Privacy and data protection policy

1. Introduction

At Stoik QSE, the protection of personal information and information security are key priorities. This privacy policy describes how we collect, use, retain, and protect personal information in the course of our activities, in compliance with applicable laws, including the Act respecting the protection of personal information in the private sector (Québec – Law 25).

2. Who we are

Stoik QSE inc. operates the following website: https://stoikqse.com.

3. Scope of the policy

This policy applies to:
  • the use of our website ;
  • contact forms and electronic communications ;
  • business relationships, audit engagements, and consulting mandates ;
  • professional and organizational information provided in the course of our services.

4. Personal information collected

We collect only the personal information necessary to carry out our activities, including in particular :
  • first and last name ;
  • email address ;
  • phone number ;
  • organization and job title ;
  • any information voluntarily provided through our forms or communications.

Information related to professional engagements

As part of our audits and consulting engagements, we may also process professional and organizational information such as :
  • management manuals ;
  • documented procedures ;
  • audit records ;
  • management review reports ;
  • internal documents provided by our clients.

5. Legal basis for processing

Personal information is processed on the following legal bases :
  • the consent of the data subject (forms, communications, cookies) ;
  • the performance of a contract or pre-contractual measures (audit and consulting engagements) ;
  • compliance with legal and regulatory obligations ;
  • the legitimate interests of Stoik QSE, including ensuring information security, fraud prevention, and service improvement.

6. Use of personal information

Personal information is used in order to :
  • respond to requests and provide our services ;
  • communicate with our clients and partners ;
  • improve our services and user experience ;
  • carry out our audit and consulting engagements ;
  • comply with our legal and contractual obligations.

7. Cookies and similar technologies

Our website uses essential and analytical cookies.

Essential cookies

These cookies are necessary for the proper functioning of the website (login, security, display preferences).

Analytical cookies

We use web analytics services (e.g., Google Analytics) to collect anonymized statistical data such as :
  • truncated IP address ;
  • browser type ;
  • pages visited ;
  • visit duration.
You can configure your browser to refuse cookies or delete those already installed.

8. Embedded content and third-party services

Some pages may include embedded content from third-party services (e.g., Google Maps, videos, external tools). These services may collect information in accordance with their own privacy policies.

9. Communication and transfer of personal information outside Québec

Some service providers (hosting, web analytics, communication tools) may process or host data outside Québec or Canada.

In such cases, Stoik QSE ensures that appropriate contractual and organizational measures are in place to protect personal information, in accordance with the requirements of Law 25.

10. Information security

We implement reasonable administrative, technical, and organizational security measures to protect personal information against unauthorized access, loss, disclosure, or alteration.

11. Privacy incident management

In the event of a privacy incident involving personal information, Stoik QSE :
  • assesses the risk of harm ;
  • notifies the Québec Access to Information Commission when required ;
  • informs the individuals concerned, where applicable ;
  • implements corrective and preventive measures.

12. Retention and destruction of personal information

Personal information is retained only for the period necessary to fulfill the purposes for which it was collected, or as required by applicable legal and contractual obligations.
Once this period has elapsed, the information is securely destroyed or anonymized.

13. Rights of individuals concerned

You have the following rights :
  • to access your personal information ;
  • to request the correction of your personal information ;
  • to request the deletion of your personal information, subject to legal obligations ;
  • to withdraw your consent, where applicable.

14. Person responsible for the protection of personal information

The person responsible for the protection of personal information at Stoik QSE is :

Olga Sorokina, Président
[email protected]

15. Policy updates

This policy may be updated to reflect legislative or operational changes. The version in force is the one published on our website.