Privacy Policy

PREAMBLE

This Governance Policy on the Protection of Personal Information (hereinafter referred to as “the Policy”) is adopted pursuant to the Act Respecting the Protection of Personal Information in the Private Sector, c. P-39.1 (hereinafter referred to as “the Private Sector Act”). Contro Valve operates a business that processes personal information as part of its operations. As such, it is subject to the obligations set forth in the Private Sector Act.

In the course of its operations, Contro Valve must collect, use, and retain personal information in compliance with applicable legal and regulatory requirements. This Policy applies to all aspects of personal information management within Contro Valve, including but not limited to employees, board members, interns, volunteers, and any individual or entity providing services to Contro Valve.

The Policy covers all personal information collected, used, and retained by Contro Valve, regardless of its format or medium. This includes physical or digital documents, whether written, graphic, audio, visual, computerized, or otherwise. Personal information is defined as any data relating to an identifiable individual, either directly or indirectly. The Policy also applies to personal information collected through Contro Valve’s website, where applicable. The annexes attached to this Policy form an integral part thereof.

POLICY STATEMENT

This Policy aims to establish a governance framework for the management of personal information within Contro Valve. It defines the principles, roles, and responsibilities related to the collection, use, retention, and secure disposal of personal information, in accordance with the Private Sector Act.

SCOPE OF APPLICATION

This Policy applies to all Contro Valve personnel, including employees, students, interns, consultants, contractors, subcontractors, and any other individual with access to personal information held by Contro Valve. It covers all personal information, including data retained by third parties, whether stored in physical or electronic format, and governs its collection, use, disclosure, retention, and destruction. Publicly available personal information is not subject to this Policy.

GUIDING PRINCIPLES

  • Accountability: Contro Valve is responsible for the personal information it holds. It implements policies and practices to meet its legal obligations and ensure the protection of such information.
  • Necessity: The collection of personal information is limited to what is strictly necessary for the performance of the company’s activities.
  • Consent: Whenever required by the Private Sector Act, Contro Valve ensures that valid consent is obtained from the individual concerned. Such consent must be free, informed, and explicit, and given for specific purposes. In the case of sensitive information, express consent is required.
  • Confidentiality: Contro Valve ensures the confidentiality of personal information by applying appropriate security measures throughout its lifecycle.
  • Accuracy: Contro Valve ensures that personal information is accurate, complete, and up to date for the purposes for which it was collected.
  • Transparency: Contro Valve informs individuals about the collection of their personal information, the methods used, the purpose of the collection, how the information will be used, and the rights granted to them.
  • Access and Correction: Individuals have the right to request access to and obtain a copy of their personal information, and to request corrections if necessary.
  • Secure Disposal: Personal information is securely destroyed once the purposes for which it was collected have been fulfilled, subject to the retention periods outlined in Contro Valve’s records management schedule.

TYPES OF PERSONAL INFORMATION COLLECTED

As part of its operations, Contro Valve may collect and process various types of personal information.

It may also be required to collect and process sensitive personal information, which—due to its nature (e.g., medical data) or the context in which it is used or disclosed—carries a high expectation of privacy. Certain types of information that directly identify individuals in a professional context, such as name, job title, position, business email, business address, and business phone number, are not subject to the Private Sector Act and therefore do not require specific protection measures.

GUIDELINES FOR PROCESSING, STORAGE, AND TRANSMISSION OF PERSONAL INFORMATION

Contro Valve has implemented clear guidelines to ensure the integrity and confidentiality of personal information at every stage:

  • Processing: Personal information must be handled exclusively by authorized personnel and only for the specific purposes for which it was collected.
  • Storage: Personal information is stored in secure environments with appropriate access controls and regular backup mechanisms to prevent data loss.
  • Transmission: Personal information is transmitted exclusively through secure channels, such as SSL/TLS encryption for data in transit, and the use of VPNs or private networks for internal communications

RULES GOVERNING PERSONAL INFORMATION

Processing The protection of personal information is a priority for Contro Valve and is ensured throughout its lifecycle. All personal information held by Contro Valve is considered confidential and is subject to applicable protection rules and legal exceptions. Under all circumstances, Contro Valve ensures that personal information is handled with the utmost care, in accordance with principles of confidentiality, integrity, and security, and is disclosed only to authorized individuals or in situations permitted by law.

Collection Contro Valve collects personal information from its clients, employees, partners, and any other individuals interacting with the company. In general, personal information is collected directly from the individual concerned and with their consent, unless an exception is provided by law. In certain cases, consent must be explicit, free, and informed, but it may also be implied—for example, when an individual voluntarily provides personal information during activities such as service registration or recruitment processes. In all cases, Contro Valve collects personal information only for legitimate purposes and strictly to the extent necessary to fulfill those purposes. Unless otherwise permitted by law, Contro Valve will obtain the individual’s consent before collecting personal information from a third party. When personal information is collected through technological means, Contro Valve ensures its protection in accordance with its Privacy Policy, available in the annex.

USE Contro Valve is committed to using personal information solely for the purposes for which it was collected, or as otherwise permitted by law. In certain circumstances, Contro Valve may collect, use, or disclose personal information for purposes other than those originally intended, without the individual’s consent or prior notification, when authorized or required by law. Such circumstances may include situations where, for legal, medical, or security reasons, obtaining consent is impractical or unlikely; where the use is clearly in the individual’s best interest; or where it is necessary to prevent or detect fraud, or to assess and improve protection and security measures. Other lawful exceptions may also apply. Access to personal information is strictly limited to staff and managers whose duties require such access. Any other use of personal information must be pre-approved by a manager or the designated access officer, who will ensure that the new use complies with legal requirements and, where applicable, that consent has been obtained. Employees must always maintain the confidentiality of personal information and immediately report any situation that may compromise its protection to their supervisor or the access officer.

RETENTION AND SECURITY

Contro Valve is committed to retaining personal information in accordance with legal requirements and industry best practices for data protection. Personal information is retained for the duration necessary to fulfill the purposes for which it was collected, subject to any retention period prescribed by law. This information may be stored physically at Contro Valve’s offices or digitally within its internal systems or those of its service providers.

The security of personal information is a top priority for Contro Valve. Organizational and technological safeguards are implemented to ensure that personal information remains strictly confidential and protected against loss, theft, unauthorized access, disclosure, copying, use, or modification.

In certain cases, personal information may be disclosed without the individual’s consent when required by law or regulation. Such exceptions may include emergency situations to prevent acts of violence, the execution of a warrant or service agreement with a third party, or when the information is needed for research, studies, or statistical purposes, subject to a written request.

Before disclosing personal information to a third party, Contro Valve personnel must consult with a manager or the designated Privacy Officer to ensure that the disclosure complies with legal requirements.

In the event of a privacy incident, Contro Valve will take all necessary steps to notify affected individuals or organizations and mitigate the risk of serious harm.

DISCLOSURE TO THIRD PARTIES

Personal information is disclosed to third parties only when necessary for the execution of a written mandate, contract, or service agreement, or when the individual concerned has provided consent. In the absence of consent, disclosure may occur in cases permitted by law.

Any transfer of personal information outside of Quebec must be preceded by a Privacy Impact Assessment to ensure that the information will be adequately protected.

Contro Valve is committed to disclosing personal information only with the individual’s consent. However, in certain circumstances, Contro Valve may be required to disclose personal information without consent, when mandated by legal or regulatory requirements, or when permitted under applicable legislation. Such exceptions may include emergency situations to prevent acts of violence, the execution of a warrant or service agreement with a third party, or when the information is needed for research, studies, or statistical purposes, subject to a written request.

Before disclosing personal information to a third party, Contro Valve personnel must consult with a manager or the Privacy Officer to ensure that the disclosure complies with legal requirements.

In the event of a privacy incident, Contro Valve will take all necessary steps to notify affected individuals or organizations and mitigate the risk of serious harm.

SECURE DISPOSAL OF PERSONAL INFORMATION

Contro Valve is committed to securely disposing of documents containing personal information once the purposes for which they were collected have been fulfilled, or when the retention period outlined in the records management schedule has expired. Retention periods are determined based on applicable legal requirements and the operational needs of the company.

Data destruction is carried out in accordance with legal obligations and Contro Valve’s internal records management policies. The destruction methods used are appropriate to the confidentiality level of the documents, whether physical or digital. These methods may include secure shredding for paper documents and permanent deletion or digital shredding for electronic data.

Destruction procedures ensure that personal information cannot be recovered or accessed after the retention period has ended. Contro Valve ensures that all destruction processes meet the highest security standards to protect the confidentiality of information at all times.

RIGHTS OF DATA SUBJECTS

Any individual has the right to request access to or correction of personal information held by Contro Valve. To exercise this right, the individual must submit a written request to Contro Valve’s Privacy Officer and provide proof of identity as the data subject.

Subject to applicable legal restrictions, data subjects may request access to their personal information held by Contro Valve and demand corrections if the information is inaccurate, incomplete, or ambiguous. The Privacy Officer is committed to responding to such requests in writing within 30 days of receipt.

In addition to these rights, individuals also have the right to data portability. This means they may request that Contro Valve provide their computerized personal information, which was directly supplied to Contro Valve, in a structured and commonly used technological format.

Any access or correction request received by another department within Contro Valve must be promptly forwarded to the Privacy Officer for processing.

PRIVACY INCIDENTS

A privacy incident occurs when personal information is subject to unauthorized access, use, or disclosure, or when it is lost or compromised in any way. If Contro Valve has reason to believe that a privacy incident involving personal information in its possession has occurred, it will immediately take reasonable steps to mitigate the risk of harm and prevent similar incidents from happening again.

In the event of a privacy incident, Contro Valve conducts a thorough assessment of the potential harm, taking into account the sensitivity of the information involved, possible malicious uses, anticipated consequences, and the likelihood that the information could be used in a harmful manner.

COMPLAINT HANDLING PROCEDURES

Any individual concerned by the application of this Policy may file a complaint regarding its implementation or, more generally, the protection of their personal information by Contro Valve. Complaints must be submitted in writing to Contro Valve’s Privacy Officer.

The procedure for handling complaints related to personal information protection is clearly defined and accessible to all concerned individuals. It outlines the steps to follow when submitting a complaint, the processing timelines, and the actions Contro Valve will take to resolve the issue fairly and transparently.

The Privacy Officer is responsible for reviewing each complaint diligently and responding within a reasonable timeframe. If a breach is identified, Contro Valve will take the necessary corrective measures and implement safeguards to prevent recurrence.

This procedure is designed to ensure that individuals’ rights regarding personal information protection are respected and that all complaints are handled fairly and confidentially.

PRIVACY OFFICER CONTACT INFORMATION

Contro Valve’s Privacy Officer may be contacted by email or phone for any questions or concerns regarding the application of this Policy, the transparency and confidentiality of personal information, or Contro Valve’s compliance with the Private Sector Act and its regulations.

Contact details:

CHANGES TO THE PRIVACY POLICY

This Policy may be updated from time to time to reflect changes in our personal information management practices or to comply with new legal requirements. Any updates will be published on our website along with the date of the latest revision.

We are here to help
Get in touch with the representative of your area. Send product request or get in touch with them directly with our contact form.
Get in touch
Pages
Results
Products
Results

This website uses cookies
This website uses cookies to understand the traffic on our site and improve the user experience. By using our website, you accept all cookies in accordance with our cookie policy.