Privacy Policy
Last updated on: November 13, 2023
Introduction
Your privacy is very important to us. For this reason, we are committed to doing everything we can to protect your personal information.
With this in mind, we have developed this “Privacy Policy,” or more specifically this “Personal Information Protection Policy,” in order to inform you in a transparent manner about how we collect, use, disclose, transfer, and store your information when you use our site https://pop.spritzmarketing.ca.
At Spritz, we strive to build reliable services and constantly improve your experience while rigorously implementing privacy and security practices. This policy details the types of personal data we may collect about you, the steps we take to keep it secure, and the rights you have regarding your personal information.
We encourage you to read this policy carefully and to familiarize yourself with our data practices. If you have any questions or concerns about this policy or your personal information, please contact us using the methods provided in the “Data Protection Officer” section of this policy.
By using our services, you understand that we will collect and use your personal information in accordance with this Privacy Policy.
Thank you for your trust and confidence in Spritz.
Our Commitment to Handling Your Personal Information
We have adopted a set of principles that guide our approach to how we handle the personal information of our customers and users.
Clarity
We have written this Privacy Policy as clearly as possible so that it is accessible to everyone. If, despite our efforts, you find ambiguities or elements that require further clarification, please contact us using the information provided in the “Data Protection Officer” section of this policy. We will do our best to further clarify our policy.
Privacy as a design priority
We build privacy into the development and design of our services and products, ensuring that the protection of personal information is a fundamental consideration from the outset.
Proactive transparency
We are committed to being fully transparent about the nature of the data we collect, how we use it, and the circumstances in which it may be shared.
We are committed to actively informing our users about the use of their data in an understandable and accessible way, going beyond mere legal disclosure obligations.
Data ethics
Our data-processing decisions and practices are guided by a code of ethics that respects the spirit, and not just the letter, of privacy laws.
Responsible innovation
When introducing new technologies or practices, we carefully assess the potential impacts on privacy and work to minimize them before implementation.
Excellence in data protection
We strive to adopt industry best practices and continue to improve our processes to ensure the most robust protection of personal information.
Integrity and confidentiality
We are committed to ensuring the integrity and confidentiality of personal data by applying robust security measures that protect against unauthorized access, disclosure, alteration, and destruction.
Trusted partnerships
We only work with partners who share our commitment to privacy and can demonstrate compliance with our high standards of confidentiality.
User control
We respect the right of users to control their personal information, including access, correction, and deletion of their data.
Limitation of use
The data collected will be used exclusively for the purposes specified in our Privacy Policy and only to the extent necessary to achieve these objectives.
Data minimization
We only collect data that is strictly necessary to provide the services requested by our users—and nothing beyond that.
Consent
Data will not be collected, used, or disclosed without the clear and explicit consent of the user unless authorized or required by applicable law.
Responsability
We are responsible for all personal information in our possession and take this responsibility seriously by maintaining privacy practices that comply with applicable laws.
Respect of your rights
We recognize and respect users’ rights regarding their personal information, in accordance with privacy legislation.
Update and maintenance
We are committed to keeping our Privacy Policy up to date with the latest data protection practices and regulations.
Response and communication
We are committed to responding within a reasonable time to any request or concern about the confidentiality and security of personal information.
Data collected
We believe it is important for you to know what data we collect when you use our service and why. The types of data we collect are as follows:
Data provided by the user
This information is what you voluntarily provide to us when using our services, which may include:
● Full name and contact details (such as email address, telephone number).
● The content of any communications you send us (such as comments, questions, or information you provide in contact forms).
● Information about your professional experience when you send us your CV to apply for a job or internship.
Data collected automatically
Some data is automatically collected by our systems when you access our service, including:
● Browsing details such as your IP address, browser type, browser language, pages visited, and date and time of access.
● Device information such as operating system, unique device identifiers, and crash signals.
● Cookies and tracking technologies that collect information about your browsing habits and preferences.
Purposes of Data Collection
The data we collect is used to:
● First, to provide, manage, and maintain our services, and specifically our newsletter, our contact form, or our job and internship offers.
● Improve user experience and personalize your interaction with our service.
● Communicate with you, including sending you updates and service information, responding to your requests, and managing promotional communications.
● Reinforce the security of our service; detect and prevent fraud and unauthorized activity.
● Understand and analyze how you use our service in order to improve and develop new features and services.
● Comply with legal and regulatory requirements.
We only collect data that is necessary for the purposes set out in this Privacy Policy. If we intend to use your personal information for purposes not described here, we will inform you and, if applicable, obtain your consent.
Consent
By using our services, you understand that we collect and use your personal information in accordance with this Privacy Policy.
We will only collect, use, disclose, or process your personal information with your express consent or as required and permitted by law. When you use our service, we consider that you are giving us your consent to collect and use your personal information in accordance with this policy.
How to give your consent
Your consent may be given in a number of ways, including, but not limited to:
● By checking a box when you register or on our website indicating that you accept this Privacy Policy.
● By voluntarily providing personal information when using our site or service.
● By continuing to use our site or service after being informed of this Privacy Policy.
Withdrawing your consent
You have the right to withdraw your consent to the processing of your personal information at any time. If you decide to withdraw your consent, this may affect our ability to provide you with certain services or features of our site. To withdraw your consent, please contact us using the information provided in the “Data Protection Officer (DPO)” section of this policy.
Please note that the withdrawal of your consent does not apply to the processing of personal information that took place prior to your withdrawal, nor to the processing of personal information carried out on legal grounds other than consent.
Consent of minors
If you are under 18 years of age, you must have your parent or legal guardian’s permission to use our service and agree to this Privacy Policy. We do not knowingly collect personal information from children under the age of 18 without verifiable parental or guardian consent.
Policy Updates
We may update our Privacy Policy from time to time. If we change the way we process your personal data in a significant way, we will ask you to renew your consent to our new policy.
Cookies and Tracking Technologies
What is a cookie?
A cookie is a small text file stored on your device (computer, tablet, or smartphone) when you visit certain websites. Cookies are used to enable websites to function more efficiently, to improve user experience, and to provide information to site owners.
How do we use cookies?
We use cookies to improve your experience on our site by:
● Memorizing your preferences so you don’t have to re-enter them each time you visit.
● Collecting analytical information about how you use our site so that we can improve it.
● Tracking your browsing patterns to help us identify improvements to our information process.
Cookies can be “persistent” or “session”: persistent cookies remain on your personal computer or mobile device when you log out, while session cookies are deleted as soon as you close your web browser.
Types of cookies we use
● Required cookies: These cookies are essential to provide you with the services available on our website and to use some of its functionalities. For example, they allow you to connect to secure parts of our site and help the content of the pages you request to load quickly.
● Functional cookies: These cookies are used to recognize you when you return to our site. This allows us to personalize our content for you, greet you by name, and remember your preferences.
● Analytical cookies: These cookies enable us to recognize and count the number of visitors and to see how they move around our site when they use it. This helps us to improve the operation of our site, for example, by ensuring that users can easily find what they are looking for.
● Performance cookies: Performance cookies are used to understand and analyze the website’s key performance indicators, enabling us to provide visitors with a better user experience.
● Targeting/advertising cookies: Advertising cookies are used to provide visitors with personalized advertisements based on previously visited pages and to analyze the effectiveness of an advertising campaign.
● Uncategorized: Uncategorized cookies are those that are currently being analyzed and have not yet been categorized.
Your choice regarding cookies
You can personalize cookies by using our cookie manager.
You can also configure your browser so that it accepts all cookies, rejects all cookies, informs you when a cookie is issued, lets you know how long it is valid and what its content is, allows you to refuse to store a cookie on your device, and lets you delete your cookies periodically.
If you choose to block or delete cookies, this may affect certain features of our site and the quality of your user experience.
For more information on managing and deleting cookies, visit aboutcookies.org. For more information about your choices regarding the use of cookies for online behavioural advertising, you can visit the following sites:
● Network Advertising Initiative: http://www.networkadvertising.org/choices/
● Digital Advertising Alliance: http://www.aboutads.info/choices/
Changes to our use of cookies
Any changes to our use of cookies for this site will be published here and, if necessary, posted on our web pages.
Storage of Personal Information
Storage principles
We store your personal information only as long as necessary to fulfill the purposes for which it was collected, in accordance with our data storage policies and in compliance with legal and regulatory requirements.
How do we determine storage periods?
The storage periods for your personal information depend on a number of factors, including:
● Data type: Certain types of data may require a longer storage period due to their nature.
● Purpose of collection: We evaluate the length of time required to retain personal information based on the purpose for which it was collected and the need to keep a record of our interactions with you.
● Legal and regulatory obligations: In some cases, laws or regulations may require us to store certain information for a specific period of time.
● Contractual factors: If we have a contractual relationship with you, we may be required to store your personal information for the duration of that relationship and for a period after it has ended, in accordance with contractual provisions and legal obligations.
Data deletion
Once the storage periods have expired, we will securely delete or anonymize your personal information. If the data is no longer required for the purposes for which it was collected and there is no legal obligation to conserve it, we will take appropriate steps to delete it from our systems.
Updates to our storage policy
We regularly review our data retention policies to ensure that they remain compliant with applicable laws and reflect current best practices. This conservation policy may be updated from time to time, and we encourage you to review it regularly.
Data Sharing
As part of our operations, we may transfer your personal information in different contexts and to different types of entities, including:
Transfers to subcontractors and freelancers
Your data may be transferred to Quebec-based subcontractors or freelancers for specific tasks, such as software development, customer support, or marketing services. These transfers are carried out in strict compliance with the protection of your privacy and the security of your data. We ensure that these partners process your data in accordance with our instructions, this Privacy Policy, and all applicable data protection laws.
Transfers to technology platforms and cloud-based solutions
Web hosting and technology providers: To deliver our services, we rely on third-party platforms, such as website hosting providers, and technology providers such as Google Workspace or other cloud-based technology solutions. These suppliers may process your personal information on our behalf and are carefully selected for their commitment and ability to comply with data protection and security standards.
International transfers
In some cases, these transfers involve sharing your data with entities located in other countries. When we transfer personal information outside Quebec, we take all necessary measures to ensure that your data is treated securely and in accordance with this Privacy Policy and data protection legislation. This includes setting up contracts and using entities certified under international data protection frameworks.
Commitment to security and confidentiality
We are committed to ensuring that all transfers of your personal information are carried out with the utmost care and security. We only share your data with trusted parties who maintain high standards of data protection and we ensure that all data transferred is treated securely and in accordance with this Privacy Policy and applicable legislation.
User Rights
We recognize that the protection of personal information is a fundamental right for all individuals. You may have the following rights regarding your personal information:
● Right of access: You have the right to request copies of your personal information held by us.
● Right of correction: If you believe that the information we have about you is inaccurate or incomplete, you have the right to ask us to correct that information.
● Right to deletion: In certain circumstances, you have the right to request the deletion of your personal information from our systems.
● Right to limit handling: You have the right to request that we limit how we use your personal information, in particular if you dispute the accuracy of the data or if you have objected to the use of your data.
● Right to object: You have the right to object at any time to the processing of your personal information for reasons related to your particular situation.
● Right not to be subject to a decision based solely on automated processing: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legally binding effects on you or significantly affects you in a similar way.
● Right to withdraw consent: Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time.
● Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with the data protection authority in your country if you believe that our processing of your personal information is in breach of data protection laws.
To exercise one of these rights, please contact us using the information provided in the “Data Protection Officer” section of this policy. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will do our best to respond within a reasonable time.
Data Security
The security of your personal information is a top priority. We understand the importance of protecting your personal information and are committed to ensuring its security, confidentiality, and integrity.
Security measures
To protect your personal information against unauthorized access, improper use, disclosure, accidental loss, alteration, or destruction, we have implemented appropriate and robust security measures. These measures include technical, organizational, and physical controls designed to safeguard your personal data. Here are some of the strategies we employ:
● Data encryption: We use encryption to protect information that we consider important, particularly when it is transferred or stored on our systems.
● Information security: Information security measures are in place to detect and prevent any attempt at theft or unauthorized loss of your data.
● Access control: Access to your personal data is strictly limited to our staff and third parties who need it to provide our services. They are all subject to strict confidentiality agreements.
● Safety awareness training: Our staff members receive regular training in security and data protection best practices.
● Safety audits and tests: We carry out regular security audits and tests to evaluate and reinforce our security measures.
Incident response
In the event of a data breach, we have implemented procedures to react quickly to minimize the impact and to notify users and regulatory authorities, in accordance with applicable laws. See the “Data Incident Management” section of this policy.
Updates to our security measures
Information security is a constantly evolving field, and we are committed to adapting and improving our security measures as new threats emerge and new best practices are developed.
Data Incident Management
Commitment to safety
We take the security of your personal information very seriously and have implemented robust technical and organizational measures to protect your information from unauthorized access, modification, disclosure, or destruction. We are committed to maintaining the confidentiality and integrity of your data and to using industry-standard security practices.
Incident response
In the unlikely event that we detect a security incident affecting the confidentiality, integrity, or availability of the personal information we process (a “Data Breach”), we will act promptly to identify the cause, limit the damage, secure your data, and take appropriate steps to prevent a recurrence.
To this end, we keep an incident register in accordance with current regulations.
Incident notification
In accordance with our legal and regulatory obligations, if we discover a security incident that is likely to represent a high risk to your rights and freedoms, we will inform you promptly and without undue delay of the nature of the incident, the data concerned, the possible consequences, the measures taken to remedy the situation, and provide you with advice on the steps you can take to protect your data.
We will also inform the relevant data regulatory authorities within the time limits prescribed by the applicable law.
Working with authorities
We will cooperate with the relevant data protection authorities and other law enforcement agencies to respond to the incident in accordance with our legal obligations.
Contact in the event of an incident
If you have reason to believe that a security incident affecting your personal information has occurred, please contact us immediately using the information provided in the “Data Protection Officer” section of this policy.
Links to Other Sites
Our website may contain links to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites and cannot accept responsibility for their respective privacy policies.
We strongly encourage you to read the privacy policies and terms and conditions of any third-party websites you visit. The presence of a link does not imply a recommendation on our part nor does it mean that we endorse the linked website or its content.
When you leave our site, we advise you to exercise caution and to read the privacy policy of each site you visit. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party site or service.
Changes to the Privacy Policy
We reserve the right to update or modify our Privacy Policy at any time without prior notice. However, we are committed to informing you of any significant changes in the way we treat your personal information.
We advise you to review this Privacy Policy regularly for any changes. Changes to this Privacy Policy are effective immediately upon posting on this page.
If we make material changes to this Policy, we will inform you by means of a notice on our website, or by any other means of communication we deem appropriate, including email, to give you an opportunity to review the changes before they take effect.
Your continued use of our service following the posting of any changes to the Privacy Policy on this page will constitute your acknowledgement of the changes and your consent to comply with and be bound by the modified Privacy Policy.
Should we make any changes that would reduce your data protection rights under this policy without your explicit consent, we will give you the opportunity to opt out of such changes before they are applied to your information.
Data Protection Officer (DPO)
We have appointed a Data Protection Officer, who can be reached by email at: [email protected].
Data Protection Authority
The data protection authority in Quebec is the Commission d’accès à l’information established by Section 103 of the Act respecting Access to documents held by public bodies and the Protection of personal information (Chapter A-2.1).
The commission’s website is https://www.cai.gouv.qc.ca.
To contact the commission, click here: https://www.cai.gouv.qc.ca/a-propos/nous-joindre.
Applicable Law
This Privacy Policy is governed by Quebec’s Bill 25.