Privacy Policy
GRIP is an organization that operates in harm reduction and prevention to inform and intervene in festive environments. We are committed to preserving the confidentiality of all personal information you share with us.
In order to comply with Law 25: An Act modernizing legislative provisions relating to the protection of personal information, which aims to protect personal information about an individual that can directly or indirectly identify them.
Here is our policy on the management of personal information, which covers the collection, use, and processing of your personal information and contains important information about your rights regarding them.
It is important to note that we only use your information in the manner prescribed in this policy in accordance with the Law, and some personal information is necessary to provide you with our services.
Reasons for collecting personal information
We collect personal information for various reasons to enable us to offer our services to our users. We provide intervention, analysis, training, and research services and may collect personal information in the course of our activities, including:
- Hiring our staff, volunteers, and administrators
- Purchasing products through our online store
- Exchanging data through our service agreements
- Using our services through the monitoring of our interventions (which are anonymized and destroyed after compilation)
- Participating in our research and data compilation (which are anonymized and destroyed after their useful life)
- Broadcasting information on our communication channels (newsletter, social media, etc.)
Note that this policy applies exclusively to the personal information of individuals, as required by the Law.
APPLICATION
This Policy applies to all types of personal information obtained by GRIP in the course of its activities, whether it be information about its users, partners, potential or current partners, suppliers, employees, or any other individuals (including visitors to the organization’s website).
Personal information is information:
- Concerning an individual and that can directly or indirectly identify them.
The professional or business contact information of a person does not generally constitute personal information. For example: the name, title, address, email address, or work phone number of a person.
For any questions about this Policy, you can write to Jérôme Loca Yang-Ting info@grip-prevention.ca
In all cases, we only collect information if we have a valid reason to do so.
PARTIES FROM WHOM WE COLLECT INFORMATION
We may collect your information directly from you when you communicate or interact with us.
PROVIDED PERSONAL INFORMATION
If you provide us with personal information about other people (such as your clients, administrators, members of your team, partners, and donors), you must ensure that you have duly informed them that you are providing us with their information and have obtained their consent to such information sharing.
SHARING AND ACCESS
Shared information will not be disclosed. However, if it becomes necessary to share data, prior consent will be obtained in a timely manner. Be assured that we will not disclose any personal information unless you have consented to this privilege or we have received your authorization.
GRIP is committed to ensuring that its employees adhere to the internal policy on the protection and non-disclosure of personal information. This policy is provided to them upon hiring and is available at all times in our Employee Guide.
AGENTS AND COLLABORATORS
All our agents or collaborators who have access to information in the context of professional services sign a confidentiality agreement with us. They commit to using this information only for the purposes mentioned in the agreement and to afford them the same level of protection we offer.
CONSENT OBTAINMENT
We obtain your consent for the collection, use, and disclosure of your personal information:
- When you request a new product or service;
- When we need to use your information for a purpose different from those for which you have already given your consent.
In addition, we do not obtain your consent in certain situations provided by law, such as:
- To prevent, detect, or stop fraud;
- For the assessment and improvement of protection and security measures;
- For use that is compatible with the purpose for which the information was collected;
- For the benefit of the individual concerned.
TECHNOLOGIES USED Our website uses cookies such as:
- Cookies to help you navigate efficiently and perform certain functions;
- Third-party cookies that help us analyze how you use this website, record your preferences, and provide you with relevant content and ads.
Our website, including our online store, uses the following types of cookies:
- “Necessary” for basic website functions;
- “Functional” cookies that allow certain functions (sharing website content on social media platforms and collecting feedback);
- “Analytical” cookies to understand how visitors interact with the website;
- “Performance” cookies to understand and analyze key performance indicators of the website, providing a better user experience for visitors.
OTHER TECHNOLOGICAL MEANS USED
We also collect personal information through technological means such as web forms, for example: our contact form, online store, newsletter signup form, and other platforms or form tools (e.g., Google Forms).
SECURITY MEASURES TO RETAIN PERSONAL INFORMATION LIMITED ACCESS GRIP implements measures to limit access to personal information only to employees and individuals within its organization who have the authority to be aware of it and for whom this information is necessary in the performance of their duties.
RETENTION PERIOD
We retain your information, in physical or digital format, as long as necessary to achieve the purposes for which the information was collected or as long as required or permitted by law. The purpose, nature, and sensitivity of the information have been taken into account in determining the retention periods.
In general, to meet these obligations, information will be kept for the duration of our relationship with you and removed upon your request.
At the end of the retention period or when personal information is no longer necessary, GRIP will ensure:
- To destroy them; or
- To anonymize them (meaning that they no longer allow, in an irreversible way, to identify the person and that it is no longer possible to establish a link between the person and the personal information) for use for serious and legitimate purposes.
STORAGE LOCATIONS
Personal information held may be communicated outside of Quebec, for example, when we use cloud service providers whose servers are located outside Quebec.
INFORMATION SECURITY
We make significant efforts to protect your personal information against loss, theft, unauthorized access, use, or disclosure, and against any other breach of information protection.
We have implemented a security program to track the constant evolution of information security threats. Among the measures adopted in our security program:
- Limiting the individuals with access to information. Thus, only duly authorized employees or agents who need to consult your information in the course of their work have access to it;
- Managing passwords;
- Informing and training employees on the security measures in place and essential behaviors to adopt;
- Maintaining a record of incidents and an internal procedure known to team members.