfer, or disclose your personal information in strict compliance with this Policy and the provisions of the Act Respecting the Protection of Personal Information in the Private Sector, RLRQ c P-39.1 (the "Private Sector Act"), and the Act to Modernize Legislative Provisions as Regards the Protection of Personal Information, LQ 2021, c 25 (the "Act 25," sanctioned on September 22, 2021), in the event of a sale, transfer, or assignment, in whole or in part, of the Entity or our assets (for example, following a merger, consolidation, change of control, reorganization, bankruptcy, liquidation, or any other business transaction, including during the negotiation of such transactions). In such a case, we will inform you before your personal information is transferred and governed by another privacy policy.

6. Consent to Personal Information

Where possible, the Entity obtains the consent of the person concerned directly to collect, use, and disclose their personal information. However, if you provide us with personal information about other people, you must ensure that you have duly informed them that you are providing their information to us in addition to having obtained their consent to such disclosure.

We will seek your explicit, manifest, free, and informed consent, given for specific purposes, before using or disclosing your personal information for purposes other than those stated herein. We will also seek your explicit consent whenever sensitive personal information is involved in any of the Entity's processing activities. We will request your consent for each specific purpose in simple and clear terms, distinctly from any other information provided to you.

BY USING OUR WEBSITES, BY TRANSMITTING YOUR PERSONAL INFORMATION BY EMAIL, YOU CONSENT TO THIS PRIVACY POLICY AND THE COLLECTION AND PROCESSING OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THE PRIVACY POLICY.

If you do not consent, please stop using the websites. Unless otherwise required by law, you can withdraw your consent at any time, by giving reasonable notice. Please note that if you choose to withdraw your consent to the collection, use, or disclosure of your personal information, certain features of our Website may no longer be accessible to you, or we may no longer be able to offer you some of our services.

7. Retention of Personal Information

Subject to applicable laws, we retain your personal information only for the time necessary to fulfill the purposes for which this information was collected unless you consent to your personal information being used or processed for another purpose. For example, the duration of certain information may extend up to 10 years after the end of services provided by the Entity to you. Additionally, our retention periods may be modified over time due to legitimate interests (e.g., to ensure the security of personal information, to prevent abuse and violations, or to prosecute criminals).

For more information on the periods during which your personal information is retained, please contact our Personal Information Protection Officer using the contact details provided in article 1b) of this Policy.

8. Your Rights

As a data subject, you can exercise the rights listed below by writing to our Personal Information Protection Officer using the contact details provided in article 1b) of the Policy. Please note that we may ask you to verify your identity before responding to any of these requests.

  • You have the right to be informed about the personal information we hold about you, its use, disclosure, retention, and destruction, subject to exceptions provided by applicable law;
  • You have the right to access your personal information, request a copy, including paper copies of documents containing your personal information, subject to exceptions provided by applicable law, and obtain, where applicable, additional details on how we use, disclose, retain, and destroy it;
  • You have the right to rectify, modify, and update the personal information we hold about you if it is incomplete, ambiguous, outdated, or inaccurate;
  • You have the right to withdraw or modify your consent for the Entity to collect, use, disclose, or retain your personal information at any time, subject to applicable legal and contractual restrictions;
  • You have the right to ask us to stop disclosing your personal information and to deindex any link associated with your name that gives access to this information if this disclosure violates the law or a court order;
  • You have the right to request that your personal information be disclosed to you or transferred to another organization in a structured and commonly used technological format;
  • You have the right to be informed of a privacy incident involving your personal information that may cause you serious harm. We keep a record of all privacy incidents and assess the harm they may cause;
  • You have the right to file a complaint with the Commission d'accès à l'information, subject to the conditions provided by applicable law.

To respond to your request, you may be asked to provide appropriate identification or otherwise identify yourself.

9. Cookies and Other Tracking Technologies

We do not use cookies and other similar technologies (collectively, "Cookies") to help us operate, protect, and optimize the Website and the services we offer. Cookies are small text files that are stored on your device or browser. They allow us to collect certain information during your visit to the website, such as your preferred language, the type and version of your browser, the type of device you use, and your device's unique identifier.

If some of the Cookies we use are deleted after your browser session ends, other Cookies are retained on your device or browser to allow us to recognize your browser during your next visit to the website. The data collected through these Cookies is not intended to identify you. They are mainly used to ensure the functioning of the website, improve the user browsing experience, and provide certain data that helps us better understand the traffic and interactions on our website and detect certain types of fraud. Cookies do not damage your device and cannot be used to extract your personal information.

You can configure your browser to be informed of the placement of Cookies during your visit to the website so that you can decide, in each case, whether to accept or refuse the use of some or all Cookies. Please note that disabling Cookies on your browser could impair your browsing experience on the website and prevent you from using some of its features.

For more information on how we use Cookies, you can consult our "Cookie Policy."

10. Security Measures

The Entity has implemented physical, technological, and organizational security measures to adequately protect the confidentiality and security of your personal information against loss, theft, unauthorized access, disclosure, reproduction, communication, use, or modification. These measures include:

  • On an administrative level, the adoption of a series of policies and procedures within the framework of our information governance program, including:

  • Regulating access, communication, retention, depersonalization, including anonymization, and/or, where applicable, the destruction of personal information;

  • Defining the roles and responsibilities of our employees throughout the entire life cycle of personal information and documents;

  • Establishing intervention and response procedures in the event of a privacy incident;

  • Regulating the process for requests and complaints related to the protection and processing of personal information.

  • On a technical level, the use of several methods such as:

  • The use of backup systems, network monitoring software, etc.;

  • The use of encryption systems, task separation, access controls, and internal audits.

We have not exhaustively listed all the measures we have implemented due to the public nature of this Policy.

Despite the measures described above, we cannot guarantee the absolute security of your personal information. If you have reasons to believe that your personal information is no longer protected, please contact our Personal Information Protection Officer immediately using the contact details provided in article 1b) above.

11. Modification of this Privacy Policy

We reserve the right to modify this Policy at any time in accordance with applicable law. In the event of a modification, we will publish the revised version of the Privacy Policy and update the "last updated" date at the footer of the document. We will also notify you by email at least thirty (30) days before the new version of our Policy takes effect. If you do not agree with the new terms of the Privacy Policy, we invite you to stop using our Website and services. If you continue to use our Website or services after the new version of our Policy takes effect, your use of our Website and services will then be governed by this new version of the Policy.

12. Links to Third-Party Websites

Occasionally, we may include references or links on our Website to our Facebook page, websites, products, or services provided by third parties ("Third-Party Services"). These Third-Party Services, which are not operated or controlled by the Entity, are governed by privacy policies entirely distinct and independent from ours. We therefore assume no responsibility for the content and activities of these sites. This Policy applies solely to the Website and services we offer. The Policy does not extend to Third-Party Services like our Facebook and YouTube pages.

13. Invisible ReCAPTCHA

Invisible reCAPTCHA analyzes activity on a web page function (e.g., mouse movements and keystroke patterns) to determine whether a user is a robot.

The invisible reCAPTCHA service may collect information from your device. The information collected by reCAPTCHA is retained in accordance with its privacy policy.

14. Information About Your Privacy Rights Under the General Data Protection Regulation (GDPR)

For the purposes of this privacy policy, we act as the controller of your personal information. If you are from the European Economic Area (EEA), our legal basis for collecting and using your personal information, as described in this privacy policy, depends on the information we collect and the specific context in which we collect it. We may process your personal data because:

  • We need to perform a contract with you, such as when you use our service;
  • You have given us permission to do so;
  • The processing is in our legitimate interests, and it does not override your rights;
  • To comply with the law.

If you reside in the European Economic Area (EEA), you have certain rights to protect your personal information. In certain circumstances, you have the following data protection rights:

  • The right to access, update, or delete the personal data we have about you;
  • The right to rectification;
  • The right to object;
  • The right to restriction;
  • The right to data portability;
  • The right to withdraw your consent.

Please note that we may ask you to verify your identity before responding to these requests.

You have the right to complain to a Data Protection Authority about our collection and use of your personal information. For more information, please contact your local data protection authority in the European Economic Area (EEA).

15. Payment Details

Regarding the credit card details or other payment information you have provided to us, we are committed to ensuring that this confidential information is stored in the most secure manner possible.

16. Individuals Under the Age of 14

We do not knowingly collect or use personal information from individuals under the age of 14. If you are under 14, you must not provide us with your personal information without the consent of your parents or guardian. If you are a parent or guardian and learn that your child has provided us with personal information without consent, please contact us using the contact details provided in article 1b) above to request that we delete this child's personal information from our systems.

17. Applicable Laws

The laws of Canada and Quebec, excluding its conflict of law rules, govern this agreement and your use of the Website. Your use of the Website may also be subject to other local, provincial, national, or international laws.