Policy
Privacy Policy
Introduction
Groupe Conseil Amar Gouin Inc. carrying on business as Assurance Visiteurs (the “Company”, “we”, “us”, “our”) recognizes the importance of protecting your personal information. This policy explains how the Company collects, uses, retains and discloses your personal information.
Personal information is any information about you that allows you to be identified directly or indirectly (for example, by associating it with other information).
This policy applies to users and customers of our websites, applications, services and products, but does not apply to our employees, candidates or suppliers.
By providing us with your personal information after you have been informed of this Policy, in accordance with applicable law, you consent to the collection, use, retention and disclosure of your personal information in accordance with this Policy. Your consent may also be implied in certain cases, depending on your reasonable expectations.
We reserve the right to update this policy at any time and such changes will be effective as of the date specified in the change. Please check this Policy periodically for changes. We will consider that you have accepted the changes to this Policy if you continue to provide us with personal information after the changes take effect.
Which organization collects personal information?
Your personal information is collected by the Company on its own behalf.
Your personal information may also be collected on our behalf by third parties, for example: a technology service provider or newsletter manager; a consultant who provides part of the services offered to customers; or an insurer with whom insurance policies are underwritten.
How is your personal information collected and what information is involved?
Your personal information is collected directly from you when you provide it to us, for example :
- online on our website (e.g. on a submission form);
- through e-mails you send us;
- when you call us;
- when you chat with us.
In addition to the above, we may also collect personal information, for example, when you decide to subscribe to a newsletter, enter a contest or participate in a survey.
In particular, we collect the following personal information:
- last name, first name, postal address, e-mail address, telephone numbers, details of communications between you and us, details of purchases and requests for information, date of birth;
- information relating to insurance policies taken out;
- health history;
- information on travel dates, as well as place of departure and destination;
- payment information.
If you are purchasing an insurance policy on behalf of an insured third party, we may need to collect personal information about them. By providing personal information about the insured, you confirm that you have obtained the insured’s consent to provide us with this personal information.
The types of personal information we collect depend on a number of factors and the context. We collect only the personal information we consider necessary for the conduct of our business and the fulfillment of the identified purposes.
Your personal information is also collected from the following third parties: insurers with whom insurance policies are underwritten on your behalf, brokers who ask us to underwrite insurance policies on your behalf, educational institutions who ask us to underwrite insurance policies on your behalf.
We collect personal information automatically on our websites and applications, which is provided through analytical tools or digital markers. These analytical tools collect only a limited set of data, namely the Internet Protocol address (IP address), the date and time of the visit, the pages visited, the actions taken on the website, the domain used to access the website, the type and version of browser or operating system you are using, and the website you have just accessed and will subsequently access. This information is collected using “cookies”, as further described below.
We do not collect any payment card information. Payments made on our websites or applications are processed directly by a service provider, who has sole access to payment card information. Online transactions are secured in accordance with the service provider’s transmission standards, to enable secure transmission and processing of transactions.
What is the purpose of collecting personal information?
We collect personal information for the following purposes:
- to provide the requested services or information to you;
- process your requests;
- analyze your insurance and protection needs;
- review and submit insurance applications;
- underwrite, issue, manage, modify and renew insurance policies;
- process claims and insurance notifications;
- verify your insurance coverage;
- manage billing and process payments;
- handle and resolve complaints and dissatisfactions;
- offer personalized recommendations based on your purchasing profile, if you have accepted the installation of cookies;
- communicate with you in the course of our business, for internal quality assurance purposes or to manage the quality of the information provided;
- detect and prevent fraud;
- for statistical and accounting purposes (in the latter case, personal information is aggregated and anonymized);
- to inform you of news, updates, information and special offers concerning the Company’s services and products, in compliance with so-called anti-spam laws and with your express consent when required;
- if we have reasonable grounds to believe they may be useful in the investigation of a contravention of federal, provincial or foreign law, or to protect or defend a legal interest;
- respond to requests for information from regulators or other organizations and persons legally empowered to make such requests;
- administer your account or services to you, including rewards programs, sweepstakes and contests;
- as required or permitted by applicable law.
In addition to the above purposes, we will inform you of other purposes for which your personal information is collected at or before the time the information is collected.
If we wish to use your personal information that has been collected for a purpose not previously disclosed to you, we will seek your separate consent before using it, unless applicable law permits us to do so without your consent.
What technologies are used that include functions to identify, locate or profile individuals?
We may use cookies. Cookies are bits of information that are sent to your computer or mobile device when you visit a website. Cookies are stored, temporarily or permanently, on the hard drive of your computer or mobile device, leaving a record of your visit. When you visit a Web site, a cookie may be created and stored, allowing us to “recognize” you each time you visit the site.
Cookies that allow you to be identified, located or profiled are deactivated by default. You must first accept them. You may refuse to accept cookies, but if you do, you may not be able to take advantage of certain features.
Cookies may enable us to analyze your personal preferences, interests or behavior as you surf the Internet. They enable us to improve your online experience by recording your browsing preferences, to
analyze the operation of our websites, to carry out statistical analyses and to recommend content to you.
We use the following cookies:
- Cookieyes
cookieyes-consent :
CookieYes sets this cookie to remember users’ consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about site visitors. To access the supplier’s terms and conditions and privacy policy: https://www.cookieyes.com/privacy-policy/
- WPML
wp-wpml_current_language: The WordPress multilingual plug-in sets this cookie to store current language settings. To access the provider’s terms and privacy policies: https://wpml.org/documentation/privacy-policy-and-gdpr-compliance/
- Hotjar
_hjAbsoluteSessionInProgress: Hotjar sets this cookie to detect a user’s first page view session, which is a True/False indicator set by the cookie.
_hjFirstSeen: Hotjar sets this cookie to identify a new user’s first session. It stores the true/false value, indicating whether this was the first time Hotjar saw this user.
_hjSession_*: Hotjar sets this cookie to ensure that data from subsequent visits to the same site is attributed to the same user ID, which persists in the Hotjar user ID, which is unique for that site.
hjRecordingEnabled: Hotjar sets this cookie when a recording is started, and it is read when the recording module is initialized, to see if the user is already in a recording in a particular session. To access the supplier’s terms and conditions and privacy policy: – https://www.hotjar.com/privacy/
- Google Analytics
_ga_*: Google Analytics uses this cookie to store and count page views.
_ga: Google Analytics uses this cookie to calculate visitor, session and campaign data and track site usage for site analytics reporting. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid: Google Analytics uses this cookie to store information about how visitors use a website while creating a site performance analysis report. Some of the data collected includes the number of visitors, their source and the pages they visit anonymously.
_gat_UA-*: Google Analytics sets this cookie to track user behavior. To access the supplier’s terms and conditions and privacy policy: https://policies.google.com/?hl=en
We will ask you beforehand if you accept or refuse the installation of cookies, if these cookies make it possible to identify you, locate you or carry out profiling.
Many major websites use cookies. Most browsers are initially configured to accept cookies. If you wish, you can change your browser settings to notify you when you receive a cookie, or to refuse to accept them.
Although you are not obliged to accept cookies, it is possible that some website functions may not function properly if you refuse to accept cookies. You can consult the following link for an overview of how to block or delete cookies on the most common browsers: https://www.allaboutcookies.org/
Is it possible to refuse the collection of personal information?
You may refuse the collection of your personal information. However, refusing such consent may limit our ability to provide services or sell products to you. We will not refuse to fulfill a request for a product or service from you if you refuse such consent, unless the collection is necessary for such purpose. Your consent to our use of your personal information for secondary purposes (such as marketing) is therefore not required.
Do we collect personal information about minors?
We intend to comply with applicable laws regarding the privacy and advertising of minors. We do not seek to collect personal information from minors under the age of 14 without the consent of their parents or guardians. However, if you believe we are doing so, please let us know. If we ever wish to collect personal information from minors under the age of 14, we will obtain consent directly from their parents or guardians, as required by applicable law.
Will we make decisions based exclusively on automated processing of your personal data?
We do not intend to make decisions based exclusively on automated processing of your personal data.
Who has access to personal information inside and outside the company?
Only those members of our staff who are authorized and who need access to your personal information in the course of their duties have access to it, for example: the customer service center, the billing
department and those responsible for providing products and services to customers. These individuals have access only to the personal information they need to perform their duties.
We will only disclose your personal information to third parties (the type of information disclosed will depend on the situation) if:
- you have authorized us to disclose the information to a third party for a specific purpose;
- third parties who act on behalf of the Company as agents or service providers (for example : IT service providers, hosting or marketing solution providers, insurers with whom insurance policies are underwritten, as well as our related companies with whom we share services), and the information is disclosed to them only for this purpose, it being understood that these third parties must comply with strict contractual terms that require them to maintain the confidentiality of all information, to use it only for this purpose and not to retain the information once the contract has expired;
- if a person is acting as your representative, or if we reasonably believe that the person is acting under proper authority (e.g. guardian, parental authority, etc.), or is a person who holds an insurance policy or service jointly with you;
- to meet legal requirements;
- if we are required to provide personal information in response to a valid court order, subpoena or governmental investigation, or as otherwise required by applicable law;
- if the Company ever sells its business or assets, in whole or in part, or merges, as required by such transaction, as well as for due diligence purposes;
- as required or permitted by applicable law.
What are the roles and responsibilities of our employees who have access to personal information?
We inform our employees of their obligation to maintain the confidentiality of personal information and make them aware of the importance of protecting the confidentiality of personal information. Our employees may only use personal information in accordance with the terms of this and our other policies.
We have set out the roles and responsibilities of our staff members throughout the cycle of handling your personal information, from collection to destruction, in a Personal Information Governance and Management Policy.
What measures are taken to ensure the confidentiality and security of personal information?
We implement reasonable physical, technological and administrative safeguards to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. The nature of the safeguards varies depending on the sensitivity of the personal information collected, the amount, distribution and format of the personal information, and the method of storage. These measures include the following:
- physical measures, such as locked premises;
- technological measures, such as firewalls;
- administrative measures, such as the adoption of an information security policy.
Where is personal information stored and may it be disclosed outside Quebec?
Depending on the nature of the personal information, it may be held at the Company’s offices, in various computer systems of the Company or our service providers, or in storage facilities of the Company or our service providers.
Your personal information may be disclosed outside Quebec or Canada for the purposes described above, which may include collection, use, disclosure or retention.
How long do we keep your personal information?
We retain the personal information we collect for as long as necessary to fulfill the identified purposes, as long as it is reasonable to do so for customer service, legal or business purposes. The length of retention depends on the identified purposes and the nature of the information. At the end of this period, the information is permanently and securely destroyed or anonymized, in accordance with applicable laws.
What rules apply to websites, applications and social media sites operated by third parties?
Our websites or applications may contain links to third-party websites or applications (collectively and individually the “Third-Party Sites”) that may take you away from our website or application. We provide these links as a convenience. The Third Party Sites are not under our control, and we therefore have no control over the privacy and confidentiality practices of the Third Party Sites. As a result, any personal information that is transmitted through Third Party Sites is subject to the privacy policies of those Third Party Sites. It is your responsibility to review these policies to ensure the protection of your personal information.
We may use third-party Social Media Sites (for example, Facebook and Instagram). Social media accounts are public and are not operated by us. If you choose to interact with us through these third-party social media Sites, you should first review their privacy policies.
Personal information provided to us through social media accounts is collected to capture conversations (e.g. questions and answers, comments, “likes”, shared tweets) between you and us. It may be used to respond to inquiries, for statistical evaluation and reporting, and for all other purposes identified in this policy.
What are your rights and how can you exercise them?
You have the following rights, within the limits and under the terms of the applicable laws:
- consult your personal information;
- rectify or update your personal information;
- withdraw your consent at any time (withdrawal of consent binds us to the use of personal information based on that consent, but will not affect the use based on your consent prior to its withdrawal);
- request the deletion of your personal information.
If you request to withdraw your consent to the use, disclosure and retention of your personal information, the treatment of this request will depend on the situation and purpose. As the case may be:
- you can withdraw your consent, but we will no longer be able to offer you a service that depends on it;
- you cannot withdraw your consent, because the processing of your personal information is necessary or compulsory.
In all cases, we may need to retain certain personal information to meet our legal obligations.
You may exercise the foregoing rights at any time by contacting the Company’s Privacy Officer (see below).
The request must contain sufficient information for us to be able to process it. We undertake to respond to requests within a reasonable time and, where possible, within thirty (30) days, as provided by applicable laws. However, we must first verify the identity of the person making the request.
We will ensure that your personal information is as accurate, complete and up-to-date as possible for the purposes for which it is to be used. It is, however, your responsibility to ensure that your personal information, such as contact information, is kept up to date with us.
What is the process for handling privacy complaints?
You may file a complaint with the Company’s Privacy Officer (see below) if you believe that we are not complying with our obligations to protect confidential information. We will acknowledge receipt of your complaint, may contact you for clarification, investigate the complaint confidentially, and report the findings of the investigation to you. If your complaint is justified, we will then take the appropriate steps to rectify the situation. If you are dissatisfied with this internal investigation of your complaint, you may contact the organizations that have jurisdiction over the protection of personal information: the Office of the Privacy Commissioner of Canada (at the federal level), the Commission d’accès à l’information du Québec, the Office of the Information and Privacy Commissioner for British Columbia or the Office of the Information and Privacy Commissioner of Alberta.
Who can you contact if you have any questions about your personal information and who is responsible for protecting the Company’s personal information?
The person with the highest authority at the Company has delegated the role of Privacy Officer to the Information Security Officer, whose contact details are as follows:
Annie Drouin
E-mail: prp-amar@assurancevisiteurs.ca.
You may contact the Company’s Privacy Officer to exercise your rights, to ask questions about our privacy practices or to make a privacy-related complaint.