Brigid Scullion is committed to protecting the personal information entrusted to us.
This policy describes our practices for managing and protecting personal information and confidential information concerning data and information related to the activities of website users.
The policy covers the entire life cycle of personal information, from collection to destruction, in accordance with legal requirements and good privacy practices.
Confidentiality is defined by the International Organization for Standardization as “ensuring that information is accessible only to those to whom access is authorized”.
Any information that must be treated with discretion and confidentiality, but that does not explicitly identify an individual.
Some work tools provide necessary support for intervention with members and are not intended to be passed on, but could be used to support the drafting of formal reports, which would themselves become personal information.
For the purposes of this policy, personal information is that which relates to a natural person and allows that person to be identified. It is confidential and cannot be communicated without the consent of the person concerned or the authorized person.
Personal information differs from professional information about an individual in the performance of his or her duties, which is public information and is not considered confidential.
The following is a non-exhaustive list of the personal information collected by Brigid Scullion and the purpose for which it is collected. Only relevant and necessary information related to the organization’s mission or required by law is collected.
With consent
Personal information is collected with manifest, free, informed consent given for specific purposes, unless the applicable law provides for an exception to this principle.
Consent must be clearly conveyed.
Consent must be given without constraint.
The individual must be sufficiently informed to understand the scope of his or her consent.
For the duration necessary to achieve the purposes for which consent was initially requested.
The form of consent may vary according to circumstances and the type of information collected. It is ideally explicit (verbal or written), but can also be implicit (reasonably inferred from an action or inaction). Refusal to disclose personal information to the organization may hinder the provision of the requested service.
To the person concerned
Personal information is collected directly from the person concerned, for example by telephone, e-mail or via the contact form on the website.
Any person in possession of personal or confidential information within Brigid Scullion is required to respect the confidentiality of such information. This information is shared only when necessary and relevant, and with discretion and respect for the person concerned.
In this regard, all persons must:
In the course of their duties, people involved with Brigid Scullion may need access to personal or confidential information, but such access must be necessary and justified.
Personal information is disclosed outside Brigid Scullion only with consent and for intervention in the context of the mission. Should such a situation arise, only the information that is relevant and necessary to this intervention will be disclosed, unless otherwise specified by applicable law.
Some of Brigid Scullion’s third parties are Mailchimp and Calendly.
These third parties, as well as third parties whose hyperlinks can be found on the Brigid Scullion Web site, have their own privacy policies – for more information, please contact them directly. Brigid Scullion will not sell or market the personal information collected.
Brigid Scullion protects the personal information entrusted to us against loss, theft, unauthorized access or use. The means used are administrative, technical and physical.
The following is a non-exhaustive list of the security measures taken by Brigid Scullion.
Personal information is retained only as long as necessary for the purposes for which it was collected, in accordance with applicable laws. Obsolete or inactive information is destroyed.
The personal information we collect is stored in secure environments, whether in paper or digital form, in accordance with legal requirements and best data protection practices.
Retention: Personal information is stored securely for the period necessary to fulfill the purposes for which it was collected. Access to this information is strictly limited to authorized employees who require access to perform their duties in connection with our services.
Digital hosting: Digital data is hosted on secure servers located in professional data centers. We take technical and organizational measures to protect this data from unauthorized access, disclosure, alteration or destruction.
Destruction: At the end of the appropriate retention period, or at the request of the individual concerned, personal information is securely destroyed. Personal information on paper is shredded, while digital information is deleted in such a way that it cannot be recovered or reconstituted.
Request for deletion: If an individual wishes to have his or her personal information deleted from our systems before the end of the usual retention period, he or she may make a request by following the procedure described in the “Request for access” section.
If no specific request is made to Brigid Scullion, the procedure for destroying personal information is as follows: a destruction schedule is established based on the retention period for each category of personal information, and destruction is carried out in such a way that the personal information cannot be recovered or reconstituted.
If you wish to destroy personal information outside the destruction schedule, please follow the access request procedure below and indicate the reason why deletion or de-indexation is requested.
To access personal information, the person concerned or the authorized person must submit a written request to the company’s Privacy Officer identified at the end of this policy.
The request may be sent by e-mail or regular mail, and must contain sufficient information to validate the identity of the person making the request as well as the information sought.
Possible information to be obtained is as follows:
Brigid Scullion is responsible for ensuring the portability of personal information that will be transmitted, i.e. transmitting it in a structured and commonly used technological or printed format, such as photocopies or scanned documents.
For security reasons, the company will verify the identity of the person making the request in a reasonable manner before granting the request, which will be processed within thirty (30) days of receipt.
Before releasing personal information, the person in charge will examine the information to ensure that it does not contain any third-party information that is confidential or likely to infringe other rights.
Once the verifications have been completed, the information will be communicated within a reasonable timeframe by electronic means, secure postal mail or in person.
If an access request is incomplete or excessive, the Privacy Officer will contact the person concerned or the authorized person for additional information or clarification. Requests that are abusive, excessive, unjustified or subject to legal restrictions will be refused.
All steps in the access request process must be recorded accurately and completely.
Handling complaints
If the person making the request is dissatisfied with the response to the access request, he or she may contact the Privacy Officer again.
Complaints may be sent by e-mail or regular mail, and must contain sufficient information to identify the complainant and the reason for the complaint.
Complaints that are frivolous, defamatory or without obvious merit will be rejected.
The Privacy Officer conducts a thorough investigation by gathering evidence, interviewing the parties involved and collecting all relevant documents, while maintaining the confidentiality of information related to the complaint.
Appropriate solutions are then presented as soon as possible, such as coercive measures, financial compensation or any other action required to satisfactorily resolve the complaint.
Once the complaint has been resolved, the Privacy Officer provides a written response to the complainant, summarizing the measures taken and the proposed solutions.
All steps in the complaint handling process must be recorded accurately and completely.
If dissatisfaction persists following these steps, the complainant may contact the Commission d’accès à l’information directly.
Brigid Scullion is responsible for keeping a formal register and for implementing the following procedures and obligations in the event of an incident affecting the confidentiality of personal information.
The person responsible for protecting personal information takes cognizance of the privacy incident and determines the level of risk of harm (sensitivity of the information concerned, apprehended consequences of its use, likelihood that it will be used for harmful purposes).
If the analysis determines that the risk is critical or serious, the Privacy Officer notifies the Commission de l’accès à l’information and the persons concerned by the incident.
If the analysis determines that the risk is significant, minor or negligible, the Privacy Officer initiates work to reduce the risk and prevent a similar incident from occurring in the future.
In case of doubt or uncertainty, the Commission d’accès à l’information will be contacted for specific guidelines.
This privacy policy can be consulted at any time at www.memeadresse.ca.
Brigid Scullion may modify it in order to ensure its compliance with current legislation. Please consult this privacy policy regularly for any updates.
By browsing the site, you acknowledge that you have read and understood this privacy policy and agree to its terms, particularly with respect to the collection and processing of personal information and the use of cookies.
If you have any questions about this privacy policy, you can contact us :
The person responsible for personal information is Brigid Scullion. All requests or complaints regarding personal information should be sent by mail to the following address: brigidscullionbroker@gmail.com
Protection of personal information Officer
