Finitec 3000
Finitec 6000
Finitec 9000
Finitec Recoater
Finitec Synergy
Microban antimicrobial finish
Solidex
Finitec 3000
Finitec 6000
Finitec Recoater
Finitec Synergy
Microban antimicrobial finish
Surface Preparation
Water based stain
Woodfloor Finish Dye
Applicator refills
Finish applicator
Finitec Sanding Machine
Complete care system for wood and laminate floors
Laminate wood floral breeze floor cleaner 3.78L
Laminate wood mint floor cleaner 3.78L
Ultra concentrated cleaner for wood and laminate floor maintenance
Wood and laminate floor cleaner
Ceramic joints cleaner
Cleaner for ceramic floors
Complete care system for ceramic joints
Ultra concentrated cleaner for ceramic floors
Ceramic joints cleaning brush
Reversible replacement mop cover
Velcro replacement mop cover
Age-Tech
Tonic for wood and laminate floors
Wood glue
DESIGN Paint
Flush mount
Top mount
MicroConcrete
MicroConcrete filling
Protective sealer
MicroConcrete Flexible Trowel
17 in Pad_thick
17 in Pad_thin
Ceramic abrasive belt
Ceramic edger disc
PSA adhesive roll
Zirconium abrasive belt
Zirconium edger disc
EX-1
EX-3
EX-6
EX-DUO+
EX-HYBRID
EX-TECH
EX-PRIME
Finish dye
Finish applicator
Finish applicator (T-bar)
Replacement finish applicator (T-bar)
Replacement pad finish applicator
Wood glue
Wood patch
EXTRA+
SURFACE Treatment
SURFACE Care
DESIGN paint / SURFACE Color
PROFLEX SURFACE sealer
SURFACE Sealer
TOP SURFACE finish
Industrial lacquer
1. Context
The purpose of this policy is to ensure the protection of personal information and to govern the manner in which Finitec collects, uses, communicates, retains and destroys it or otherwise manages it. In addition, it aims to inform all interested parties on how Finitec handles their personal information. It also covers the treatment of personal information collected by Finitec by technological means.
2. Application and Definitions
This policy applies to Finitec, which includes, but is not limited to, its
officers, employees, consultants, volunteers, and any person who otherwise
provides services on behalf of Finitec. It also applies with respect to the
Finitec website, as well as all websites controlled and maintained by
Finitec.
It applies to all types of personal information managed by Finitec, whether
it be information about its clients, potential or actual clients, consultants,
employees, members or any other person (such as visitors to its websites or
others).
For the purposes of this Policy, personal Information is information about an
individual that directly or indirectly identifies the individual. For example,
it could be an individual’s name, address, e-mail address, telephone number,
gender, banking information, health information, ethnic origin, language,
etc.
Sensitive personal information is information for which there is a high
reasonable expectation of privacy, e.g., health information, banking
information, biometric information, sexual orientation, ethnic origin,
political opinions, religious or philosophical beliefs, etc.
Generally speaking, an individual’s business or professional contact
information is not personal information, for example, an individual’s name,
title, address, e-mail address or business telephone number. More
specifically, and for greater certainty, under the Québec Act Respecting the
Protection of Personal Information in the Private Sector, and as of September
22, 2023, sections 3 (collection, use, disclosure), 4 (retention and
destruction) and 6 (data security) do not apply to information of an
individual relating to the performance of a function in an enterprise, such as
the name, title, position, address, e-mail address and telephone number of the
individual’s workplace.
These same paragraphs also do not apply to personal information that is public
information by law upon the coming into force of this policy.
3. Collection, Use and Communication
Finitec may collect different types of information for different purposes in
the course of its activities. The types of information that Finitec may
collect, its use (or purpose) and the means by which the information is
collected are set out in Schedule A of this policy.
Finitec will also inform individuals, at the time of collection of personal
information, of any other information collected, the purposes for which it is
collected and the means of collection, in addition to other information
required by law.
Finitec applies the following general principles to the collection, use and
disclosure of personal information:
Consent :
- Generally, Finitec collects personal information directly from the individual with consent, unless an exception is provided by law. Consent may be implied in certain situations, for example, when an individual chooses to provide his or her personal information after being informed by this policy of the use and disclosure for the purposes identified in this policy (see Appendix A for more details). Thus, this Policy and the information it contains will be available to the individual at the time of collection of personal information.
- Normally, Finitec must also obtain the consent of the individual concerned before collecting his or her personal information from third parties, before disclosing it to third parties or for any secondary use of it. However, Finitec may act without consent in certain circumstances and under the conditions set out in the law. The main situations where Finitec may act without consent are indicated in the relevant sections of this policy.
Collection :
- In all cases, Finitec collects information only when it has a valid reason to do so. In addition, the collection will be limited to that which is necessary to fulfill the purpose for which it is collected.
- Please note that Finitec’s services and programs are not intended for minors, and more generally, Finitec does not intentionally obtain personal information about minors (in which case, the information cannot be collected from them without the consent of a parent or guardian).
- Collection from Third Parties. Finitec may collect personal information from third parties. Unless an exception is provided by law, Finitec will seek the consent of the individual before collecting personal information about him or her from a third party. In the event that such information is not collected directly from the individual, but from another organization, the individual may request the source of the information collected from Finitec.
In some situations, Finitec may also collect personal information from third
parties, without the consent of the individual, if it has a substantial and
legitimate interest in doing so and (a) the collection is in the individual’s
best interests and it is not possible to collect it from the individual in a
timely manner, or (b) if such collection is necessary to ensure the accuracy
of the information
This collection through third parties may be
necessary to use certain services or programs, or to otherwise do business
with Finitec. When required, Finitec will obtain consent from the individual
at the appropriate time.
Holding and Use :
- Finitec ensures that the information it holds is current and accurate at the time it is used to make a decision about the individual.
-
Finitec may only use an individual’s personal information for the purposes
identified herein or for any other purposes provided at the time of
collection. If Finitec wants to use the information for another reason or
another purpose, a new consent will have to be obtained from the person
concerned, which will have to be expressly obtained if it is sensitive
personal information. However, in certain circumstances provided for by law,
Finitec may use the information for secondary purposes without the consent
of the individual, e.g:
- when such use is clearly for the benefit of that person;
- when necessary to prevent or detect fraud;
- when necessary to evaluate or improve protection and security measures.
- Limiting access. shall implement measures to limit access to personal information to those employees and individuals within its organization who have a right to know the information and for whom the information is necessary to perform their duties. Finitec will seek the consent of the individual before granting access to any other person.
Communication :
- Generally, and unless otherwise specified in this Policy or as required by law, Finitec will obtain the consent of the individual before disclosing personal information to a third party. In addition, where consent is required and where sensitive personal information is involved, Finitec will obtain the individual’s express consent before disclosing the information.
-
However, there are times when disclosure of personal information to third
parties is necessary. For example, personal information may be disclosed to
third parties without the consent of the individual in certain
circumstances, including, but not limited to, the following:
- Finitec may disclose personal information, without consent, to a public body (such as a government) that collects it through an agent of that public body in the course of carrying out its functions or implementing a program under its control.
- Personal information may be shared with its service providers to whom it is necessary to disclose the information without the individual’s consent. For example, these service providers may include event organizers, subcontractors of Finitec designated to carry out mandates in programs administered by Finitec and cloud service providers. In these cases, Finitec must have written contracts with these suppliers that indicate the measures they must take to ensure the confidentiality of the personal information disclosed, that the use of this information is only for the purpose of performing the contract and that they may not retain this information after the contract has expired. In addition, these contracts must provide that suppliers must notify Finitec’s Privacy Officer (identified in this policy) of any breach or attempted breach of confidentiality obligations regarding the personal information disclosed and must allow the Privacy Officer to conduct any audit related to such confidentiality.
- If necessary for the purpose of concluding a commercial transaction, Finitec may also disclose personal information, without the consent of the individual, to the other party to the transaction and subject to the conditions provided by law.
- Disclosure Outside Quebec : Personal information held by Finitec may be disclosed outside Quebec, for example, when Finitec uses cloud service providers whose server(s) are located outside Quebec or when Finitec deals with subcontractors located outside the province.
Additional Information on the Technologies Used :
-
Use of Cookies
Cookies are data files that are sent to a website visitor’s computer by their web browser when they visit a website and can serve several purposes.
The websites controlled by Finitec use cookies, in particular:
- To remember the settings and preferences of visitors, for example, for the choice of language and to allow tracking of the current session.
- For statistical purposes to know the behaviour of visitors, the content consulted and to allow the improvement of the website.
The websites controlled by Finitec use the following types of cookies:
- Session cookies: these are temporary cookies that are kept in memory for the duration of the visit to the website only.
- Persistent cookies: these are kept on the computer until they expire and will be retrieved the next time you visit the site.
Some cookies may be disabled by default and visitors may choose to enable or
disable these features when visiting Finitec websites.
It is also possible to enable and disable the use of cookies by changing the
preferences in your browser settings.
- Use of Google Analytics
Some of Finitec’s websites use Google Analytics to enable its continuous
improvement. Google Analytics is used to analyze how a visitor interacts with
an Finitec website. Google Analytics uses cookies to generate statistical
reports about the behaviour of visitors to these websites and the content they
view.
Information from Google Analytics will never be shared by Finitec with third
parties.
It is possible to install a browser add-on to disable Google Analytics.
- Google Analytics
- Hotjar
Finitec also collects personal information through technological means such
as web forms embedded in a website controlled by Finitec (e.g., its contact
form, membership application form, newsletter and seminar registration form),
questionnaires available online on its platforms and applications, and other
platforms or form tools (e.g., Microsoft Forms).
If Finitec collects personal information by offering a technology product or
service that has privacy settings, Finitec shall ensure that those settings
provide the highest level of privacy by default (cookies are not covered).
4. Retention and Destruction of Personal Information
Unless a minimum retention period is required by applicable law or regulation,
Finitec shall retain personal information only as long as necessary for the
fulfillment of the purposes for which it was collected.
Personal information used by Finitec to make a decision about an individual
must be retained for a period of at least one year after the decision is made,
or up to seven years after the end of the fiscal year in which the decision
was made if the decision has tax implications, for example, the circumstances
of a termination of employment.
At the end of the retention period or when the personal information is no
longer needed,
- to destroy them; or
- anonymize it (i.e., it is no longer irreversibly identifiable with the individual and cannot be linked to the personal information) for a meaningful and legitimate purpose.
The destruction of information by Finitec must be done in a secure manner to
ensure the protection of this information.
This section may be supplemented by any policy or procedure adopted by
Finitec regarding the retention and destruction of personal information, if
any. Please contact Finitec’s Privacy Officer (identified in this policy) for
further information.
5. Finitec's Responsibilities
Finitec is generally responsible for the protection of the personal
information it holds.
Finitec’s Privacy Officer is the Director of Operations of the organization.
The Privacy Officer is generally responsible for ensuring compliance with
applicable privacy legislation. The Privacy Officer is responsible for
approving policies and practices governing the governance of personal
information. In particular, this individual is responsible for implementing
this policy and ensuring that it is known, understood and followed. In the
event that the Privacy Officer is absent or unable to act, the President of
Finitec will assume the duties of the Privacy Officer.
Finitec staff members who have access to personal information or are
otherwise involved in the management of personal information must ensure its
protection and respect this policy.
The roles and responsibilities of Finitec employees throughout the life cycle
of personal information may be specified by any other Finitec policy in this
regard, if any.
6. Data Security
Finitec is committed to implementing reasonable security measures to protect the personal information under its control. The safeguards in place are appropriate to the purpose, amount, distribution, medium and sensitivity of the information. This means that information that may be considered sensitive (as defined in Section 2) will require enhanced security safeguards and protection. In particular, and in accordance with what was mentioned above regarding limited access to personal information, Finitec must put in place the necessary measures to impose constraints on the rights of use of its information systems so that only employees who need to have access to it are authorized to access it.
7. Rights of Access, Rectification and Withdrawal of Consent
To exercise his or her rights of access, rectification or withdrawal of
consent, the person concerned must submit a written request to this effect to
the Privacy Officer of Finitec, at the e-mail address indicated in the
following section.
Subject to certain legal restrictions, individuals may request access to and
correction of their personal information held by Finitec if it is inaccurate,
incomplete or misleading. They may also request that the dissemination of
their personal information be stopped or that any hyperlink attached to their
name allowing access to this information by a technological means be
de-indexed, when the dissemination of this information contravenes the law or
a court order. They may do the same, or require that the hyperlink to the
information be re-indexed, where certain statutory conditions are met.
Finitec’s Privacy Officer shall respond in writing to such requests within 30
days of receipt of the request. Reasons must be given for any refusal and the
legal provision justifying the refusal. In these cases, the response must
indicate the remedies available under the law and the time limit for
exercising them. The official shall assist the applicant in understanding the
denial if necessary.
Subject to applicable legal and contractual restrictions, individuals may
withdraw their consent to the disclosure or use of the information
collected.
They may also ask Finitec what personal information is collected from them,
what categories of people at Finitec have access to it, and how long it is
kept.
8. Complaint Handling Process
Reception
Any person who wishes to make a complaint regarding the application of this
policy or, more generally, regarding the protection of his or her personal
information by Finitec, must do so in writing to the person responsible for
the protection of personal information at Finitec, at the email address
indicated in the following section.
The individual will be asked to provide his or her name, contact information,
including a telephone number, and the subject matter and reasons for the
complaint in sufficient detail to allow Finitec to assess the complaint. If
the complaint is not specific enough, the Privacy Officer may request any
additional information that he or she deems necessary to assess the complaint.
Treatment
Finitec is committed to treating all complaints received in a confidential
manner.
Within 30 days of receipt of the complaint or receipt of any additional
information deemed necessary and required by Finitec’s Privacy Officer to
process the complaint, the Privacy Officer shall assess the complaint and
provide a written response, with reasons, to the complainant by e-mail. The
purpose of this assessment will be to determine whether Finitec’s handling of
personal information is in compliance with this policy, any other policies and
practices in place within the organization, and applicable legislation or
regulations. If the complaint cannot be processed within this time frame, the
complainant shall be informed of the reasons for the extension, the status of
the complaint and the reasonable time required to provide a final response.
Finitec is required to maintain a separate file for each complaint received.
Each file contains the complaint, the analysis and documentation supporting
its assessment, and the response sent to the person who filed the
complaint.
You may also file a complaint with the Commission d’accès à l’information du
Québec or any other privacy oversight body responsible for the application of
the law concerned by the subject of the complaint.
However, Finitec invites any interested person to first contact its Privacy
Officer and wait for the end of the treatment process by Finitec.
9. Approval
This policy is approved by Finitec’s Privacy Officer, whose business contact information is as follows:
Privacy Officer :
Marc Rioux
150, rue Léon-Vachon
St-Lambert-de-Lauzon Québec, Canada, G0S 2W0
mrioux@finitec-inc.com
If you have any requests, questions or comments regarding this policy, please contact the person in charge by e-mail.
10. Publication and Modifications
This policy is published on Finitec’s website, as well as on all websites
controlled and maintained by Finitec, to which this policy applies, with
respect to the personal information collected therein. This policy is also
disseminated by any means appropriate to reach the persons concerned.
Finitec shall also do the same for all changes to this policy, which shall
also be notified to the affected individuals.
*Notes: Please note that the use of the masculine gender is intended to
lighten this policy and make it easier to read.
Table of Versions and Changes :
| Version | Effective Date | Changes Since the Last Version |
| 1.0 | September 13, 2023 | N/A – First version |
Appendix A
The following is a non-exhaustive list of the types of information that
Finitec may collect, its use, or purpose, and the means by which it is
collected. This includes, but is not limited to, the following.
Please note that most of the personal information managed by Finitec is the
personal information of employees, job applicants and consultants. For the
other categories of individuals listed in the table below, the information
provided is, in the majority of cases, professional or business information
(see section 2 on business contact information). Note that in the majority of
cases, Finitec also collects the individual’s professional title/function,
the name of the organization and/or the address of the organization (see
section 2 on professional contact information).
| Relationship with Finitec, Services, Program, etc | Type of Personal Information | End of collection / Uses | How to Collect Information (Means) |
| Either of these information, when necessary: | Used for: | May be collected | |
| Client |
|
By means of a form on the website. | |
| Job offer |
|
By means of a form on the website. |