CUSTOMER DATA PRIVACY POLICY

As a commercial enterprise specializing in the provision of services and/or the sale of products in the agricultural sector, the collection, use and sharing of information are central aspects of our day-to-day operations. Whether we promote our products, manage transactions or communicate with our customers, the confidentiality and security of personal data remain our priority. Our commitment is to maintain the highest ethical standards by treating your personal data with the utmost care and respect.

Our Customer Data Privacy Policy aims to clarify our methods of collecting, using, disclosing and retaining the personal information you entrust to us. By interacting with our company, whether online via our website, attending our events, or contacting us by e-mail, directly in-store or by telephone, you agree to your personal data being processed under the guidelines described in this Privacy Policy. 

You also authorize our company, as well as our partners and service providers, to use your personal data for the purposes explained.

Please note that our Customer Data Privacy Policy does not apply to third-party websites that may be linked to ours. We are not responsible for the privacy practices of these external sites. We advise you to read their privacy policies before submitting your personal data to them.

 

CUSTOMER DATA COLLECTION: NATURE AND USE

As a company focused on providing services and selling products, we attach the utmost importance to transparency and responsibility in managing our customers’ personal data. We are committed to collecting only the information necessary to improve our services and optimize the customer experience. Here are the categories of data we may collect:

  • Contact information: We record information such as names, postal and e-mail addresses, dates of birth, and telephone numbers to facilitate communication and customer relationship management.
  • Transaction history: Details relating to purchases, invoices, and financial information, such as payment methods or bank accounts, which enable us to process transactions.
  • Consent: We document consent for the processing of your data where required.
  • Services provided: We keep details of the services you have used to monitor quality and offer personalized improvements.
  • Marketing preferences: Your communication choices, as well as your feedback via surveys, help us personalize our services.
  • Professional and biographical information: Job title, employer, career path, and multimedia content associated with your profile.
  • Career paths and professional networks: This information helps us to understand your specific needs and guide our service offering.
  • Website usage: We analyze how you interact with our online content to improve our platforms.
  • Recruitment: If you apply for a job with us, we will process your application data exclusively for this purpose.
  • Sensitive information: Following your express consent, we only process special categories of sensitive personal data where relevant and with appropriate safeguards.
  • Other personal data: Any additional information you choose to share with us.

We do not knowingly collect personal information from individuals under the age of 14. If you are a minor, your data should only be provided to us with the consent of a parent or legal guardian. Suppose we discover that such data has been collected without the appropriate consent. In that case, we will take the necessary steps to remove it from our systems.

 

HOW DO WE ACQUIRE YOUR PERSONAL DATA?

Our company acquires your personal data mainly from you and through various contact points we share. Data is collected in the following situations:

  • During the process of registering or subscribing to our services or newsletters;
  • When you participate in our promotions, contests or special events;
  • When you make a purchase or enter into a commercial transaction with our company;
  • If you take part in our loyalty program or in surveys designed to improve our offers,
  • During the provision of our services, whether by telephone, in-store, online or through our after-sales service;
  • When you contact us directly, whether by e-mail, telephone, through social media, via our website or any other electronic means.

We also collect publicly available or published data on online platforms, including those on our website.

 

USE OF YOUR PERSONAL INFORMATION

Here are the various ways in which we may use your personal information, always with your consent or on an appropriate legal basis, specifying in each case the purposes of such use:

  • To deliver and optimize our services, manage our business operations, honour our contractual commitments, and ensure the performance of our services under the agreements made with you.
  • To ensure payment for our services, including using collection agencies or legal action to recover sums due.
  • To comply with our legal and regulatory obligations and risk management policies.
  • For marketing and business development purposes, particularly to inform you about our new services and developments within our company and in our sector, and to invite you to seminars and events if you have opted to receive such communications.
  • To prevent fraud and perform other compliance checks, as required by applicable law or regulation, or according to best practices – false or inaccurate information or actual or suspected cases of fraud may be shared with fraud prevention agencies and may be recorded by us or such entities.
  • To enhance your user experience on our digital platforms, ensure content relevance, and optimally tailor our website presentation for you and your device.
  • For research and development purposes, including security, to conduct analyses to understand our customers’ needs better and refine our service and marketing offers.
  • For recruitment, to process applications and assess the suitability of applicants for the profiles sought within our company.
  • To enforce our rights, meet our legal or regulatory disclosure obligations, or protect the rights of third parties.
  • In the event of a reorganization of our business, such as a merger or divestiture, your personal information may be shared with a third party (or its advisors) as part of a due diligence review or transferred to the new entity or third party to pursue the objectives set out in this privacy policy, or to analyze any proposed reorganization. We will take all necessary measures to ensure the protection and security of your personal information in such a context.

We undertake to use your personal information only for the legitimate purposes for which it was collected or for purposes compatible with those purposes under the expectations of Law 25 and our privacy policy.

 

SHARING PERSONAL INFORMATION: FRAMEWORK AND GOVERNANCE

Our company is committed to managing personal information with the utmost diligence. We share such information only within the strict framework of our operations and with selected parties, as follows:

Partners and Affiliates: Your data may be transmitted to partner entities solely to provide the services requested, subject to your explicit consent and in compliance with their initial purpose.

External service providers: We use third-party suppliers for various operational services (e.g. customer relationship management, data analysis, IT support). Access to your data is strictly limited to what is necessary for the performance of their tasks, and they are contractually bound to respect the confidentiality of your information.

Legal Authorities: Per current legislation, we may be required to disclose personal information to competent authorities or meet legal obligations such as judicial requests.

Corporate transactions: In the event of a restructuring, merger, sale or other transfer of assets, personal data may be among the elements transferred while respecting users’ privacy rights.

Our company also uses third-party platforms to deliver content and promotional offers. These platforms may use cookies or similar technologies to collect information about your browsing behaviour to offer you advertising tailored to your interests. You have complete control over these cookies and can manage them through your browser settings. For detailed information on our use of cookies, please consult our dedicated Policy (Mettre liens).

 

RETENTION PERIOD FOR PERSONAL DATA

Our company is firmly committed to not retaining personal data beyond the period necessary to fulfil the purposes set out in our privacy policy or as required by current legislation. The criteria we apply to determine retention periods include:

  • The duration of our business relationship with you, including any service or warranty requests.
  • The existence of a legal obligation to which we are subject, such as tax record-keeping requirements or other regulatory directives that dictate data retention for a certain period.
  • If retention is advisable for our legal position, such as to comply with limitation periods applicable to legal actions or for internal and external audits.

Once personal data is no longer required for the purposes for which it was collected or otherwise processed by the law, it will either be deleted or securely anonymized. If you would like more information about the specific period for which your personal data will be retained or the criteria used to determine this period, please do not hesitate to contact us via the details provided in the “How to contact us” section of this policy.

We assure you that your personal data is managed with the utmost care and constantly aligned with legal obligations and best privacy protection practices.

 

LOCALIZATION AND PERSONAL DATA MANAGEMENT

Our company applies rigorous methods to the storage of personal data. Here’s how we do it:

Data storage and security :

Personal data is stored either in our secure on-site databases or with external data storage service providers with whom we have strict confidentiality agreements. This data resides in access-controlled environments and is protected by industry-standard security protocols.

Physical location :

Our main servers are located in a secure data center in Quebec. To ensure data redundancy and availability, we may also use backup servers located in other provinces or countries while respecting the requirements of Bill 25 on protecting personal information.

International Transfers :

In cases where personal data is transferred outside Quebec, we undertake a Privacy Impact Assessment (PIA) to ensure that the level of protection offered complies with our high standards of confidentiality and the legal requirements of Quebec. We will take all necessary steps to ensure your data is managed securely and under our privacy policy.

We are transparent about our data management practices and remain at your disposal should you have any questions or concerns about where your personal data is stored or the safeguards we apply. For more information, please contact us using the details in our contact section.

 

SECURING PERSONAL INFORMATION

At our company, protecting your personal information is a top priority. Here are the strategies we implement:

Safety measures applied :

We employ recognized and proven security standards to safeguard the personal information entrusted to us. These measures include physical and electronic security protocols to protect information against destruction, loss, alteration, disclosure, unauthorized access or processing.

Incident Prevention and Management :

Strict procedures are in place to prevent any breach of information security. Our staff are trained to recognize and respond effectively to any data security breach. In the event of a security incident, we are committed to reacting promptly to minimize any potential impact and notifying the parties concerned, per our legal obligations.

Limited access :

Access to personal information is strictly limited to personnel whose duties require such information. Strict access controls are implemented to prevent any unauthorized access or sharing of data.

Insurance and Risk Management :

While no security system is infallible, we are committed to implementing and maintaining precautionary measures to ensure the security of your personal information. Suppose we identify a security breach affecting your information. In that case, we will inform you without delay and take all necessary corrective measures.

We are committed to maintaining the trust you place in us by protecting your personal information. If you have any questions or concerns about the security of your information, please contact us using the means provided in our contact section.

 

INDIVIDUAL PREROGATIVES RELATING TO PERSONAL DATA

Each individual has specific prerogatives under current regulations on the protection of personal data, which may include:

  • Right of verification: the right to verify the existence of processing of one’s personal data and to obtain access to it. Under legal provisions, and possibly against payment of a small fee, it is possible to request a copy of the personal information held and other relevant details.
  • Right to accuracy: the company’s obligation to ensure that its information is accurate, complete and up-to-date to avoid any erroneous or obsolete information.
  • Right of rectification: the possibility of requesting the correction of erroneous or incomplete personal data.
  • Right to de-index : the right to demand that the dissemination of personal data, or the deletion of hyperlinks associated with their name, cease if such dissemination causes damage or is unlawful.
  • Right to anonymization: the possibility of requesting that personal data be transformed into anonymous data to be used only for legitimate and serious purposes, such as keeping documents for possible tax audits.
  • Right to information on automated decisions: to be informed in the event of a decision taken on the basis of an automated process.
  • Right to information and control over tracking technologies: to be informed about the use of tracking or profiling technologies and the options available to control or deactivate them.

In addition, it is permissible to submit a complaint to the relevant data protection regulatory authority, whether in the jurisdiction where the person resides, where the company is located, or where a breach of data protection laws is alleged to have occurred (in Quebec, this is the Commission d’accès à l’information).

To activate these rights, please contact us using the means specified in the “How to contact us” section.

 

USE OF COOKIES AND SIMILAR TECHNOLOGIES

Our company uses cookies and similar technologies to enhance your online experience and understand how you use our website. These technologies enable us to personalize our services, ensure the security of our platform, measure the effectiveness of our advertising campaigns, and perform aggregate analyses of traffic on our site.

For an in-depth understanding of the different types of cookies we use, including their purpose, how long they remain active on your device, and how to manage them, we invite you to consult our Cookie Policy. This policy is integrated with our Privacy Policy.

 

COMMUNICATION WITH OUR COMPANY

If you have any questions, comments or complaints about our Privacy Policy, or wish to exercise your rights concerning your personal data, our Privacy Officer is at your disposal. To submit a complaint or request information on how we manage data with our partners, you can reach him at the following contact details:

Name: Karri Munn-Venn

Company: Fermes Leystone Farms, Inc.

Address: 1965 RTE 148, Luskville, QC J0X2G0

Telephone: 613-408-4626

E-mail: karri@leystonefarms.com

 

UPDATE TO OUR PRIVACY POLICY

We reserve the right to change our Privacy Policy. Changes may occur in response to evolving practices, service offerings or legal requirements. We encourage you to review these policies regularly whenever you visit our website to stay informed about how we are protecting your personal information.

The current version of our policy was revised on September 1, 2023.