Privacy policies
Procedure for Retention, Destruction, and Anonymization of Personal Information
-
Overview
Implementing a procedure for the retention, destruction, and anonymization of personal information is crucial to ensure the privacy protection of individuals, compliance with personal information protection laws, prevention of privacy incidents involving personal information and security breaches, maintaining customer trust, and protecting the organization's reputation.
2. Objective
The purpose of this procedure is to ensure the privacy protection of individuals and compliance with legal obligations regarding personal information protection.
3.Scope
The scope of this procedure should cover the entire lifecycle of personal information, from its collection to its destruction. It involves all employees and stakeholders engaged in the collection, processing, retention, destruction, and anonymization of personal information in accordance with legal requirements and best practices for privacy protection.
4.Definitions
Personal information: any information that can identify an individual, directly or indirectly.
Retention: secure storage of personal information for the required duration.
Destruction: permanent deletion, elimination, or erasure of personal information.
Anonymization: the process of altering personal information so that no individual can be identified directly or indirectly at any time and in an irreversible manner.
4.Procedure
4.1 Retention Period
4.1.1 Personal information has been categorized as follows:
-
Information concerning company employees,
-
Information concerning organization members,
-
Information concerning clients.
4.1.2 The retention period for each of these categories has been established as follows:
Company employees: 7 years after the end of employment. Members: varies depending on the type of personal information. Clients: varies depending on the type of personal information.
For more details, refer to the complete inventory of held personal information. Note: specific retention periods may apply.
4.2 Secure Storage Methods
4.2.1 Personal information is located in the following places: One Drive, Wix
4.2.2 The sensitivity level of each storage location has been established.
4.2.3 These storage locations, whether paper or digital, are adequately secured.
4.2.4 Access to these storage locations has been restricted to authorized personnel only.
4.3 Destruction of Personal Information
4.3.1 For paper personal information, it must be completely shredded.
4.3.2 For digital personal information, it must be completely deleted from devices (computers, phones, tablets, external hard drives), servers, and cloud tools.
4.3.3 The destruction schedule based on the established retention period for each category of personal information must be followed. It is imperative to document the planned destruction dates.
4.3.4 It is necessary to ensure that destruction is carried out in a manner that personal information cannot be recovered or reconstructed.
4.4 Anonymization of Personal Information
4.4.1 The anonymization of personal information should only be done if the organization wishes to retain and use it for serious and legitimate purposes.
4.4.2 The chosen method of personal information anonymization is as follows: will be deleted after the retention period.
4.4.3 It is necessary to ensure that the remaining information no longer allows for the direct or indirect irreversible identification of concerned individuals and to regularly assess the risk of re-identification of anonymized data by conducting tests and analyses to ensure their effectiveness.
Note: As of the date of writing this template, the anonymization of personal information for serious and legitimate purposes is not possible. A government regulation must be adopted to determine the criteria and conditions.
4.5 Employee Training and Awareness
4.5.1 It is necessary to ensure regular training for employees on the procedure for retention, destruction, and anonymization of personal information, as well as on the risks associated with privacy breaches.
4.5.2 This also includes raising staff awareness about data security best practices and the importance of adhering to established procedures.
Last update: February 1, 2024
Procedure for Access Requests to Personal Information and Handling Complaints
-
Overview
Since an individual may request access to personal information that an organization holds about them, or may also file complaints, it is important to have predefined guidelines to respond to such requests.
2.Objective
The purpose of this procedure is to ensure that all access requests are handled confidentially, promptly, and accurately, while respecting the rights of concerned individuals.
3.Scope
The scope of this procedure concerns internal actors responsible for handling access requests and complaints processing, as well as individuals wishing to access their own personal information.
4.Access Request Procedure
4.1 Submission of the Request
4.1.1 The individual wishing to access their personal information must submit a written request to the organization's personal information protection officer. The request can be sent via email or postal mail.
4.1.2 The request must clearly indicate that it is an access request to personal information and provide sufficient information to identify the individual and the information sought.
4.1.3 This information may include the name, address, and any other relevant information to reliably identify the individual making the request.
4.2 Receipt of the Request
4.2.1 Once the request is received, an acknowledgment of receipt is sent to the individual to confirm that their request has been taken into account.
4.2.2 The request must be processed within thirty (30) days of its receipt.
4.3 Identity Verification
4.3.1 Before processing the request, the individual's identity must be verified in a reasonable manner. This can be done by requesting additional information or by verifying the individual's identity in person.
4.3.2 If the identity cannot be satisfactorily verified, the organization may refuse to disclose the requested personal information.
4.4 Response to Incomplete or Excessive Requests
4.4.1 If an access request to personal information is incomplete or excessive, the personal information protection officer communicates with the individual to request additional information or clarifications.
4.4.2 The organization reserves the right to refuse a request if it is manifestly abusive, excessive, or unjustified.
4.5 Processing the Request
4.5.1 Once the identity is verified, the personal information protection officer responsible for processing access requests to personal information proceeds to collect the requested information.
4.5.2 The officer consults relevant records to collect the requested personal information, ensuring compliance with any legal restrictions.
4.6 Review of Information
4.6.1 Before disclosing personal information to the individual, the officer carefully reviews the information to ensure it does not contain confidential third-party information or information that could infringe on other rights.
4.6.2 If third-party information is present, the officer assesses whether it can be separated or if it must be excluded from disclosure.
4.7 Communication of Information
4.7.1 Once the checks are completed, personal information is communicated to the individual within a reasonable time frame, in accordance with applicable legal requirements.
4.7.2 Personal information may be communicated to the individual electronically, via secure postal mail, or in person, depending on the individual's preferences and appropriate security measures.
4.8 Follow-up and Documentation
4.8.1 All steps of the access request processing procedure must be accurately and completely recorded.
4.8.2 Details of the request, actions taken, decisions made, and corresponding dates must be recorded in an access request tracking register.
-
Date of request receipt;
-
Date of acknowledgment of receipt;
-
Date of identity verification;
-
Method of identity verification;
-
Decision – access request accepted or refused;
-
Date of information communication (if applicable).
4.9 Privacy Protection
4.9.1 All personnel involved in processing access requests to personal information must respect confidentiality and data protection.
4.10 Complaints and Appeals Management
4.10.1 If an individual is dissatisfied with the response to their access request to personal information, they must be informed of the complaint procedures and available appeals before the Access to Information Commission.
4.10.2 Complaints must be handled in accordance with internal policies and procedures for complaint management (following section).
5.Complaint Handling Procedure
5.1 Receipt of Complaints
5.1.1 Complaints may be filed in writing, by phone, by email, or via any other official communication channel. They must be recorded in a centralized register, accessible only to designated personnel.
5.1.2 The employee must immediately inform the complaints officer of the receipt.
5.2 Preliminary Assessment
5.2.1 The designated officer reviews each complaint to assess its relevance and severity.
5.2.2 Frivolous, defamatory, or baseless complaints may be rejected. However, justification must be provided to the complainant.
5.3 Investigation and Analysis
5.3.1 The officer in charge of the complaint conducts an investigation by collecting evidence, interviewing concerned parties, and gathering all relevant documents.
5.3.2 The officer must be impartial and have the necessary authority to resolve the complaint.
5.3.3 The officer must maintain the confidentiality of information related to the complaint and ensure that all involved parties are treated fairly.
5.4 Complaint Resolution
5.4.1 The complaint officer proposes appropriate solutions to resolve the complaint as soon as possible.
5.4.2 Solutions may include corrective measures, financial compensation, or any other action necessary to satisfactorily resolve the complaint.
5.5 Communication with the Complainant
5.5.1 The complaint officer regularly communicates with the complainant to keep them informed of the investigation's progress and the complaint's resolution.
5.5.2 All communications must be professional, empathetic, and respectful.
5.6 Complaint Closure
5.6.1 Once the complaint is resolved, the complaint officer must provide a written response to the complainant, summarizing the actions taken and solutions proposed.
5.6.2 All information and documents related to the complaint must be kept in a confidential file.
Last update: February 1, 2024
Procedure for De-indexing and Deletion of Personal Information
-
Overview
This procedure aims to address concerns and privacy protection of our clients' personal information.
2.Objective
The purpose of this procedure is to provide a structured mechanism to manage requests for de-indexing and deletion of personal information from our clients.
3.Scope
This procedure applies to our internal team responsible for managing requests for de-indexing and deletion of personal information. It covers all information published on our online platforms, including our website, mobile apps, databases, or any other digital medium used by our clients.
4.Definitions
Deletion of personal information: action of completely erasing data, making it unavailable and irrecoverable.
De-indexing of personal information: removal of information from search engines, making it less visible, but still directly accessible.
Deletion permanently eliminates data, while de-indexing limits its online visibility.
5.Procedure
5.1 Receipt of Requests
5.1.1 Requests for de-indexing and deletion of personal information must be received by the designated responsible team.
5.1.2 Clients may submit their requests through specific channels such as the online form, dedicated email address, or phone number.
5.2 Identity Verification
5.2.1 Before processing the request, the individual's identity must be reasonably verified.
5.2.2 This can be done by requesting additional information or by verifying the individual's identity in person.
5.2.3 If the identity cannot be satisfactorily verified, the organization may refuse to proceed with the request.
5.3 Evaluation of Requests
5.3.1 The responsible team must carefully review the requests and concerned personal information to determine their eligibility for de-indexing or deletion.
5.3.2 Requests must be processed confidentially and within the prescribed deadlines.
5.4 Reasons for Refusal
5.4.1 There are also perfectly valid reasons why we might refuse to delete or de-index personal information:
-
To continue providing goods and services to the client;
-
For employment law requirements;
-
For legal reasons in case of litigation.
5.5 De-indexing or Deletion of Personal Information
5.5.1 The responsible team must take the necessary steps to de-index or delete personal information in accordance with eligible requests.
5.6 Communication of Follow-up
5.6.1 The responsible team is tasked with communicating with applicants throughout the process, providing acknowledgment of receipt confirmations and regular updates on the progress of their request.
5.6.2 Any delays or issues encountered during the processing of requests must be communicated to applicants with clear explanations.
5.7 Follow-up and Documentation
5.7.1 All requests for de-indexing and deletion of personal information, as well as actions taken to respond to them, must be recorded in a dedicated tracking system.
5.7.2 Records must include details of the requests, actions taken, dates, and outcomes of the actions performed.
Last update: February 1, 2024
Procedure for Managing Security Incidents and Personal Information Breaches
-
Overview
An intervention plan is essential for effectively managing cyber incidents. In these moments of crisis, it is not always clear how to act and prioritize actions. An intervention plan helps reduce the stress of forgetting important aspects.
2.Objective
The purpose of this procedure is to ensure that the organization is prepared to respond to cyber incidents in a way that allows it to quickly resume its activities.
3.Scope
The scope of this procedure includes all networks and systems, as well as stakeholders (clients, partners, employees, subcontractors, suppliers) who access these systems.
4.Recognizing a Cyber Incident
A cybersecurity incident may not be recognized or detected immediately. However, certain indicators can be signs of a security breach, that a system has been compromised, unauthorized activity, etc. It is always important to be on the lookout for any sign indicating that a security incident has occurred or is ongoing.
Some of these indicators are described below:
-
Excessive or unusual connection and system activity, especially from any inactive user account.
-
Excessive or unusual remote access within your organization. This may concern staff or third-party suppliers.
-
The appearance of any new wireless network (Wi-Fi) visible or accessible.
-
Unusual activity related to the presence of malware, suspicious files, or new or unapproved executable files and programs.
-
Lost, stolen, or misplaced computers or devices containing payment card data, personal information, or other sensitive data.
5.Contact Details
Company: École Purusha
Responsible: Cécile Hontoy
Address: 8 rue Mill, Howick (Québec) J0S 1G0
Email: info@ecolepuruha,com
Phone: 450-601-4169
Website section: www.ecolepurusha.com/
6.Personal Information Protection Breach – Specific Intervention
If it has been confirmed that a security incident related to a personal information protection breach has occurred, the following steps should be taken:
-
Complete the confidentiality incident register to document the incident.
-
Review the personal information protection breach to determine if personal information has been lost due to unauthorized access or use, unauthorized disclosure, or any breach of personal information protection and if there is a serious risk of harm to the concerned individuals.
-
In such a case, report it to the Access to Information Commission in Quebec.
-
And, also report it to the individuals whose personal information is involved in the incident.
7.Ransomware – Specific Intervention
If it has been confirmed that a security incident involving ransomware has occurred, the following steps should be taken:
-
Immediately disconnect from the network the devices targeted by ransomware.
-
DO NOT DELETE anything on your devices (computers, servers, etc.).
-
Examine the ransomware and determine how it infected the device. This will help you understand how to eliminate it.
-
Communicate with local authorities to report the incident and cooperate with the investigation.
-
Once the ransomware is removed, a complete system analysis must be performed using the latest available antivirus, anti-malware, and other security software to confirm that it has been removed from the device.
-
If the ransomware cannot be removed from the device (often the case with stealthy malware), the device must be reset using the original installation media or images.
-
Before proceeding with the reset from backup media/images, verify that they are not infected by malware.
-
If the data is critical and must be restored, but cannot be recovered from unaffected backups, seek available decryption tools on nomoreransom.org.
-
The policy is not to pay the ransom, subject to the issues involved. It is also strongly recommended to seek the services of an expert project manager in cyberattacks (breach coach).
-
Protect systems to prevent any new infection by implementing patches or fixes to prevent any new attack.
8.Account Hacking – Specific Intervention
If it has been confirmed that an account hacking has occurred, the following steps should be taken:
-
Notify our clients and suppliers that they might receive fraudulent emails from us, specifying not to respond or click on the links in these emails.
-
Verify if access to the online account is still possible.
-
If not, communicate with the platform's support to attempt to recover access.
-
Change the password used to log in to the platform.
-
If the password is reused elsewhere, also change all these passwords.
-
Enable two-factor authentication for the platform.
-
Remove illegitimate connections and devices from the login history.
9.Loss or Theft of a Device – Specific Intervention
If it has been confirmed that a loss of equipment has occurred, the following steps should be taken:
-
The theft or loss of property, such as a computer, laptop, or mobile device, must be immediately reported to local police authorities. This includes losses/thefts outside normal business hours and on weekends.
-
If the lost or stolen device contained sensitive data and is not encrypted, conduct a sensitivity analysis of the type and volume of stolen data, including potentially affected payment card numbers.
-
Where possible, lock/disable lost or stolen mobile devices (e.g., smartphones, tablets, laptops, etc.) and proceed with remote data wiping.
Last update: February 1, 2024
Legislation We commit to respecting the legislative provisions set out in: Québec
Modifications LOI 25
This privacy policy may be modified occasionally to maintain compliance with the law and to account for any changes to our data collection process. We recommend our users check our policy from time to time to ensure they are informed of any updates. If necessary, we may inform users by email of changes made to this policy.
Update: February 2024