Privacy Policy
Last updated on April 1, 2023
1. Introduction
MSECB respects each site visitor’s right to personal privacy. We collect and use information from our website only as disclosed in this Privacy statement. This Privacy statement applies to and discloses the privacy practices of information collected by www.msecb.com only. If you disagree with any part of this Privacy statement, please avoid using the website.
Hereafter, the terms “MSECB” and “we” and its derivatives refer to the owner of the website (office located at 1555 boul de l’Avenir, Bureau 306, Laval, QC, H7S 2N5, Canada). The term “you” refers to the user or viewer of our website.
MSECB is the data controller of the information you provide during the processes of application, registration, certification, or other purposes outlined in this Privacy statement. Any details entered in one of our online forms will be stored electronically by us. If you have any questions about the process or the way your information is handled, please contract our Data Protection Officer via email at [email protected].
2. Site Content
The content of this website is intellectual property protected by law. The information and content provided may not be re-used without our explicit permission, except for private or other personal use within the limitations of the Data Protection Act. The press releases and articles from our press service presented on the website are available to the editors of newspapers or periodicals for publication. Should they be published, MSECB will request that the publisher provide a proof copy.
This privacy notice does not cover the links within this site linking to other websites. We have no authority over the design or development of the website content of other companies’ that are accessible via links from our website. Therefore, we disclaim any responsibility for their content, design, and policies. Furthermore, we expressly disassociate from any internet content that might be illegal or offensive. You take full responsibility for using hyperlinks on our website to access other companies’ websites.
3. Lawful Basis for Processing
We collect Personally Identifiable Information (PII) only with the consent of the natural person (data subject) and assure that the data collected is used only for the stated purpose.
4. Type of Collected Information
We only collect the information that you provide to us when you visit our website.
The provision of information to MSECB by users is done voluntarily. Clicking the “Submit” button on any of our web forms on our website means that you are aware of the MSECB’s Terms, Conditions, and Policy provisions and voluntarily consent to the conditions outlined therein.
4.1. Request for Quotation
When requesting a quotation from MSECB, you provide information that can personally identify you, such as your full name, email address, and phone number. In addition, you also provide information about your company, so we collect its name, address, country, number of employees, standard(s) to be assessed.
The information collected helps us review your request for a quotation and identify you as a user of our website.
4.2. Subscription Forms
If you subscribe to MSECB marketing newsletters, you must provide your full name and email address. Information is collected for the sole purpose of providing you with marketing emails.
4.3. Help and Support Center
If and when you call MSECB’s support line, we collect Calling Line Identification (CLI) information. We use this information to help improve the efficiency and effectiveness of our services. MSECB holds the information necessary to fulfill callers’ requests, opening a ticket in the system, and conduct processes regarding the ticket until the finalization of the procedure. This information provided through the ticketing system is reviewed and, if applicable, deleted on an annual basis.
4.4. People Who Contact Us Through the Website
If you use our website contact form to get in touch with us, we collect only the information you provide us with, such as your name, email address, and the message.
4.5. Job Applicants, Current, and Former MSECB Employees
When you apply for a job at MSECB, we ask for your personal information, contact details, email address, and resume. Your resume may contain other data that is considered personal information, such as education certifications, professional training, and previous work experiences.
All of the information you provide during your job application is only used to process your application or, if necessary, to fulfill legal and regulatory requirements. We use your contact details to provide you with information related to the processing of your job application. In addition, we use the other information you provide to assess your suitability for the role you have applied for.
We do not collect more information than we need to fulfill our stated purposes and do not retain any information for longer than is necessary. We do not share any of the information you provide to us during the recruitment process with any third parties. The information you provide, be it in electrical or physical form, will be held securely by us and our HR office.
5. Our Service Providers
5.1. Amazon Web Services
To provide our services and publish our website, www.msecb.com, we use the cloud computing platform of Amazon Web Services (AWS). We do not grant any permission to Amazon Web Services to share any personal information that we collect from our website’s account holders. Read further information on the Privacy Policy of Amazon Web Services.
5.2. Emailing
Microsoft 365 (Outlook) is another service we use for email exchanging and Cloud Data Backup. We use Microsoft 365 because it complies with several information security requirements, including, but not limited to, ISO/IEC 27001, ISO/IEC 27701, and the EU GDPR. Several robust encryption protocols and technologies, such as Transport Layer Security/Secure Sockets Layer (TLS/SSL), Internet Protocol Security (IPSec), and Advanced Encryption Standard (AES), are used by Office 365 to secure your data both at rest and in transit. We do not guarantee encryption to the recipients of our emails. Therefore, ensuring encryption in your end is your sole responsibility.
We also monitor any emails sent to us for viruses or malicious software, including file attachments. Please be aware that you are responsible for ensuring that any email sent to us by you is legally compliant.
We use third party, such as Brevo (former Sendinblue), to deliver emails to our network. For more information on how data is handled by them, please read Brevo’s Privacy Policy.
5.3. Zoom Video Communications, Inc.
In order for our free webinars to be accessible globally, we use the services of Zoom Video Communications, Inc. The Zoom Video Communications, Inc. privacy policy can be found at Zoom’s Privacy Policy.
5.4. Social Media
We use third-party providers, such as LinkedIn and Facebook, to manage our social media interactions.
Social media interaction is maintained through the social media accounts listed above. All the providers have their own privacy policies that outline the way they collect, process, and store data. To read their policies, please make sure to visit their websites.
If you send us a private or direct message via social media, the message will be stored at LinkedIn as per their Privacy Policy and at Facebook as per their Privacy Principles.
The subscribers of MSECB LinkedIn won’t be shared with another network by MSECB unless requested or asked by visitors or subscribers. We do not send any marketing emails to our network subscribers without their prior consent. In addition, we may publish a link for subscription to our news and newsletters.
6. Cookies and Similar Technologies
When you visit our website, you should be aware that we use third-party services like Google Analytics and Google Search Console to collect standard internet log information and details of visitor behavior patterns. This operation is performed in order to provide us with information regarding the number of visitors to the various parts of the site. The processing of this information does not provide any kind of identification of the visitors.
In addition, we use Content Delivery Network (CDN) to identify the geolocation of our website visitors. The only case when MSECB collects personally identifiable information through the website is when a visitor voluntarily creates a user account. We provide full transparency in these cases. We make sure to express it clearly and intelligibly when we collect personal information and provide unambiguous explanation on what we intend to do with the information collected.
You can read more about how we use cookies on our Cookie Policy.
7. Auditor Certifications
Candidates interested in applying for the MSECB auditor certification process are required to provide us with their personal data, their resume, organization name, and address.
Upon completing the auditor application process, the information and data of the candidates whose applications are rejected are stored for two years and permanently deleted afterwards. However, for those candidates who become MSECB Auditors, all the information and data submitted during the application will be stored by MSECB. The data will not be shared with third parties, unless required by law.
8. Children
This privacy statement is not intended for children. We understand the importance of protecting children’s information, especially in an online environment, and we do not knowingly collect or maintain information about children.
9. Search Engines
MSECB reserves the right to build a search engine within the website to help its visitors find information easier. The search engine serves as a means of searching for publicly available information on our website, not personally identifiable information of users.
10. Security and Performance
We take precautions to protect your information and privacy. When you submit information via the form(s) available on our website, your information is protected both online and offline. Only employees who need the information to perform a specific task (for example, sales and certification department) are granted access to personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment with strictly controlled access.
We use a third-party service to help maintain the security and performance of our website. Since data exchanged via the internet is not 100% secure, we cannot guarantee that the information you send us will not be lost, used unlawfully, or modified in a fraudulent manner. We bear no liability for the use of information by you or any third party.
11. Complaints
MSECB strives to meet the highest standards of data protection when collecting and using personal information. For this reason, we take any complaints very seriously. We encourage our website users, visitors, and any other concerned party to bring to our attention any observation or opinion that they believe can lead to an unfair, misleading, or inappropriate collection and usage of information.
This privacy notice is meant to be brief and clear. It does not provide exhaustive details of all the aspects of MSECB’s collection and usage of personal information. However, we are happy to provide any additional information or explanation needed.
If you want to make a complaint about the way we have processed your personal information, you can do so by following the steps described in our Complaint and Appeal Procedure.
12. Subject Access Rights Under the EU-GDPR
If you are part of the European Union (EU) or the European Economic Area (EEA) or are accessing the site from these territories, you have the following rights under the General Data Protection Regulation (GDPR):
- Right to access your personal data;
- Right to correct any inaccurate personal data;
- Right to erase your personal data;
- Right to object the processing of your personal data.
To exercise your rights under the GDPR, you can send a request to [email protected] for access to personal data. We will always verify the identity of anyone making Subject Access Request before handling over any information. Confirmation will be asked from the Data Subject using the email they used initially.
The first copy of your data will be provided free of charge. However, the Data Subject will be charged a fee of 30$ should they request other copies. We will aim to provide the relevant data within 14 days.
12.1. Request for Erasure
When you submit a request for the erasure of your data, we will anonymize all the personal information in a manner that ensures no identification of the data subject. The anonymized data is only used by MSECB for analytic purposes, such as calculating the number of quotations received over a certain period of time.
12.2. Unsubscribe from Marketing Emails
If you are subscribed to our MSECB marketing emails but no longer wish to receive them, you can opt-out by following the instructions in the message or by contacting us at [email protected].
13. Disclosure of Personal Information
In general and under all circumstances, we will not disclose personal data without consent. However, if requested by the regulatory body, supervisory authority, or other legal purposes, we may disclose your information.
14. Changes to This Privacy Policy
We keep our privacy notice under regular review. This privacy notice was last updated on April 1, 2023. You will not be notified of changes to our privacy policy; you are required to visit the privacy policy on our website.
14.1. How to Contact Us
If you want to request information about our privacy policy, you can email us at [email protected] or write to:
MSECB HEADQUARTERS
1555 boul de l’Avenir,
Bureau 306, Laval,
H7S 2N5, QC, CANADA