Skip to main content

CONFIDENTIALITY POLICY

The Domaine des Pays d’en Haut also ensures the protection of your personal information!

1. Your responsibility

It’s your responsibility to read this confidentiality policy before using our online sales platforms.

If you don’t adhere to this policy, you must refrain from or stop sending us your personal information by electronic means. In this case, if you have already sent us your personal information, please contact us immediately so that we can be informed of the withdrawal of your consent and take the necessary measures regarding your information.

You consent to our use or disclosure of the information you provide us in accordance with the present confidentiality policy.

We make sure that we have obtained your consent prior to any use or disclosure of your personal information.

In certain situations, permitted by law, we may use or communicate your information without obtaining your prior consent and, should this be the case, we will proceed in accordance with the requirements of the law while always respecting your rights.

The Domaine des Pays d’en Haut doesn’t sell or rent out your personal information to anyone.

2. The Domaine des Pays d’en Haut’s commitment

The Domaine des Pays d’en Haut de Granby (including the Foundation) is committed to applying the necessary security measures and sound management practices in order to protect the confidentiality of the personal information entrusted to us and to make sure that your right to privacy is respected.

We strive to respect this commitment throughout the entire life cycle during which your personal information is held, used, disclosed and finally destroyed by us, from the moment we obtain it.

We act in accordance with the laws applicable in Québec; notably the regulations contained in the Act respecting the protection of personal information in the private sector.

3. The person responsible for the protection of personal information

The Domaine des Pays d’en Haut at Piedmont named Julie Deschênes, General Director, as the officer responsible for the protection of personal information.

This person is responsible for ensuring compliance with applicable legislation relating to the protection of personal information and for ensuring that your rights relating to your personal information are respected.

If you have any questions, comments or information about the protection of your personal information, or if you wish to make a complaint or invoke a right, please write to: [email protected].

4. Personal information

For the implementation of this policy, personal information refers to information about you that allows you to be identified or recognized, either directly or indirectly. Here are some examples of personal information that you may be asked to provide us with:

  • Your name
  • Your address
  • Your e-mail address
  • Your telephone number
  • Your financial data
  • Your health data
  • Your parents’ names
  • Your regular spoken language
  • Etc.

As the level of reasonable expectation of privacy increases, so does the sensitivity of such information and hence the need for greater protection measures. The three main areas containing sensitive information are medical, financial and biometric.

The security measures applied are proportional to the sensitivity of the personal information to be protected.

Certain types of information aren’t considered to be of a personal nature, such as information concerning your professional or business functions and information that is deemed public by law.

5. Collection, use and disclosure of your personal information

Within the scope of our activities, you provide us with various types of personal information in different contexts.

Your personal information is collected via electronic forms.

We do business with various technology service providers who collect personal information on our behalf and we don’t systematically have control over the choice of information requested.

In all cases where it’s possible for us to do so, we make sure to limit the extent of our collection of personal information to that which is necessary to achieve the intended objectives.

Online Season Pass Purchases

When you buy season passes online, we ask you to provide the following personal information:

  • Your first and last name
  • Your e-mail address
  • Your phone number
  • Date of birth
  • Gender
  • Language
  • Your residential address
  • Your details for credit card transactions (secure external supplier)

The following are asked with different objectives in mind, including:

  • To identify yourself as a buyer or leaser
  • To receive your payment
  • To deliver the season passes by email
  • To prevent fraud
  • To create your profile in order to effectively manage our loyalty campaigns (internal marketing)

Online sliding ticket Purchases

When you purchase sliding tickets online, we ask you to provide the following personal information:

  • Your first and last name (required)
  • Your e-mail address (required)
  • Your telephone number
  • Your home address
  • Your credit card details (secure external supplier)

These details are intended for a number of purposes, including:

  • To identify yourself as a buyer
  • To receive your payment
  • To deliver your sliding tickets you’ve purchased by email
  • To prevent fraud
  • To create your profile in order to effectively direct our loyalty campaigns (internal marketing)

Online gift card Purchases

When you purchase gift cards online, we ask you to provide the following personal information:

  • Your first and last name (required)
  • Your e-mail address (required)
  • Your telephone number
  • Your home address
  • Your credit card information to proceed with the transaction

This information serves different purposes, including:

  • To identify yourself as a leaser
  • To receive your payment
  • To deliver your gift cards you’ve purchased by post (Canada Post)
  • To prevent fraud
  • To create your profile in order to effectively manage our loyalty campaigns (internal marketing)

6. Employees and job candidates

When you send us your application for a position or when you’re hired by us, we make sure that we collect only the personal information that is necessary within this context and that we use it in a secure manner that complies with the applicable laws.

If you have any questions or comments relating to the management of your personal information in this respect, please contact the person responsible for the protection of personal information.

7. Conservation and destruction of your personal information

We keep your personal information only for as long as is necessary to achieve the purposes for which it was collected unless a minimum period is required by law.

If you have any questions about the conservation periods relating to your personal information, you can contact the person responsible.

At the appropriate time, personal information will be securely and permanently destroyed (or anonymized in some cases).

You can contact the person in charge for more information on this subject.

8. Staff access to your information

We make sure that access to your personal information is limited to those people who need to have access to it in order to carry out their job-related tasks.

For information relating to the categories of persons who have access to your personal information within our organizations, please contact the person responsible.

9. Use for marketing purposes

The personal information you give us is accessible to our marketing department, which uses it for customer loyalty and promotional purposes.

When we need to dispose of it, the personal information we wish to continue to use for marketing purposes is anonymized according to the best practices so that this information can no longer be used to identify or recognize you.

10. Cookies and web beacons

Our website uses cookies. Cookies are pieces of information that are sent by the server to the browser when you visit our website.

We use cookies to remember our visitors’ preferences for statistical purposes, notably to improve the customer experience and optimize our website.

Web beacons and tags are small streams of code used in conjunction with cookies to allow us to record an activity on our site. Web beacons, graphic beacons and other beacon-like functions allow us to count the number of users who’ve visited a particular web page or accessed certain cookies. We may use web beacons on our site to count users and to recognize users by accessing our cookies. Being able to access our cookies allows us to personalize our site and improve your experience on our site. We may also include web beacons in HTML-formatted e-mail messages that we send to determine which e-mail messages have been opened.

These cookies can be deactivated or reactivated by visitors by changing the preferences in their Internet browser settings. Please note that by choosing to disable cookies, you may limit your access to some of the personalized features of our site. Cookies and web beacons don’t collect or contain any of your personal information.

11. Communicating your personal information

We make sure that we obtain your consent before disclosing your personal information to a third party. Certain situations specifically provided for by law authorize us to carry out a communication without your consent, and should this be the case, we’ll proceed in accordance with the requirements of the law and always respecting your rights.

12. Outside of québec

Your personal information could be sent outside of Québec; notably when we retain technological service suppliers or other service providers with servers located outside of the province.

The Domaine des Pays d’en Haut proceeds with an evaluation of the private life information factors required in these situations.

13. Minors

When you transmit personal information to us, you must at least be 14 years of age. If you haven’t reached the age of 14, your parents or guardian’s consent is required.

14. Your right to withdraw your consent

If you wish to take back your consent relating to the conservation, use or communication of personal information which could have been collected by us, please communicate with the person responsible who’ll examine the situation with you.

15. Access and rectification rights

Upon request, you may be informed about the personal information we’ve collected relating to you.

Besides being informed, you can also ask us to confirm the existence of your personal information held by us and that we send you a copy of these[LS1] . When the information has been digitalized, you can ask that it be transmitted to you in an intelligible written transcription, using a structured commonly used technological format.

If you find that a personal information we hold concerning you is incorrect, incomplete or ambiguous, you can require us to correct it.

When we proceed with rectifying personal information, we immediately notify any person or organization to whom we may have communicated this information as well as the person from whom we received it, if the case requires, within the preceding six (6) months.

Formulating a Request for Access or Rectification

Your request must be sent in writing and transmitted to the person responsible for the protection of personal information.

We require that you send us a proof of identity.

You can also ask the person responsible to help you prepare your request.

Treatment of your Request

The person responsible is in charge of processing your request.

An answer will be transmitted to you within the next thirty (30) days following the reception of your request by the person responsible.

Reasonable Fees

Access and rectification of your information is free.

However, a reasonable fee may be charged for their transcription, reproduction or transmission. In such cases, you’ll be informed in advance of the approximate amount of applicable charges.

Request Refusal

If the person responsible refuses to accede to your request for access or rectification, they will inform you of the following elements:

  • The legal provision on which the refusal is based;
  • The recourses available to you under the law;
  • The time limits within which you may exercise these recourses.

If you so request, the person responsible must assist you in understanding the refusal.

16. Complaint processing

If you have any complaints, please contact the person responsible for the protection of personal information.

You’ll then need to provide your name and contact details so that you can be reached.

The person in charge will ask you to explain the reasons for your complaint and to provide sufficiently precise details to enable the complaint to be processed.

The person responsible will process your complaint confidentially and will follow up with you by e-mail within thirty (30) days of obtaining all the information necessary to assess the situation.

If additional time is required to process your complaint, the person responsible will inform you by e-mail before the usual processing period expires.

Despite the internal complaints processing procedure, you may also file a complaint with the Commission d’accès à l’information. Before doing so, please contact the person responsible and wait until your complaint has been processed internally.

17. Confidentiality incident

If we become aware of an incident involving a breach of confidentiality of your personal information and this incident represents a risk that may cause you serious harm, we will notify you in writing. In such a case, the Commission d’accès à l’information will also be notified.

A confidentiality incident involves any unauthorized access, use or disclosure of personal information, as well as the loss of such information or any other breach in the protection of such information.

18. Technological security

The personal information we collect through technological means is kept in a secure environment and the people working for us are required to respect the confidentiality of your information.

To ensure the security of your personal information, we take the following measures:

  • SSL Protocol (Secure Sockets Layer)
  • Logiciel de surveillance du réseau
  • Firewalls
  • Access management using secured passwords and multi-factor authentication
  • Authorized Person only
  • Computer safekeeping
  • Regular audits of source codes to prevent vulnerabilities
  • Data loss prevention tools

We’re committed to maintain a high level of confidentiality by incorporating the latest technological innovations to make sure that your personal information is protected.

Despite the security measures we apply, the use of technology always represents a risk of a confidentiality incident, and you should be aware of this when you send us your information by technological means.

19. Approval, publication and updating

This policy has been approved by our designated person responsible for the protection of personal information.

It can be found on the Domaine des Pays d’en Haut’s website and made available in such a way as to reach the persons concerned by the personal information we collect by technological means.

The policy may be amended or updated to adapt to internal practices and applicable laws. We invite you to consult the updates at the bottom of the page to be informed of any recent developments.

 

Version 1 published date September 22, 2023