Privacy Policy
Personal Information Protection.
Policy Objectives
Spartakus Technologies places great importance on privacy and is committed to protecting the confidentiality of personal information entrusted to it by employees and customers. This commitment extends to information retained by the company or by a third party.
This document aims to inform you of the practices adopted by Spartakus Technologies regarding personal information and seeks to clarify our policies and procedures related to the collection, use, and disclosure of personal data. This policy applies to all personal information collected by Spartakus Technologies, regardless of the channel through which it is collected. The collection, use, communication, and preservation of your personal information are subject to the Act Respecting the Protection of Personal Information in the Private Sector (CQLR, c. P-39.1).
1. Information definitions
A sensitive personal detail is information where there is a high degree of reasonable expectation of privacy, e.g., health information, banking details, biometric data, sexual orientation, ethnic origin, political opinions, religious or philosophical beliefs, etc. See Appendix 1 for a non-exhaustive list of the types of information collected by Spartakus Technologies.
Generally, a person’s professional or business contact details do not constitute personal information, such as the name, title, address, email address, or phone number at a person’s work. Specifically, and for precision, under the Act Respecting the Protection of Personal Information in the Private Sector of Quebec, and from September 22, 2023, sections 3 (Determination of Collection Purposes), 5 (Collection Limitations), 6 (Limitation of Use, Communication, and Retention), 8 (Security Measures) do not apply to information about a person’s role in a company, such as their name, title, function, and the postal address, email address, and phone number of their workplace.
These same paragraphs do not apply to personal information that is public by law, as of the effective date of this policy.
2. Responsibility
The support of senior management is crucial to the success of the personal information protection program and the adoption of a privacy-respecting culture. The senior management of Spartakus Technologies promotes the personal information protection program and ensures that the company’s activities comply with the defined policies and procedures.
At Spartakus Technologies, the daily management of the personal information protection program is officially delegated to the person responsible for personal information protection. They are charged with implementing Spartakus Technologies’s commitment to earning and maintaining the trust of customers and other stakeholders regarding its treatment of personal information. The responsible party is tasked with structuring, designing, and managing the program, including all procedures, training, control/verification, documentation, assessment, and follow-up.
Yoann Urruty holds the role of personal information protection officer at Spartakus Technologies and ensures compliance and implementation of applicable laws. You can contact him at the following coordinates:
By Mail:
Attn:Privacy Officer
Spartakus Technologies
18000 Trans-Canada Highway
Kirkland, Quebec H9J 4A1
By Phone:
Toll-Free Number: 1-514-459-3050
By Email:
[email protected]
3. Determination of Collection Purposes
In every situation, Spartakus Technologies ensures there is a legitimate reason for collecting personal information. The reasons why we collect your personal information are as follows:
- To establish and maintain a responsible business relationship with the customer and ensure ongoing service.
- To identify the needs and preferences of the customer and its end users.
- To design, enhance, promote or provide products and services to the customer.
- To manage and develop our business and operations, including diagnosing technical issues or enhancing functionalities, and maintaining and improving the data security of the client.
- To comply with laws, regulations, and contractual provisions.
- To recruit personnel, process applications, and assess the profile of the candidate in relation to job requirements and human resources management.
- To investigate incidents, complaints, or disputes from the customer and end users and resolve them.
- To protect ourselves and third parties from errors and fraud.
- To provide products and services on behalf of the customer (in accordance with contractual obligations), including for billing purposes, account administration, debt collection and payment processing, limit the risk of non-payment, and enable the collection of payments due.
- To verify your credit when this verification is necessary for some of our products or services.
- To share personal information with third parties as part of our services.
- To facilitate the use of our website and ensure its relevance, track the usage of our website, respond to questions submitted via our website.
- For external processing needs (Analytics).
- To verify your identity.
- Any other purpose to which you have consented.
For these purposes, we may collect the following personal information:
- Name, address, email and phone number, job title.
- Company name.
- The industry in which he/she works.
- Preferred language.
- Allergies (for events).
- Banking information or payment system data.
- Historical information such as the names of your former employers, your job titles, digital content like photos, or any other information relevant for potential recruitment.
- Identification information and other background check data, social insurance number, driver’s license, a copy of passport.
- Information related to the use of our website including technical information about visits or any other information collected through cookies or similar tools.
- Any other personal information provided.
We may also automatically collect certain personal information when you access our website, including your IP address, date and time, the type of device, operating system, your browsing behavior, geolocation data.
We use Google Analytics services, their policy can be reviewed at this address: https://policies.google.com/privacy?hl=en-US.
Please note that we only collect data that helps us achieve the reasons stated in this privacy policy. We will not collect additional data without obtaining your consent in advance.
4. Consent
Except in situations permitted or required by law, Spartakus Technologies will only collect your personal information for the purposes for which we have first obtained your consent. Consent will be obtained before collecting personal information. Depending on the nature and sensitivity of the information collected and the purposes for which it is used, your consent may be explicit or implied. As a rule, Spartakus technologies will seek explicit consent at the time of data collection. Consent can be obtained verbally, electronically, or in writing. In some situations, implicit consent may be reasonably inferred from a person’s action or inaction, for example, providing a name and address to receive a publication or a name and phone number to get an answer to a question. If we want to use the personal information for a new purpose, we will describe the intended use and ask for consent again.
Protecting the privacy of children, we do not knowingly ask for or collect personal information from children under 14 without prior verified consent from their parents or legal guardian and without complying with any other legal requirement. If we learn that we have unknowingly collected personal information about a child without the verifiable consent of a parent or legal guardian, we will delete this information from our records or take reasonable steps to de-identify this information.
You can decide at any time to withdraw your consent to the collection, communication, and storage of your personal information. You can also request de-indexing of your information, which could lead Spartakus Technologies to stop disseminating them or to de-index a hyperlink giving access to this information. Please note that if you choose to withdraw your consent or to de-index your information, Spartakus Technologies may not be able to provide you with certain products or services subsequently.
For withdrawal of consent or de-indexing, a written request to this effect must be submitted to the privacy officer. Spartakus Technologies commits to respecting a reasonable time to stop using the information.
5. Collection Limitations
Spartakus Technologies is committed to limiting the collection of personal information to only what is necessary for establishing, managing, and maintaining our relationship with you, and for the purposes detailed previously. Spartakus Technologies collects personal information that you voluntarily provide when using our services. These include, but are not limited to accessing our website, completing a form, a telephone communication, and others.
6. Limitations on use, Disclosure, and Retention
Spartakus Technologies is committed to using personal information solely for the purposes for which they were collected. Unless an exception provided by law applies, Spartakus Technologies will obtain new consent from the individual concerned to use the information for a purpose other than the one for which the original consent was obtained.
Spartakus Technologies will not disclose personal information to third parties without having previously obtained the consent of the individuals concerned or if applicable laws provide that it is possible to do so without their consent, notably for the following reasons:
- When we obtain personal information from a third party through our client as part of our service provision.
- When, for security, medical, or legal reasons, it is impossible for us to obtain your consent.
- When, for fraud detection or prevention or law enforcement purposes, asking for the individual’s consent would thwart the effort.
Generally, the personal information we collect is used and stored in Quebec. However, some of our service providers may store them outside the province for the needs of the services they provide to us, especially in Canada and the United States. When applicable, Spartakus Technologies ensures through a written agreement that the information benefits from controls ensuring the protection of their confidential nature and that they are used and kept only for the purposes described in this policy.
Spartakus Technologies has a policy for managing the life cycle of personal information. In this regard, Spartakus Technologies commits to keeping your personal information only for as long as necessary to achieve the purposes for which they were collected, comply with legal requirements, and protect our legitimate business interests. After this period, Spartakus Technologies will ensure the secure destruction or anonymization of personal information to preserve their confidentiality and comply with its obligations under applicable laws.7. Accuracy8. Security Measures9. Transparency10. Access to Personal Information11. Opportunity to Complain About Non-compliance With Principles12. Appendix 1: Non-exhaustive List of Types of Information Collected
7. Accuracy
Spartakus Technologies is committed to taking all reasonably available measures to ensure the accuracy of personal information in its possession. If you notice any inaccuracies in your information or need to update it, please notify us by contacting our Privacy Officer. Spartakus Technologies will then make every effort to correct or complete any personal information that you have reported as incorrect or incomplete, committing to respect a reasonable time frame to make the necessary modifications.
8. Security Measures
9. Transparency
10. Access to Personal Information
11. Opportunity to Complain About Non-compliance With Principles
12. Appendix 1: Non-exhaustive List of Types of Information Collected
8. Security Measures
Spartakus Technologies employs all reasonable security measures to safeguard the personal information in its possession. We are committed to implementing protections against loss, theft, unauthorized access, use, communication, modification, or destruction by way of suitable technical, administrative, and organizational security measures. The level of protection accorded to personal information hinges on the following factors:
- The degree of sensitivity of the personal information.
- The quantity, distribution, and format of the information.
- The method and duration of storage.
As far as possible, Spartakus Technologies implements, maintains, and monitors the following measures to protect the integrity, availability, and confidentiality of the personal information entrusted to it:
- Limiting access to personal information solely to employees who require the information to fulfill their duties, according to the principles of need-to-know and least privilege.
- Educating employees on confidentiality and the protection of personal information. These training sessions are mandatory for all employees.
- Allocating access privileges to information only to individuals who need to know.
- Reviewing employees’ security backgrounds based on the sensitivity of the information they will handle.
- Instituting technological security measures such as password policies, multi-factor authentication, data encryption, firewalls, intrusion detection and prevention tools, malware protection tools, and more.
- Introducing physical security measures like restricting access to our offices and data centers, locking filing cabinets, and more.
- Imposing contractual obligations on our service providers.
Management of Privacy Incidents:
Spartakus Technologies has equipped itself with a manual for preparation and response in the event of an incident affecting personal data, which is tested and improved continuously. This manual ensures that any incident threatening privacy is quickly detected, then managed and resolved in a coordinated manner. The manual clearly outlines the roles and responsibilities of each individual, as well as the criteria to be respected in terms of reporting, hierarchical recourse, and decision-making. Incidents are logged in a register for reference purposes.
9. Transparency
Spartakus Technologies is committed to ensuring that everyone has easy access to accurate information about its policies and practices regarding the management of personal information. The collection, use, and disclosure of your personal information bySpartakus Technologies is governed by the current version of this privacy policy.
We may periodically update our privacy policy. In such cases, we will post a notice on our website. Accordingly, we invite you to regularly review the policy to stay informed about the latest updates. These updates take effect on the date of the last update indicated with the policy.
Automatically Collected Information:
We collect certain information automatically through tools such as log files or Google Analytics during your navigation on the website. This information may include, but is not limited to, the following:
- The IP address used to access the website
- The browser and operating system configuration
- The mobile device configuration when accessing the website from a mobile device
- Geographical location and localization data
- Pages visited, products viewed, path followed on the website
- Keywords used in a search
- Date and time of the visit
However, we do not transmit any personal information to services like Google Analytics.
Information Related to Navigation Cookies (Cookies):
We use navigation cookies to enhance the performance of the website and user experience. Cookies are small files saved on your hard drive by the server where the website is located or by third-party servers (for example, advertising servers) which allow us to recognize a user of the website and customize the content. Some cookies are automatically deleted when a user closes their browser, while others are kept indefinitely. It is usually possible for you to control the registration of navigation cookies from the browser’s options. Some features of the website may no longer be available when cookie recording is disabled. For instance, the use of cookies is required for user authentication for some services offered through the website. Unless a user has already provided information about themselves (for example, by activating a service linked to a user account) from their mobile device or computer, cookies do not allow us to identify them.
10. Access to Personal Information
At any given time, you may submit a request to the Privacy Officer at Spartakus Technologies to access the personal information we hold about you. To do this, please send a written request to the following email address: [email protected]
Spartakus Technologies commits to respond to you within 30 days from the date of receipt of the request. In case of refusal on our part, we will inform you of the reasons for our refusal, subject to the restrictions provided by law, as well as the remedies available to you.
11. Opportunity to Complain About Non-compliance With Principles
Questions or complaints about how Spartakus Technologies handles personal information can be conveyed to the Privacy Officer. Spartakus Technologies has implemented processes to respond to all requests or complaints concerning its treatment of personal information and is committed to investigating any complaint regarding compliance with this privacy policy.
Receipt
Anyone wishing to lodge a complaint related to the application of this policy or, more generally, to the protection of their personal information by Spartakus Technologies, should do so in writing by addressing the Privacy Officer of Spartakus Technologies , at the email address indicated below.
By mail:
Attn: Privacy Officer
Spartakus Technologies
18000 Trans-Canada Highway
Kirkland, Quebec H9J 4A1
By email:
[email protected]
The individual must include their name, contact details including a phone number, as well as the subject and reasons for their complaint, providing sufficient detail for it to be evaluated by Spartakus Technologies If the complaint made is not precise enough, the Privacy Officer may request any additional information deemed necessary to be able to evaluate the complaint.
Processing
Spartakus Technologies commits to handling all received complaints confidentially.
Within 30 days following the receipt of the complaint or following the receipt of all additional information deemed necessary and requested by the Privacy Officer of Spartakus Technologies to process the request, the latter must evaluate it and provide a reasoned written response by email to the complainant. This evaluation will aim to determine if the treatment of personal information by Spartakus Technologies complies with this policy, any other policy and practice in place within the organization, and applicable legislation or regulation.
If the complaint cannot be processed within this period, the complainant must be informed of the reasons justifying the extension of time, the progress of the handling of their complaint, and the reasonable time required to provide a definitive response.
Spartakus Technologies must create a separate file for each of the complaints addressed to it. Each file contains the complaint, the analysis and supporting documentation for its evaluation, as well as the response sent to the person originating the complaint.
It is also possible to file a complaint with the Quebec Access to Information Commission or any other personal information protection oversight body responsible for enforcing the law concerned by the subject of the complaint.
However, Spartakus Technologies encourages anyone interested to first contact its Privacy Officer and wait for the end of the processing process by Spartakus Technologies.