Nortech - Personal Data Protection Policy

Personal Data Protection Policy

Data Protection Officer

John Laverdière
General Manager and President
Phone: 819-732-0717
Email: protectionrenseignements@nortechsolution.com

Objective of the Policy

Nortech Solution Informatique inc. and its subsidiaries commit to maintaining rigorous standards for protecting personal information. We follow industry best practices to comply with legal and contractual obligations regarding data protection (Law 25).

Individuals Concerned

Nortech collects and processes personal data concerning:

• Current and potential clients (public and private sectors)
• Clients of our current and potential clients
• Service providers, consultants, suppliers, contractors, and subcontractors
• Other third parties

Types of Data Collected

Identification Data:

• Full name
• Postal address
• Phone number
• Email address
• Identification number (e.g., client number)

Professional Information:

• Job title
• Company name
• Business address
• Business phone number
• Personal mobile number
• Professional and/or personal email address

Authentication and Access Data:

• Usernames and passwords

Financial Data:

• Credit card information
• Bank details

Service Usage:

• Transaction history
• History of IT service usage
• System access logs

Interactions:

• Communication history (emails, messages, SMS, call recordings, etc.)
• Customer feedback and comments

Geographical Data:

• Physical location, if necessary for services provided (e.g., IT asset management)

Device and Software Data:

• Information about devices used (computers, smartphones, etc.)
• Hardware and software configuration
• IP addresses

Security Data:

• Security information, such as incident logs and intrusion detections
  Methods of Data Collection

We collect your personal information through:

• Contact form on our website
• Paper and/or electronic form when opening an account
• Phone for support or order requests
• Email or SMS for technical support, quotes, or order requests
• Purposes of Data Collection

Service Delivery:

• Managing customer accounts
• Providing IT services (hosting, maintenance, network management)
• Customizing services to meet customer needs

Customer Support and Communication:

• Responding to customer inquiries and questions
• Providing technical assistance and support

Financial Transactions:

• Processing payments and financial transactions related to services

Security and Fraud Prevention:

• Monitoring user activity to detect and prevent fraud
• Enhancing IT system security

Service Personalization and Improvement:

• Analyzing usage data to improve our services
• Tailoring the user experience based on preferences and behaviors

Marketing and Communication:

• Sending marketing communications, newsletters, and service updates
• Conducting marketing analysis to improve advertising campaigns

Legal Compliance:

• Meeting legal obligations regarding data retention
• Responding to government requests or court orders

Product and Service Development:

• Analyzing market trends to develop new products and services
• Gathering feedback to improve existing offerings

Access and Security Management:

• Managing access to systems and sensitive information
• Ensuring data and IT infrastructure security
• Use of Personal Information

Identification Data:

• Managing customer accounts and customizing services

Professional Information:

• Communication and customer support, service customization

Authentication and Access Data:

• Security and access management

Financial Data:

• Managing financial transactions

Service Usage:

• Improving services and customizing the user experience

Interactions:

• Marketing communication and offer improvement

Geographical Data:

• Providing specific services

Device and Software Data:

• Security, fraud prevention, and service improvement

Security Data:

• Security and fraud prevention

Data Sharing

We share your data only when necessary for our service delivery or legal obligations. This may include sharing personal information with third parties, such as public authorities or cloud service providers, who must comply with adequate protection measures. Contracts ensure confidentiality and limited use of data.

Data Security

• We protect your data against unauthorized access, loss, disclosure, or destruction through various security measures, including:

Server Protection:

• Hosting in secure environments with constant monitoring, firewalls, and intrusion detection systems

Strict Access Control:

• Limited access to personal data with logging and monitoring

Continuous Training:

• Regular staff training on best practices in data security

Incident Management:

• Protocols for managing security incidents with prompt notification in case of a breach

Regular Backups:

• Frequent data backups to ensure availability and minimize loss risks

Password Management

• Passwords are securely stored in a protected vault. Only authorized employees have access to this vault, with strict access control and continuous monitoring.

Data Retention

• We retain customer data as long as necessary to provide our services or meet legal obligations. Once data becomes unnecessary, it is securely destroyed.

Consent Withdrawal

• You can withdraw your consent at any time by contacting Nortech at protectionrenseignements@nortechsolution.com or by phone at 819-732-0717, attention to John Laverdière. Note that withdrawing consent may affect service delivery, and some information must be retained for legal reasons.

Access and Rectification

• You have the right to access your personal information held by Nortech Solution Informatique inc. and its subsidiaries and to request corrections if necessary.