Confidentiality policy

PRIVACY POLICY OF AUKCIO SOFTWARE INC.

The company Les Logiciels Aukcio inc. (hereinafter the” Society ”) is committed to protecting your confidential information online in accordance with this Privacy Policy (the” Politics ”). Please read the following Policy to understand how your personal information will be handled when you use our website, namely https://www.aukcio.ca (hereinafter the” Web site ”).

If you have any questions about the Processing of your Personal Information and after reading the Policy, this question remains, you can contact our Personal Information Protection Officer, or MR. Jordan Pomerleau, co-president of the Society, at the following email address: info@aukcio.ca and he will make sure to answer your questions as soon as possible.

The Company may, at its discretion, change the Policy from time to time. If a change is made to the Policy, you will be notified by email. The Company asks its users to review the amended Policy before continuing to use its services and the Website. Continued use of the services provided by the Company, after the entry into force of the amended Policy, constitutes your Consent to this Policy as amended.

In addition, it is your responsibility to regularly review this Policy and any changes that may be made to it.

1. Definitions

In this Policy, we mean:

  1. Consent ” means any express, free, specific, specific, informed and unequivocal expression of will by which you accept, by a statement or by a clear positive act, that Personal Information concerning you may be subject to Processing;
  2. Personal information ” means any information that concerns a natural person and allows, directly or indirectly, to identify that person;
  3. Treatment ” or” Treatise ” means any operation or set of operations carried out or not carried out using automated processes and applied to Personal Information or to sets of Personal Information, such as collection, recording, organization, structuring, preservation, preservation, adaptation or modification, adaptation or modification, extraction, consultation, or use; and
  4. Confidentiality incident ” means:
  1. of access not authorized by the Act on the protection of personal information in the private sector to one of the Personal Information;
  2. use not authorized by the Act on the protection of personal information in the private sector Personal Information;
  3. communication not authorized by the Act on the protection of personal information in the private sector Personal Information; or
  4. the loss of Personal Information or any other breach of the protection of such information.

2. Collection of Personal Information from you

The Company does not Process Personal Information about a natural or legal person, unless that person provides such Personal Information on a voluntary basis. When you provide Personal Information to us, you agree to how the Company Processes that Personal Information as described in this Policy.

The Company Processes your Personal Information when you:

  1. create an account on this Website;
  2. click on an advertisement that the Company has placed on a third party website (e.g. Google, Facebook, etc.);
  3. complete a survey, participate in a contest, or other promotion;
  4. use the vehicle evaluation tool on the Website, the “Canadian Black Book”;
  5. place an ad on the Website;
  6. complete a transaction on the Website; and
  7. contact us by email, telephone, or any other means of communication.

Personal Information may include your name, address, email address, email address, telephone number, telephone number, date of birth, payment method, and any other Personal Information that you may provide to the Company.

3. Personal information collected automatically using our Website - cookies

The Company collects Personal Information provided by cookies. Cookies are data files that are commonly stored on your device when using websites and online services. They are used for the effective functioning of websites and can provide information and help personalize services.

When you visit the Website, the Company collects information from your browser. For example, this may include your IP address, computer type and language, computer type and language, access times, the content of any undeleted cookies that your browser accepted from the Company, and the addresses of the websites from which you were redirected to the Website.

The Company uses standard Internet technology, for example, web beacons and other similar technologies to track your use of the Website. In particular, the Company inserts web beacons in promotional emails and newsletters in order to check if the messages are opened and if you follow up on them. A web beacon is a small file placed on a web page that allows a website to perform certain tasks, including counting users who visit the page in question or accessing cookies. The Company may also receive an anonymous identification number if you access the Website through an advertisement displayed on a third party website. The information that the Company collects in this way allows it to personalize the services it offers to visitors to the Website, to distribute targeted advertising where appropriate, and to assess the overall effectiveness of the Company's online advertising or other activities.

You can choose to accept or refuse cookies. Most web browsers automatically accept cookies, but you can generally change your browser settings to refuse cookies if you prefer. If you wish to deactivate the use of cookies, it is possible to do so from the preferences menu of your browser. It is possible to disable cookies or use private browsing mode when using the services of the Website. However, by refusing to accept cookies, the use of the Website may be significantly affected.

4. Personal Information Handling

The Company Processes your Personal Information to:

  1. respond to your requests or questions;
  2. improve the Website and its services or to examine your interests as a user of the Website. The Company may combine information it obtains from you with information about you that it receives from third parties. The Company may also use your Personal Information to personalize your experience with it or to display content based on your preferences;
  3. send you, depending on the choice you have expressed, advertising material or additional information about its services, surveys, contests, promotions and special offers, for marketing purposes. However, you are free to choose not to receive advertising or commercial material at any time. The Company may present you with new features or services. These may be offers from the Company in respect of its services or offers concerning products and services from third parties that the Company may think you will find interesting;
  4. conduct market studies and performance research in order to improve customer service and the quality of services on the Website;
  5. for the purposes of preventing and detecting fraud or evaluating and improving protection and security measures. In particular, the Company may use the information to protect its business, its customers or the Website;
  6. contact you regarding the use of the Website or about this Policy; and
  7. send you transactional communications, such as a purchase or payment confirmation.

5. Consent

Your Consent to the Processing and disclosure of your Personal Information is required, except where this is inappropriate (for example, for legal or security reasons, it may be impossible or unrealistic to obtain Consent).

BY AGREEING TO USE THE SERVICES AVAILABLE ON THE WEBSITE, YOU ARE GIVING THE COMPANY YOUR CONSENT TO THE PROCESSING BY THE COMPANY OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THIS POLICY AND TO THE USE OF SUCH PERSONAL INFORMATION IN ACCORDANCE WITH WHAT IS STIPULATED IN THIS POLICY.

You also declare that you are aware of the reasons why the Company Processes and discloses this Personal Information and how the Personal Information will be managed.

You may withdraw your Consent at any time by contacting the Company at the above email address, subject to legal or contractual restrictions and reasonable notice.

6. Disclosure of Personal Information

The Company wants you to understand with whom it shares the Personal Information it collects about you, your activities on the Website, or when you use the Company's services. Consequently, the Company does not share your Personal Information except with your Consent, which is expressly granted by your use of the Website in the manner provided for in section 5 above and in the following situations:

  1. Authorized service providers - The Company may share your Personal Information with service providers who conduct transactions on behalf of the Company. Among the services offered by these providers are credit card payment processing, customer service, customer service, marketing assistance, business analysis, support of the functionalities of the Website, the conduct of contests, sweepstakes and surveys, as well as the support of other functions of the Website. These service providers may have access to your Personal Information for the sole purpose of performing their functions. In this case, measures will be put in place to ensure the confidentiality of your Personal Information.
  2. Business partners — The Company may share your Personal Information with its business partners in order to provide you with services through our Website or our services. The Company's partners may only use your Personal Information in accordance with their own privacy policies. To find out more about the privacy policy of one of our particular business partners, you should contact that partner directly.
  3. Other cases - You also consent to the Company disclosing your Personal Information in the following circumstances:
  1. In response to a legal requirement, including a subpoena, court order, request from a law enforcement agency or other government agency, to exercise or enforce our legal rights, and to defend a legal claim;
  2. As reasonably necessary to protect the rights, property, and safety of the Company, users and employees of the Company, including investigations or measures to prevent fraud and suspected illicit activities or other wrongdoing, to enforce the terms of use of the Website or to enforce other agreements or policies, as well as to protect the Company and other visitors to the Website or users services offered by the Company; and
  3. As part of a major transaction of the Company, such as the sale of the Company, a merger, a sale of assets, or in the unlikely event of bankruptcy. Any third party to whom the Company discloses your Personal Information is authorized to use such Personal Information in accordance with this Privacy Policy only, unless otherwise indicated by you.
  4. In connection with the sale of your vehicle or the acquisition of a vehicle, as applicable, you agree that the Company discloses your Personal Information necessary to the other party involved in order for the transaction to be completed, such as your name, first name, address, address, address, telephone number, vehicle serial number, etc.

7. Third-party websites

There are a number of places on our Website where you can click on links that allow you to access other websites that are not subject to the terms of this Policy. Third-party websites may request and collect information about you, including Personal Information, and in some cases, tell us about your activities on those websites. The Company recommends that you review the privacy policy of each third party website that you visit by clicking on the “Privacy Policy” link generally located at the bottom of the web page you are viewing.

8. Access to your information

You can review and update your Personal Information by emailing us at the following email address: info@aukcio.ca. In the event that you no longer do business with the Company, you can request the deletion of the user account by sending an email to the Privacy Officer, Mr. Jordan Pomerleau, co-president of the Company, at the following email address: info@aukcio.ca. Where appropriate, Personal Information associated with that account will be deleted.

9. Retention policy

If you request that we delete your user account in accordance with section 8 above, we may keep some of the information stored in your account for analytical and accounting purposes as well as for purposes of maintaining integrity of accounts and preventing fraud, recovering required fees, collecting required fees, enforcing the terms of use, and taking any action that the Company deems necessary to protect the integrity of the Website or its users or any other measures permitted by law. In addition, if some of your information has been provided with your Consent to third parties, the use and retention of your information will be subject to the policies of these third parties and the Company cannot be held responsible in any way.

10. Safety measure

  1. Security measures in general

The Company takes appropriate security measures, including physical, electronic, and procedural measures, to protect your Personal Information from unauthorized access and disclosure. For example, only our authorized employees can access Personal Information and can do so only when access to it is necessary for authorized administrative functions and we use firewalls.

Although the Company takes the security measures required by law, no security system is infallible. You therefore understand and agree:

  1. that there are limits to the security and management of Personal Information that the Company collects that are beyond its control;
  2. that the security, integrity, and management of all Personal Information and data exchanged between you and the Company through the Website cannot be guaranteed; and
  3. that such Personal Information may be seen or altered by a third party at the time of transfer.
  1. Data protection by design

Taking into account the state of knowledge, the costs of implementation, the nature, scope, scope, context and purposes of the Treatment as well as the risks, which vary in the degree of probability and severity, that the Treatment presents for the rights and freedoms of natural persons, the Company will implement, both at the time of determining the means of the Processing and at the time of the Processing itself, appropriate technical and organizational measures that are intended to implement the principles relating to data protection, by for example data minimization or data anonymization, in order to effectively match the Processing with what is necessary in the Processing in order to meet the requirements of applicable laws and regulations and to protect your rights.

  1. Default data protection

The Company will implement appropriate technical and organizational measures to ensure that, by default, only Personal Information that is necessary for each specific purpose of the Processing is processed. This applies to the amount of Personal Information collected, to the extent of its Processing, to the duration of its storage and to its accessibility. In particular, such measures ensure that, by default, Personal Information will not be made accessible to an undetermined number of individuals without your intervention.

  1. Notice of a Privacy Breach

If the Company has reason to believe that a Confidentiality Incident has occurred, the Company undertakes to take reasonable measures to reduce the risks of harm being caused and to prevent new incidents of the same nature from occurring.

The Company will maintain a record of any Privacy Incident, including the facts regarding the Personal Information breach, the Personal Information that is the subject of the Privacy Incident, its effects, the individuals involved, and the steps taken to remedy the breach.

If the Confidentiality Incident presents a risk of serious harm being caused, the Company will diligently notify the Access to Information Commission established by the Act on access to documents held by public bodies and on the protection of personal information as well as any person whose Personal Information is affected by the Privacy Incident. The Company may also notify any person or organization likely to reduce this risk, by providing only the Personal Information necessary for this purpose. In the latter case, the Personal Information Protection Officer must record the communication. Despite the above in this paragraph, an individual whose Personal Information is affected by the Confidentiality Incident does not need to be notified as long as doing so would be likely to interfere with an investigation by a person or organization that, by law, is responsible for the prevention, detection, or suppression of crime or law violations.

For the notice to the Access to Information Commission, it will provide, at a minimum, for the following elements:

  1. description of the nature of the Privacy Incident;
  2. a detail, if possible, of the categories and approximate number of individuals concerned and records of Personal Information concerned;
  3. the name and contact details of the Company's Personal Information Protection Officer or the contact point from which additional information can be obtained;
  4. a description of the likely consequences of the Privacy Incident, to the extent possible;
  5. a description of the measures taken or those that the Company proposes to take to remedy the Privacy Incident, including, where appropriate, measures to mitigate any negative consequences.

For notification to anyone subject to the Privacy Incident, the Privacy Incident will include at least the information and measures referred to in points a, c, d, and e above.

When the Company assesses the risk of harm being caused to a person whose Personal Information is affected by a Confidentiality Incident, the Company will in particular consider the sensitivity of the information concerned, the expected consequences of its use and the likelihood that it will be used for harmful purposes.

11. Personal Information Retention Period

Your Personal Information is retained for an indefinite period of time as required by law or as long as it is necessary to keep it for the purposes set out in this Policy.

12. Precedence

In the event of an inconsistency between this Policy and the Act on the protection of personal information in the private sector, the provisions of the said law prevail.