Skip to content

Privacy Policy

Introduction: 

The protection of personal information is an important concern for our company, and we are committed to complying with the provisions of Bill 25 on the Protection of Personal Information. This internal policy describes the measures we have put in place to protect the personal information of our employees, customers and suppliers.

The principle of confidentiality is to prevent the disclosure of information to unauthorised persons, resources or processes. Another term for confidentiality is respect for privacy (Law 25). All confidential information has a non-public status. Maintaining confidentiality is an ethical obligation. 

Designation of a person responsible for the protection of information:

Mrs Rosalie Morel – Manager has been designated by Omnifab as the person responsible for the protection of personal information.

Her email address is rmorel@omnifab.ca.

Collection and Use of Personal Information:

We will only collect personal information that is necessary for our business activities and we will only use it for the purpose for which it was collected. We will inform individuals about the collection of their personal information and how we will use it. We will also seek consent. For any collection, use or disclosure of personal information about a minor under the age of 14, we will ensure that we obtain the consent of a parent or guardian.

Retention and destruction of personal data:

 We will only retain personal information for as long as necessary to fulfil the purposes for which it was collected and will destroy it in a secure manner when it is no longer required.

Any physical document containing personal information will be kept in a locked room and filing cabinet.

Security of Personal Information:

 We will take appropriate security measures to protect personal information from loss, theft, unauthorised use, disclosure, alteration or destruction. We will implement computer security protocols, strong multi-factor passwords, restricted access systems and regular staff training to ensure that personal information is protected.

We will review people’s access rights to comply with the principle of least privilege, also known as “access to least privilege”, which is the concept that a user should only have access to what they absolutely need to do their job and no more.

We also ask users to ensure that their equipment is secure before leaving their workstation (e.g. locking their computer or mobile phone).

Access to personal information:

 We will restrict access to personal information to employees who need to use it in the course of their work. We will inform our employees of the importance of confidentiality and protection of personal information. We will apply the principle of least privilege to designated individuals.

Disclosure of Personal Information:

 We will disclose personal information to third parties only to the extent necessary to fulfill the purposes for which it was collected, and we will obtain the consent of individuals before disclosing their personal information to third parties.

 

If the responsible professional feels that he or she does not have the necessary skills to disclose personal information in a prudent manner, he or she should consult with someone who can provide advice and assistance. 

Here are some secure communication methods we will use:

  • When communicating by e-mail, we must reply to the receiver’s e-mail (on consent) to avoid recipient errors.
  • Documents scanned internally should be saved in the secure file with restricted access rather than sent by e-mail.
  • If a document containing personal information is sent externally, it must be encrypted, or password protected.

Data Subject Rights:

We will respect the privacy rights of data subjects, including their right to access, rectify and withdraw their personal information.

Training and Awareness:

We will provide regular training to our employees on privacy policies and procedures and privacy risks.

Any employee who becomes aware of a privacy or confidentiality risk must report it to the designated privacy or data protection officer. We will protect you as a whistleblower.

Privacy incidents:

We will be transparent about confidentiality incidents to protect those involved. 

In the event of a confidentiality incident initiated by an Omnifab professional, we will take appropriate disciplinary action to prevent a recurrence.  In addition, we will maintain a register of confidentiality incidents, regardless of their classification.

Conclusion:

 We are committed to protecting the personal information of our employees, customers and suppliers in accordance with Bill 25 on the Protection of Personal Information. We will continue to evaluate and update our privacy policies and procedures to ensure that we meet the highest standards of privacy protection.

Black oxide

24h emergency service available!

Learn more

Join our team!

Read more