Société du Palais des congrès de Montréal (“we”, “our”) makes every effort to protect the privacy of your personal information. Given that we obtain information about you via our website (congresmtl.com), our newsletters or the forms you return to us by fax or mail, we believe it is important that you understand the manner in which we gather and use this information. This document also contains additional information that we are required to provide under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, also known as the General Data Protection Regulation (the “GDPR”), in our capacity as controller thereunder, to the extent it is applicable.
Information gathered for opening accounts or subscriptions
In order to subscribe to our newsletter, we require your name, title, company and email address.
We may ultimately require more information.
- cookies that are strictly necessary for our website to function without requiring user consent;
- performance cookies that enable us to tell how users use our website. E.g. the information gathered is used for statistical purposes, especially to determine how many users visit the site and which pages are visited most often;
- social network cookies that make it possible to interact with social media platforms and share content from our website with other users or inform them that you have visited our website through features such as the Like and Share buttons. The social networks providing such an application button are likely to identify you through said button, even if you did not use it when visiting our site. We invite you to consult the privacy policies of these social networks to learn about the purposes of use, including advertising, of the browsing information they may collect through these application buttons.
Use of information
This section sets out the different uses of, and purposes for, your personal data, as well as their legal basis under the GDPR, to the extent applicable.
As indicated above, your personal information is used to process your application and to open your user account. This information is necessary for the purposes of meeting our legitimate interests, namely identifying the representative or contact person of the legal entity to which we are offering and/or providing our services.
We also use all the information you provide to render your visit on our website more enjoyable. We may also ultimately use this information to add personalized items to our site or to draft content that more adequately reflects the interests of our users.
NIn addition, the information may serve to improve our offerings and customer relations, through direct marketing operations, for instance.
We may use your information to produce statistical data, which is essential for the purposes of our legitimate interests in accessing information pertaining to our market.
Your information may also be used to comply with a legal or regulatory requirement, a judicial order or judiciary rule of procedure, whether it is for the purposes of meeting a statutory obligation or in our legitimate interests to defend our rights.
We do not share your personal information with third parties, except as indicated below.
Information shared with third parties
We may share your information with the following recipients:
- Entities, government organizations and industry clusters that could provide your business with financial assistance;
- Third-party service providers, including online marketing agencies (as well as their own service providers);
- Our external auditors, our shareholders, and government authorities such as the Autorité des marchés financiers or Canada Revenue Agency, if required by law or court order.
Under no circumstances will we share your personal information with other parties or organizations without your consent.
For purposes of the GDPR, we wish to inform you that personal data may be transferred outside the European Economic Area (which includes the European Union) to Canada, the US, as well as other countries where our service providers or their own service providers are located. The European Commission adopted an adequacy decision pursuant to Article 45 of the GDPR, under Directive 95/46/CE, which covers transfers to private sector organizations in Canada governed by the Personal Information Protection and Electronic Documents Act, organizations in the US that are Privacy-Shield-certified, as well as organizations in Andorra, Argentina, the Faroe Islands, Guernsey, Israel, the Isle of Man, Japan, Jersey, New Zealand, Switzerland and Uruguay. In other cases, appropriate safeguards are in place in accordance with Article 46 of the GDPR to protect personal information protected by the GDPR, namely standard contractual clauses approved by the European Commission. Data subjects may contact us to obtain a copy of any standard contractual clauses in effect relating to transfers of their personal information.
Security and access
We store your files ourselves. We also take and apply all appropriate security measures to ensure the information you provide is kept confidential. Please read our security measures to learn more.
You may consult, modify or ask us to delete all your personal information in our possession at any time. Simply email us at email@example.com, or write to us at:
Société du Palais des congrès de Montréal
Marketing and Communications Department
159 Saint-Antoine west, 9th Floor
Montréal, Québec H2Z 1H2
If you are in the European Economic Area and your personal data is processed by us within the scope of offering goods or services or monitoring behaviour, you are herewith advised that you have the following rights under the GDPR, which may be exercised by contacting us. We will respond within a month, unless the request is especially complex:
- the right to object to the processing of personal data based on our legitimate interests, in the absence of compelling grounds for continuing such processing;;
- the right to access your personal data;
- the right to correct any inaccurate personal data;
- the right to restrict the processing of personal data in certain particular circumstances;
- the right to the portability of personal data in certain particular circumstances;
- the right to withdraw your consent to the processing of your personal data when consent is the sole legal basis for such processing;
- the right to the erasure of your personal data in certain particular circumstances;
- the right to lodge a complaint with a competent supervisory authority in Europe.
Last updated: September 2020