Privacy & Compliance

Personal Information Protection Policy (Quebec Act 25)

Sécurité IP Inc. protects personal information in compliance with Quebec’s Act respecting the protection of personal information in the private sector ("Act 25"). This page summarizes our practices and your rights.

Last updated: 2025-09-07

Scope & Who we are

This policy applies to all personal information we collect, use, disclose, store or otherwise handle when you use our websites, apps, services, or communicate with us. “Personal information” means any information relating to an identifiable person.

This policy is provided for transparency and does not constitute legal advice.

Privacy Officer (Act 25, s. 3.1)

We have designated a Privacy Officer responsible for compliance with Act 25 and this policy. The Officer oversees requests, privacy impact assessments (PIAs), training, vendor reviews and incident handling.

Designated officer
Responsable de la protection des renseignements personnels

Personal information we collect

The information we collect depends on how you interact with us. It may include:

  • Identifiers: name, email, phone, account IDs.
  • Contact & billing details for service delivery and invoicing.
  • Usage & interaction data (logs, preferences, support records).
  • Technical data (device, browser, IP, approximate location).
  • Security events (auth logs, fraud or abuse signals).
Sensitive information is collected only with explicit purposes and safeguards or as required by law.

Purposes & legal bases

We collect and use personal information only for specified and legitimate purposes and only to the extent necessary.

Legal bases

  • Consent — when required (e.g., certain marketing cookies).
  • Performance of a contract — to deliver and support services.
  • Legitimate interests — to secure, improve and protect our services in a balanced manner.
  • Legal obligations — to comply with applicable laws and requests.

Illustrative purposes

  • Account creation, provisioning and operations.
  • Fraud prevention, auditing, and platform security.
  • Customer support and communication.
  • Service analytics and quality improvement.
  • Optional communications with opt-out.

Cookies & similar technologies

We use essential cookies for core functionality and, with your consent where required, analytics or preference cookies.

You can manage non-essential cookies at any time in our Cookie Preferences. Cookie Policy.

Retention, destruction & anonymization

We keep personal information only for the period necessary to fulfill the purposes for which it was collected, to meet legal requirements, or to protect our rights.

When no longer needed, information is securely deleted, anonymized or aggregated, in accordance with Act 25.

Service providers & cross-border communications

We may use third-party providers to host or process personal information. Before communicating information outside Québec, Act 25 requires us to assess whether it would receive adequate protection.

  • We perform a privacy impact assessment (PIA) considering sensitivity, purposes, safeguards and the legal framework of the destination.
  • We use contracts requiring confidentiality and appropriate technical/organizational safeguards.
  • We apply encryption, access controls, minimization and regular reviews.

Your rights under Act 25

Subject to legal exceptions, you have the following rights:

You can request to:

  • Access your personal information and obtain details about its use.
  • Rectify incomplete, inaccurate or outdated information.
  • Withdraw consent for optional processing (e.g., marketing cookies).
  • Request de-indexation where permitted by law.
  • Receive computerized personal information you provided to us in a structured, commonly used format (data portability), when applicable.

How to exercise your rights

Write to our Privacy Officer and describe your request. We may verify your identity before responding. privacy@securiteip.com.

If you are unsatisfied, you may contact Québec’s Commission d’accès à l’information (CAI).

Automated decision-making

We do not rely on automated decision-making that produces legal or similarly significant effects without meaningful human involvement. If this changes, we will disclose the logic involved, the factors considered and your rights relating to such processing.

Security incidents & breach notification

We maintain a register of privacy incidents and evaluate the risk of serious injury. If required, we notify the CAI and affected individuals without delay and implement mitigation measures.

  • Maintain an incident register with facts, effects and remedial actions.
  • Notify the CAI when an incident presents a risk of serious injury.
  • Notify affected individuals when required and provide guidance.

Privacy impact assessments (PIAs)

For any acquisition, development or redesign of an information system or electronic service involving personal information, we conduct a PIA proportional to the sensitivity and purposes, as required by Act 25.

Confidentiality by default

Where our products are made available to the public, default privacy settings are configured to the highest level of confidentiality without user intervention, unless an informed choice is made.

Changes to this policy

We may update this policy to reflect changes to our practices or applicable law. Material changes will be highlighted on this page along with the effective date.