Home/

Privacy policy

General Information

Introduction

Protecting your privacy is important to Soyle Inc. (hereinafter the “Organization", “Soyle”, "we", "our"). For this reason, we have implemented safeguards and sound management practices to maintain the confidentiality and security of your personal information in accordance with applicable laws. 

This privacy policy (the "Policy"), which should be read in conjunction with our Terms and Conditions and the applicable Service agreements entered into by Soyle, describes our practices regarding the collection, use, processing, disclosure, and retention of Personal Information (as defined below) of our clients, visitors and users.

By using our website [https://soyle.ca] (the "Website") or any of our Services, you agree that we may collect, use, process, disclose and retain your Personal Information in accordance with the terms and conditions described herein. If you do not agree to comply with and be bound by this Policy, you may not visit, access, or use our Website or Services or share your Personal Information with us. However, we invite you to contact our Data Protection Officer (“DPO”) to discuss an arrangement that may be suitable for you.

This Policy does not apply to Personal Information of the Organization's employees, agents, consultants, or any other person affiliated with the Organization, or to any information that is not Personal Information as defined by applicable law.


Date of Policy and Effective Date

Date of Policy: February 10th, 2024

Entry into Force: February 10th, 2024

Data Protection Officer 

If you have any questions, comments, or complaints regarding our privacy practices and this Policy, please contact our Data Protection Officer (as defined below) at the following coordinates: 

Email: info@soyle.ca

Address: 5122 Jeanne-Mance St., Montreal, Quebec, H2V4K1

Definitions

The following words and expressions, when appearing with a capitalized first letter in the Policy, shall have the meanings set forth below, unless otherwise implied or expressed in the text:

Data Protection Officer” means the person who is responsible for the enforcement and the implementation of this Policy and whose contact information is identified in Section 1.2 of this Policy. 

Data Protection Officer” or “DPO” means the person in charge of applying this Policy, whose contact information is detailed in section 1.2 of this Policy.

Personal Information” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could be linked, directly or indirectly, to a natural person, whatever the nature of its medium and whatever the form in which the information is accessible (written, graphic, sound, visual, computerized or other). Personal Information includes, but is not limited to, information that reveals something about the identity, characteristics (e.g., the abilities, preferences, psychological tendencies, predispositions, mental abilities, character, and behavior), or activities of that person. 

Sensitive Personal Information” means Personal Information that, by its nature or the context of its use or disclosure, gives rise to a reasonable expectation of privacy. Examples include medical, biometric, genetic or financial information, or information about life or sexual orientation, religious or philosophical beliefs, union membership or ethnic origin. 

Service Provider” means any individual or entity that processes data for or on behalf of the Organization. This includes third party organizations or individuals employed by the Organization to facilitate the Services, provide the Services on behalf of the Organization, perform services related to the Services or assist the Organization in analyzing the use of the Services. 

Services” means the Website and all related services offered by the Organization, which include professional services and, where applicable, associated media, printed materials, and "online" or electronic documentation.

Processing of Personal Information

Collection of Personal Information

You consent to share your personal information with us

Your privacy and the confidentiality of your data are of paramount importance to the Organization. That is why we have developed this Policy to tell you what Personal Information we collect, how we process it, when we need to share it with Service Porviders or third parties, and when we will ultimately delete or destroy it.


By consenting, you authorize Soyle to collect and process your Personal Information that is necessary to provide you with our Services. Please be assured that you remain in control of your personal information at all times and that the consent you give us to collect or process your personal information may be withdrawn at any time. We will ensure that we respect your choice in accordance with our legal obligations. 

In addition, it is important to read this Policy in conjunction with our Website Terms of Use and our Terms of Sale documents.

In the course of our business, we may collect, process and/or use different types of Personal Information that you provide us as permitted by law including, but not limited to, the information listed below:

Via our Website or Forms

  • Contact information, such as your first and last name, address, e-mail address, and telephone number to allow you to sign up to our newsletter;
  • Contact information, such as your first and last name and email address in order to create a customer account on our online store;
  • Information automatically collected through the use of our Website and Services, including: 
    • Website usage and other technical data, such as your IP address, the pages you visited, the time and date of your visits, the type of browser you were using, the operating system of your device and other hardware and software information; 
    • Geolocation data, such as your IP address, a precise or approximate location determined from your IP address or the GPS of your mobile device (depending on your device settings).
  • Information regarding your payment methods (such as credit card or other payment method selected) as well as all other directly relevant information for any transaction performed on our website.
    • Personal Information may also be collected by our Internet payment partners and our tax processing software. Please note that in the course of this information transfer, the necessary Personal Information may be communicated outside the province of Quebec.

When interacting with our Organziation:

  • Professional or employment-related information, such as your resume, criminal history information, and other information you provide to us when you apply for a job at Soyle;
  • Contact information, such as your first and last name, email address, telephone number, address, and business number for creating a customer account;
  • Tax-related information, including your income and other information regarding your personal finances;
  • Product or service-related information, such as information about services we have provided to you;
  • Transaction and payment information, such as the payment method used, date and time, payment amount, billing zip code, your address, and other related information;
  • Information you choose to provide or share with us, for example, when you fill out a form, respond to surveys or contact one of our employees or representatives, including your preferences or interests; 

In each case, such Personal Information is processed in accordance with the legitimate and necessary purposes listed in Section 3.2 below. In addition, we ensure that we only collect and process data and Personal Information that is strictly necessary for the purposes for which you provide it to us. If there is any subsequent use of your Personal Information, we will obtain your consent as required by law.

Use of Personal Information

As stated in Section 3.1, we only use your Personal Information as permitted by law. We may use your Personal Information for the legitimate purposes described below:

  • To provide Services to you;
  • To allow you to subscribe to our newsletter;
  • To verify your identity and review your personal history as permitted by law;
  • To operate, administer, maintain, monitor, develop, improve and provide all the features of our Website; 
  • To manage risk and operations;
  • To meet our obligations under applicable laws and regulations     
  • To develop new Services and improve our Website and Services;
  • For marketing and business development purposes, if you have previously consented to the processing of your personal information for these purposes;
  • To send you messages, updates, security alerts; 
  • To answer your questions and provide assistance when needed; 
  • To administer a contest, promotion, survey, or other feature of the Website or our Services;
  • To collect opinions and comments about our Services;
  • To conduct research and analysis related to our business and Services;
  • To detect and prevent fraud, errors, spam, abuse, security incidents, and other harmful activities;
  • To establish, exercise or defend a right or proceeding in court;
  • To send you communications as required by law; 
  • To enable the function to apply for employment with the Organization; and
  • For any other purpose permitted or required by law. 

Please note that we do not use the information we collect to draw any inferences or interpretations. 

The Personal Information we collect and maintain remains encrypted and is securely stored on servers which may be located outside the province of Quebec. Please be assured that this Personal Information is disclosed only when we are legally required or authorized to do so. 

Communication of Personal Information

We may disclose your Personal Information to our employees, contractors, consultants, agents, Service Providers and other trusted third parties who need to know that information in order to help us operate our Website, conduct and protect our business, or serve you, provided that such Service Providers or other trusted third parties have previously agreed in writing to maintain the confidentiality of your Personal Information in accordance with applicable laws and our Information Governance Program. In addition, only employees of our organization who have a need to access and process your Personal Information will have access to it, in accordance with our internal Personal Information Protection Policy.

We do not sell, trade, or otherwise disclose your Personal Information to third parties, subject to exceptions provided by law.

Service providers and other third parties

While we try to avoid sharing your Personal Information with third parties, we may use Service Providers or other trusted third parties to perform various services on our behalf, such as IT management and security, marketing, payment processing, data analysis, hosting and storage. Many of these Service Providers are located outside the province of Quebec and as such your information may exit Quebec in order for us to properly provide the Services we aim to offer you.

When we disclose your Personal Information to Service Providers or other trusted third parties, we enter into written contracts with them prior to any disclosure of your Personal Information and we provide them with only the Personal Information that is necessary to perform their mandate. As part of these contracts with our Service Providers and other trusted third parties, we are committed to the principles set out in this Policy and these Service Providers and other trusted third parties are required to use such Personal Information as directed by us and only for the purposes for which it was provided. In addition, these Service Providers and other trusted third parties provide us with sufficient guarantees that they will implement appropriate safeguards that are proportionate to the sensitivity of the Personal Information being processed or disclosed. When our Service Providers or other trusted third parties no longer need your Personal Information, we require them to destroy such data appropriately.

Compliance with legislation, responding to legal requests, preventing harm, and protecting our rights

We may disclose your Personal Information when we believe that such disclosure is authorized, necessary, or appropriate, including:

  • To respond to requests from public and government authorities, which can include public and government authorities outside your country of residence; 
  • To protect our operations and business;
  • To comply with legal proceedings; 
  • To protect our rights, privacy, safety, property, or those of you or others; 
  • To allow us to seek available remedies or limit the damages we may suffer; and 
  • All in accordance with applicable laws, including laws outside your country of residence.

Commercial transaction

We may share, transfer or disclose your Personal Information, in strict accordance with this Policy, in the event of a sale, transfer, or assignment, in whole or in part, of the Organization or our assets (for example, as a result of a merger, consolidation, change of control, reorganization, bankruptcy, liquidation or other business transaction, including in connection with the negotiation of such transactions). In such cases, we will notify you before your Personal Information is transferred and is governed by a different privacy policy.

Consent for Personal Information

Wherever possible, Soyle will obtain consent for the collection, use and disclosure of Personal Information directly from the individual. However, if you provide us with Personal Information about other individuals, you must ensure that you have properly notified them that you are providing their information to us and have obtained their consent to such disclosure. 

We will seek your express consent before using or disclosing your Personal Information for purposes other than those set out herein.

Retention of Personal Information

Subject to applicable law, we retain your Personal Information only for as long as necessary to fulfill the purposes for which it was collected, unless you consent to your Personal Information being used or processed for another purpose. In addition, our retention periods may be modified in a timely manner due to legitimate interests (e.g., to ensure the security of Personal Information, to prevent abuse and breaches or to prosecute criminals).

Please also be assured that when the purpose for which the information was collected is fulfilled, we will destroy or anonymize the information in accordance with applicable laws.

For more information on how long your Personal Information is retained, please contact our DPO using the contact information provided in section 1.2 of this Policy.

Your Rights

As a concerned individual, you may exercise the rights set out below by communicating with our DPO and by sending them a written request by email or by mail at the contact information provided in Section 1.2 above:

  • You have the right to be informed of the Personal Information we hold about you and to request a paper copy of the documents containing your Personal Information, subject to the exceptions provided by applicable law;
  • You have the right to have the Personal Information we hold about you rectified, amended and updated if it is incomplete, equivocal, out of date or inaccurate;
  • You have the right to withdraw or change your consent regarding the information Soyle collects, uses, discloses or retains at any time, subject to applicable legal and contractual restrictions.
  • You have the right to file a complain to Soyle regarding our methods of collection, retention and communication of your Personal Information;
  • You have the right to ask us to stop disseminating your Personal Information and to de-index any link attached to your name that provides access to that information if such dissemination violates the law or a court order;
  • You have the right to file a complaint with the Commission d'accès à l'information, subject to the conditions set out in the applicable law;

In order to comply with your request, you may be asked to provide appropriate identification or otherwise identify yourself, as required by law. 

We encourage all of our customers to keep the Personal Information they have provided us as current and up to date. Decisions regarding the various services we may offer our customers may vary depending on the accuracy of this data. It is therefore important to ensure that we have an accurate picture of your situation.

Cookies and other tracking technologies

We use cookies and other similar technologies (collectively, "Cookies") to help us operate, protect, and optimize the Website and the Services we offer. Cookies are small text files that are stored on your device or browser. They collect certain information when you visit the Website, including, but not limited to, your language preference, browser type and version, the type of device you are using, and the unique identifier of your device. While some of the Cookies we use are deleted after your browser session ends, other Cookies are retained on your device or browser to allow us to recognize your browser the next time you visit the Website. The data collected by these Cookies is not intended to identify you. They are used to ensure that the Website functions properly, to improve your browsing experience and to better understand the traffic and interactions that take place on our Website as well as to detect certain types of fraud. Cookies do not harm your device and cannot be used to retrieve your Personal Information.

Among the Cookies we collect via our Website are the following:

  • Functionality cookies: These cookies enable the Website to remember the choices you make (such as your username, preferred language, etc.) to provide you with a personalized and enhanced experience on future visits.
  • Analysis cookies: these help us analyze and understand how you use our website, so that we can improve its usability, functionality and content.
  • Advertising cookies: These cookies are used to display relevant advertising based on your interests and browsing history.

You can set your browser to notify you when you visit the Website so that you can decide whether to accept or reject the use of some or all Cookies. Please note that disabling Cookies on your browser may adversely affect your experience on the Website and prevent you from using some of its features.

Security Measures

Soyle has put in place physical, technological and organizational security measures to adequately protect the confidentiality and security of your personal information against loss, theft or unauthorized access, disclosure, copying, communication, use or modification. These measures include encryption, access control, segregation of duties, and internal audit, among others.

Among the various measures in place:

  • Our Website has a Secure Sockets Layer (SSL) protocol that ensures a secure connection between your device and our server;
  • The employees of Soyle have read this Policy and are committed to comply with it and to respect the confidentiality of the Personal Information of our potential and existing clients. In addition, each employee is committed to following and complying with a data governance policy applicable to all employees of the Organization;
  • As mentioned in Section 3.3, we have implemented measures to limit access to Personal Information to those who have a valid reason to access, process, communicate or otherwise use your information;
  • As mentioned in Section 3.3, subcontractors and third parties who do business with the Organization and with whom we may need to share your Personal Information have previously agreed in writing to protect the confidentiality and privacy of that information;
  • When the purpose for which your Personal Information was collected has been fulfilled and we no longer need to retain it, the Organization will destroy or anonymize such data, subject to applicable laws.

Despite the measures described above, we cannot guarantee the absolute security of your Personal Information. If you have reason to believe that your Personal Information is no longer secure, please contact our DPO immediately using the contact information provided in Section 1.2 above. 

Updating Our Privacy Policy

We reserve the right to change this Policy at any time in accordance with applicable law. If we make any changes, we will post the revised version of the Privacy Policy and update date in the footer of the Policy. We will also notify you by email at least thirty (30) days before the effective date of the new version of our Policy. If you do not agree with the new terms of the Privacy Policy, we encourage you to discontinue using our Website and Services. If you choose to continue using our Website or Services after the new version of our Policy becomes effective, your use of our Website and Services will be governed by the new version of the Policy.

Links to Third-Party Websites

From time to time, we may include on our Website references or links to websites, products or services provided by third parties ("Third Party Services"). These Third Party Services, which are not operated or controlled by Soyle, are governed by privacy policies entirely separate and independent from this Policy. We therefore have no responsibility or liability for the content and activities of these sites. This Policy applies only to the Website and the services we provide. This Policy does not extend to any third party Services.

Limitation of Liability

Soyle undertakes to take all reasonable measures to ensure a level of confidentiality and security of Personal Information in accordance with technological standards appropriate to its sector of activity and the sensitivity of the data collected. 

Notwithstanding the foregoing, you acknowledge that no computer system offers absolute security and that there is always a degree of risk involved in transmitting Personal Information over the public Internet. 

You agree that Soyle cannot be held responsible for any breach of confidentiality, hacking, virus, loss, theft, misuse or alteration of Personal Information transmitted or hosted on its systems or those of a third party. You also agree to waive all claims in this regard, except in the case of gross negligence or intentional misconduct on the part of Soyle. Accordingly, you agree to hold Soyle and its officers, directors, affiliates and business partners harmless from any damages of any kind, whether direct or indirect, incidental, special or consequential, arising out of the use of your Personal Information. 

In the event of a privacy incident involving your Personal Information that poses a high risk to your rights and liberty, you will be notified of such breach as soon as possible, and Soyle will take appropriate steps to preserve the confidentiality and security of your Personal Information. 

Individuals under the age of 14

We do not knowingly collect or use Personal Information from individuals under the age of 14. If you are under the age of 14, you must not provide us with your Personal Information without the consent of your parent or guardian. If you are a parent or guardian and become aware that your child has provided us with Personal Information without consent, please contact our DPO using the contact information provided in Section 1.2 above to request that we delete that child's Personal Information from our systems.

Publication of content by the user

The user of the Website has the possibility, via his or her user account, to make comments and other information that he or she wishes. We remind you that the Organization cannot be held responsible for the content of your comments, nor for the consequences that may result from them. We strongly discourage you from posting any Personal Information about yourself on our Website to ensure the protection of your personal data.

Contact Us

Any questions, comments, requests or concerns regarding this Privacy Policy should be directed to our DPO at the contact information provided in Section 1.2 of this Policy.