ACE Services Mécaniques Inc.
Updated: September 1, 2023
ACE Services Mécaniques inc. and its affiliates (hereinafter the “company”) are subject to the Act respecting the protection of personal information in the private sector. We take privacy seriously and are committed to complying with the standards set out in this act.
Responsibilities and functioning
The company’s President and CEO has delegated the role of Privacy Officer (hereinafter “PO”) to the Vice President, Human Resources, as provided by the Act.
A committee was created in January 2023 to support the PO and track our privacy commitments. The committee will meet at least twice a year or more frequently if needed. This committee is made up of the vice president, or an employee of their choosing, for each of the following key sectors: human resources, IT, finance and legal affairs.
Collection of personal information
We are committed to only collecting personal information required to carry out our operations. We will inform our employees and collaborators of the purposes for which we are collecting this personal information and will ask for consent, when required, to use or share it.
Disclosure of personal information
We will only disclose personal information to third parties when we receive the consent of the person involved
We take every reasonable measure to safeguard personal information against any loss, misuse, unauthorized access, disclosure, tampering or disposal.
Retention and disposal of personal information
Personal information must be retained in secure, controlled access systems and filing cabinets. Access is restricted to a limited number of employees that absolutely need this information to carry out their work.
Personal information that is no longer required will be disposed of according to a process that is reviewed annually by the committee.
The PO is responsible for taking all necessary actions when a security incident relating to personal information occurs. They must also maintain an incident log that includes:
- the date of the incident and the surrounding circumstances;
- the date on which the company became aware of the incident;
- the identity of the person who conducted the investigation;
- the personal information involved;
- how sensitive the information involved is;
- the number or estimated number of people affected;
- the measures taken to reduce harm;
- the date the notice was sent to the Commission de l’accès à l’information du Québec and the people involved; and
- the reasons why the company did not disclose the incident, if applicable.
The PO will produce a report to the company’s Board of Directors about the committee’s activities.
Access to personal information and complaint process
All employees and partners are entitled to request access to the personal information we hold and have it corrected if they deem it to be inaccurate. You can also make a complaint if you determine that your personal information is not handled or retained properly. The PO is responsible for carefully handling all complaints.
Please address your request or complaint to the Privacy Officer.
If you have any questions about this policy or how we manage personal information, please contact our Privacy Officer using the contact information provided below.
Vice President, Human Resources