Employee Privacy Policy
Your personal information is precious
We, Montrose International Group. and its affiliates, are doing everything we can to protect the personal information you entrust to us. That is why we are committed to continually reassessing our practices, keeping them up to date and in line with high standards regarding your privacy and management of your personal information.
What we are doing to protect your personal information
First and foremost, what constitutes personal information? It is information that concerns you and can be used to identify you, directly or indirectly.
We operate on the basis of 4 important principles
The following principles govern how we ensure your privacy.
-
Ensure secure management. We implement good management and safeguard practices to secure your personal information and oversee its use.
-
Respect your rights. You have rights related to the personal information we hold about you. You may exercise them at any time.
-
Be transparent. We provide you with all relevant information about our privacy practices.
-
Act responsibly. Our employees, suppliers and representatives must comply with our privacy practices. Our Chief Privacy Officer sees to ensure that they do and that our practices are always up to date.
Montrose International Group (MIG Holdings Inc). is primarily composed of the following brands: Whyte’s, Mrs. Whyte’s, Coronation, Strub’s, Saroli, Via Italia, Fleur de Dijon, Trans Alpine, UniChef, Swiss Alpine, Hey Pickle! and O’Tastily.
We only collect personal information that is necessary
From whom do we collect your personal information?
We collect your personal information primarily from you.
How do we collect your personal information?
We may collect your personal information in a number of ways, including:
-
By phone
-
Via our paper and digital forms
-
Via our social media accounts
-
When you visit our websites
What personal information do we collect?
We only collect the personal information necessary to fulfill the purposes outlined in this notice. Here are some examples of personal information we may collect.
We may also create or infer information from the personal information we collect. This information is considered personal information. We manage and protect it in accordance with the same practices as the rest of your personal information.
We collect your personal information for specific purposes
We collect, use, disclose and retain your personal information solely for the purposes outlined in this notice. We will inform you of the intended purposes at or prior to the time we collect your personal information.
The following purposes may be essential to our relationship with you:
We must obtain your consent to collect, use, disclose and retain your personal information for the following purposes:
We may share your personal information with other individuals or organizations
To whom may we disclose your personal information?
In order to fulfill the purposes outlined in this notice, we may sometimes need to share your personal information with other individuals or organizations.
For example, we may share it with the following third parties:
-
Other Montrose International Group. entities and their representatives
-
Credit bureaus and reporting agencies, such as Equifax or TransUnion
-
Public bodies, such as Canada Life
-
Suppliers, for example of document printing, delivery or data storage services
-
Courts, regulatory authorities or self-regulatory organizations
-
Cybersecurity prevention and management organizations, for example, law enforcement agencies
We may disclose your personal information outside of Canada, like travel booking.
We store your personal information primarily in Canada, but we may sometimes disclose it to parties outside of Canada.
For example, if we are doing business with a supplier based in another country. Before we transfer your personal information outside of Canada, we ensure that it is adequately protected.
We may also disclose your personal information to another Canadian province or territory.
We obtain your consent, except in certain cases prescribed by law
When do we obtain your consent?
We obtain your consent before we collect, use or disclose your personal information. We may obtain consent directly from you.
We will request your consent again if we wish to use or disclose your personal information for a purpose to which you have not consented.
When do we not request your consent?
In some cases, the law permits us to collect, use or disclose your personal information without your consent.
Here are a few examples:
-
Conduct statistical studies using de-identified personal information, where permitted by law
-
Take appropriate action if we detect potential breach of privacy or cyber threat
-
Using your personal information if it is clearly for your benefit
We may also be required by law to disclose personal information. For example, if ordered by a court or requested by a regulatory authority or a self-regulatory organization.
We are doing everything we can to protect your personal information
Our employees, representatives and other stakeholders are committed to protecting your personal information. Our internal procedures clearly define the roles and responsibilities of employees, representatives and other stakeholders in the management of personal information.
We limit access to and use of your personal information
We keep access to your personal information to a minimum. Access to your personal information is restricted to those who need it to perform their duties.
Here are some of the measures in place to control access to and use of your personal information:
-
We train our employees to handle your personal information with care and in accordance with best management practices.
-
Our employees may access and use personal information we collect only if we obtained consent for this purpose or if permitted by law.
-
We review the access rights of employees according to their roles and responsibilities.
We protect our facilities and IT systems.
We have security measures in place to protect our IT platforms, facilities and systems. Your personal information is protected at all times by a multidisciplinary team, monitoring tools and state-of-the-art technological environments.
Security measures are in use where required
Technological measures
• Multi-factor authentication Data encryption
• Digital certificates Firewalls
Physical or administrative measures
• Authorization required to access our IT systems and the buildings where your personal information is stored.
• Constant monitoring of our facilities
We communicate with you in a secure manner
We have measures in place to ensure the security of our communications with you, including when we collect your personal information.
Here are some examples of these security measures:
-
We always verify your identity, whether online, by phone or in person. Other than to authenticate you, we avoid collecting certain personal information over the phone, such as your date of birth or your social security number.
-
We will not contact you for the sole purpose of obtaining your personal information.
We retain your personal information for a limited time
We retain your personal information only as long as necessary to:
-
Fulfill the purposes for which we collected it, and
-
Meet our legal obligations
We will implement a retention schedule. It guides us as to how long we should keep each type of personal information, depending on the context. We may destroy personal information once the retention period has elapsed. The duration of this period depends, among other things, on our legal and regulatory obligations and on the time needed to protect our rights in the event of legal recourse.
We may anonymize certain personal information before destroying it and retain a copy. Once the information is anonymized, it can no longer be used to identify you and is therefore no longer deemed personal. We use it, among other things, to improve our product pricing, identify trends and establish performance indicators.
We respect your privacy rights
Manage your consent preferences
You may review and change your consent preferences for the collection, use and disclosure of your personal information at any time. Please be aware, however, that we will no longer be able to answer questions or treat your requests if you withdraw your consent for a purpose that is essential to our relationship with you (See the section We collect your personal information for specific purposes for further details).
For optional purposes, you may withdraw your consent at any time without adversely affecting our relationship with you.
You can contact us to withdraw your consent for the following optional purpose:
-
Keep you informed of our promotions, products, services, contests and events that may be of interest to you
Withdrawing your consent may take up to 30 days to be processed and applied.
Accessing, rectifying or deleting your personal information
You have several rights regarding the personal information we hold about you. You may exercise them at any time.
You may submit a written request to exercise any of your rights in relation to your personal information. You will receive our written response within 30 days. If we deny your request in whole or in part, we will provide you with several pieces of information:
-
Reasons for the denial
-
The references of the laws and regulations that justify this denial
-
Your right to challenge this denial before the privacy regulatory authority of your province or territory
-
Timeframe for appealing the denial
Filing a complaint
You may file a complaint if you feel that we have mishandled your personal information.
We invite you to contact us first if you wish to file a complaint. We will take the time to analyze your complaint and work with you to resolve the situation.
You can also file a complaint with the privacy regulatory authority of your province or territory.
How to contact us regarding your privacy
You can contact us in writing at the addresses below to:
-
Submit a request to access, rectify or delete your personal information
-
File a complaint about the handling of your personal information
-
Request assistance, send us a comment or ask any question related to your privacy
Make sure you provide us with all the information we need to follow up on your request.
By email:
By mail:
Montrose International Group.
Chief Privacy Officer 156, Reynold’s Street,
Oakville (Ontario) L6J 3K9
If we update this notice
We regularly update our practices to bolster them and ensure that they reflect changing privacy laws, regulations and standards.
We will notify you on our website of any material changes to this notice.
Politique de protection des consommateurs