VOXDATA’S PERSONAL INFORMATION GOVERNANCE POLICY
The company Voxdata inc.(hereafter “Voxdata”) commits to collect, use, disclose, store and destroy your Personal Information, regardless of the format in which it is held or accessed, in accordance with this policy (hereafter “Policy”).
This Policy also discloses the roles and responsibilities of Voxdata’s personnel from the collection to the destruction of your Personal Information.
If you have any questions about your Personal Information and, after reading the Policy, your questions remain unanswered, you may contact, the Privacy Officer, at the following e-mail address: email@example.com.
Voxdata may, at its discretion, change the Policy from time to time. If a change is made to the Policy, you will be notified, when applicable. Once notified, your continued use of the services provided by Voxdata after the amended Policy becomes effective will constitute your consent to the Policy as amended.
In this Policy, the following definitions are applicable :
- “Personal Information”means any information that relates to a natural person and allows, directly or indirectly, that person to be identified;
- “Privacy Officer” means the Privacy Officer appointed by Voxdata who ensures compliance and enforcement of the Act, who can be reached by e-mail at firstname.lastname@example.org;
- “Act” means the Act respecting the protection of personal information in the private sector, chapter P-39.1, and any subsequent amendments or modifications thereto; and
- “Privacy Incident” means :
- access to any Personal Information that is not authorized by the Act;
- the use of Personal Information not authorized by the Act;
- the unauthorized disclosure of Personal Information; or
- the loss of Personal Information or any other breach of the protection of such information.
By submitting your Personal Information to Voxdata, you consent to the collection, use, disclosure, retention, and destruction of your Personal Information by Voxdata in accordance with this Policy.
3. Purposes for Which Personal Information is Collected
Voxdata collects your Personal Information for the following purposes:
- to respond to your requests or questions;
- to perform its services within the framework of service contracts with a varied clientele in the field of call centers;
- to provide sales support and digital transformation services to its customers;
- to improve the website and its services or to investigate your interests as a customer. Voxdata may also use your Personal Information to personalize your experience or display content according to your preferences;
- to send you, based on your choice, advertising material or additional information about its services, surveys, contests, promotions and special offers for marketing purposes. However, you are free to choose not to receive advertising or marketing material at any time;
- to conduct market and performance research in order to improve customer service and the quality of services on the website;
- to prevent and detect fraud or to evaluate and improve protection and security measures. Voxdata may use the information to protect its business, its customers or the website;
- the performance of service contracts for the benefit of call center customers;
- for customer technical support purposes; and
- to contact you regarding this Policy.
Voxdata will use your Personal Information only for the purposes set out in this Policy and will obtain your consent for any other use not set out in this Policy unless otherwise permitted by law.
4. How Your Personal Information is Collected
Voxdata collects your Personal Information when:
- you create a customer profile on its website;
- you contact a company that has entered into a service contract, and you are in contact with a Voxdata employee or agent;
- you click on an advertisement that Voxdata has placed on a third-party website (e.g., Google, Facebook, etc.);
- you complete a survey, enter a contest or other promotion;
- you contact us by e-mail, telephone, or any other means of communication; and
- when we receive Personal Information for potential employees from recruiting companies.
When Voxdata collects your Personal Information from another person who operates a business, you may contact the Privacy Officer to be informed of the source of such information.
5. Statutory Right of Access and Rectification
Voxdata undertakes, at your request, to confirm the existence of your Personal Information, to communicate it to you and to allow you to obtain a copy of it in a structured and commonly used technological format.
You have the right to demand that Personal Information that is inaccurate, incomplete, or ambiguous be rectified, or that it be deleted if its collection, communication or storage is not authorized by law.
You have the right to require Voxdata to stop disclosing your Personal Information if such disclosure is in violation of the law, a court order or in the event that the following conditions are met: i) the disclosure causes you serious harm to your reputation or privacy, ii) this harm clearly outweighs the public interest in knowing this information or the interest of any person in expressing themselves freely, and iii) the requested cessation of disclosure does not exceed what is necessary to avoid the perpetuation of the harm.
In all cases, your request for access or rectification must be made in writing, providing proof of your identity as the person concerned by the Personal Information. The Privacy Officer undertakes to respond to your written request within 30 days of receipt.
Access to your Personal Information is free of charge, except where reasonable fees may be charged for transcription, reproduction or transmission.
In the event of a refusal to grant your request, the Privacy Officer undertakes to give reasons for his or her decision and to inform you of the provision of the law on which the refusal is based, the remedies available to you and the time limit within which they may be exercised. The Privacy Officer undertakes to provide you with the assistance required to help you understand the refusal.
The Privacy Officer undertakes to issue, free of charge, a copy of your modified or added Personal Information or, as the case may be, an attestation of the suppression of your Personal Information. It also undertakes to notify, without delay, any person who has received the information in the six months preceding the request of the person concerned and, where applicable, the person from whom the information was obtained.
The Privacy Officer undertakes to keep the Personal Information that is the subject of your request for access or rectification for the time required to enable you to exhaust your legal remedies.
6. Right to Withdraw Your Consent
You have the right to withdraw your consent to the disclosure or use of your Personal Information by Voxdata at any time. To do so, please contact the Privacy Officer using the contact information provided in this Policy.
7. Personal Information Automatically Collected Through the Website – Cookies
Voxdata collects Personal Information provided by cookies. Cookies are data files that are commonly stored on your device when you use websites and online services. They are used for the efficient operation of websites and can provide information and help personalize services.
8. Disclosure of Your Personal Information
Voxdata wants you to understand with whom it shares the Personal Information it collects about you when you use its services. Consequently, Voxdata shares your Personal Information with the following people:
- Clients – When Voxdata is mandated by a company to perform a service contract, your Personal Information collected by a Voxdata employee or agent is then communicated to the client. In this case, procedures are put in place to ensure the secure communication of your Personal Information.
- Authorized Service Providers – Voxdata may share your Personal Information with service providers who perform services on Voxdata’s behalf. These service providers may have access to your Personal Information for the sole purpose of performing their functions. In such cases, security measures will be put in place to ensure the confidentiality of your Personal Information.
- Business Partners – Voxdata may share your Personal Information with its business partners in order to provide services to you. In such cases, security measures will be put in place to ensure the confidentiality of your Personal Information.
- Business Transaction – As part of a significant Voxdata transaction, such as a sale of all or a portion of the stock of Voxdata, a merger, or a sale of assets. Any third party to whom Voxdata discloses your Personal Information will be required to agree to use such Personal Information in accordance with this Policy unless you indicate otherwise.
Voxdata must obtain your consent to communicate or transmit your Personal Information to a third party not covered by this Policy, except where it is justified in doing so by virtue of an exception provided for by law.
Your Personal Information may be disclosed outside Quebec. In such cases, Voxdata undertakes to conduct a privacy impact assessment and to make the disclosure only if the assessment demonstrates that the Personal Information disclosed is adequately protected. In such cases, the disclosure of the Personal Information will be subject to a written agreement that takes into account the results of such assessment and any terms and conditions agreed to in order to mitigate the risks identified in such assessment.
A backup copy of all your information is kept on a disaster recovery server located in Toronto.
9. Safety Measures
Voxdata takes appropriate security measures, including physical, electronic, technological and organizational measures to protect your Personal Information.
To this end, Voxdata is SOC 2 and PCI DSS compliant, which are recognized security and compliance standards to ensure the protection of Personal Information.
Voxdata also has various internal measures in place to protect Personal Information, including this Policy, and access controls based on each employee’s role within the company. In addition, recorded and stored telephone calls are encrypted to ensure adequate protection.
10. Privacy Incident
If Voxdata has reason to believe that a Privacy Incident has occurred, reasonable steps will be taken to reduce the likelihood of harm and to prevent similar incidents in the future.
Voxdata will keep a record of all Privacy Incidents, including the facts of the breach of Personal Information, the Personal Information that is the subject of the Privacy Incident, the effects of the Privacy Incident, the people affected, and the steps taken to remedy the breach.
If the Privacy Incident presents a risk of serious harm being caused, Voxdata will diligently notify the Commission d’accès à l’information instituted by the Act respecting access to documents held by public bodies and the protection of personal information, as well as any person whose Personal Information is affected by the Privacy Incident. Voxdata may also notify any person or organization likely to reduce this risk, communicating only the Personal Information required for this purpose. In the latter case, the Privacy Officer shall record the communication. Notwithstanding the foregoing in this paragraph, a person whose Personal Information is affected by the Privacy Incident need not be notified as long as this would be likely to hinder an investigation by a person or body who, under the law, is responsible for preventing, detecting or repressing crime or breaches of the law.
The Privacy Officer will notify the Commission d’accès à l’information and any person concerned as soon as possible and in accordance with the provisions of the Act.
11. Duration of Conservation of Personal Information
Once the purposes for which your Personal Information was collected have been fulfilled, it will be destroyed or anonymized by Voxdata, subject to any retention period required by law.
Voxdata adheres to industry standard principles for making Personal Information anonymous and irretrievable. The exact process may vary depending on the type of Personal Information, and destruction may be automatic or manual, as appropriate.
12. Complaints Handling
If you have any complaints regarding the protection of your Personal Information or its use by Voxdata, please contact the Privacy Officer at the e-mail address indicated on the first page of this Policy. The Privacy Officer will respond to your complaint by e-mail as soon as possible.
13. Staff Roles and Responsibilities
Voxdata implements access controls to ensure that only employees authorized by Voxdata have access to your Personal Information. These authorized employees need to know or access your Personal Information to enable Voxdata to provide its services.
The Privacy Officer is responsible for ensuring compliance with and implementation of this Policy. He also ensures that all authorized Voxdata employees are familiar with the Policy and that they use Personal Information in accordance with its provisions.
14. Access to and Means of Accessing Your Personal Information
If you have any questions regarding the access or the use of your Personal Information by Voxdata, please contact the Privacy Officer at the e-mail address indicated on the first page of this Policy.
In the event of any inconsistency between this Policy and the Act, the provisions of the Act shall prevail.
Policy last updated: December 21st 2023