×
Home Privacy and Protection Policy

Privacy and Protection Policy

Last updated: May 2024

PRIVACY AND PROTECTION POLICY
PERSONAL DATA

 

  1. General information

a) Introduction

The protection of privacy is important to Tornatech Inc. and its related entities (hereinafter collectively referred to as the “Entity“, “We”, “Us“, “Our“). For this reason, We have implemented safeguards and practices for the sound management of your Personal Data in accordance with applicable laws in Quebec, Canada, Belgium, the United Kingdom, the United Arab Emirates (Dubai) and Singapore.

This Privacy Policy (the “Policy”), which should be read in conjunction with our Terms and Conditions of warranty for Our Products and Services, describes our practices with respect to the collection, use, processing, disclosure and retention of the Personal Data of our customers, visitors and users.

By using any of our websites https://www.tornatech.com; https://vizi-link.tornatech.com; https://groupetornatechinc.com; (Our “Websites“) or any of our Services, you agree that We may collect, use, process, disclose and retain your Personal Data in accordance with the terms described herein. If you do not agree to comply with and be bound by this Policy, you may not visit, access or use any of Our Websites or Services or share your Personal Data with Us.

This Policy does not apply to the Personal Data of employees, representatives and consultants of our Entities, or to any other person affiliated with our Entities, or to any information that does not constitute Personal Data as defined by applicable laws in Quebec, Canada, Belgium, the United Kingdom, the United Arab Emirates and Singapore.

b) Data Protection Officer

Questions, comments and complaints regarding the Policy and the privacy practices of the Entities in Quebec, Canada, the United Arab Emirates and Singapore may be addressed person in charge of the protection of personal information at the following contact information:

Phone number: 514-334-0523

Email: privacy@tornatech.com

Address: 4100 Desserte Sud, A440 West, Laval, Qc, H7T 0H3

For residents of the European Economic Union (EEU) and the United Kingdom, questions, comments and complaints regarding the Policy and the Entities’ privacy practices may be addressed to Our Data Protection Officer at the following contact information:

Phone : +32 (0)10 84 40 01

Emailprivacybelgium@tornatech.com   

Address: Rue des Sablières 45 unité 68, Mont-Saint-Guibert, Brabant wallon 1435, Belgium

In the event of a confidentiality incident or subject to the exercise of a right under United Kingdom’s applicable laws, a designated UK representative will be able to answer for the obligations concerned.

 

  1. Definitions

The following words and expressions, when appearing with a capitalized first letter in the Policy, have the meanings attributed to them hereinafter, unless otherwise implied or explicited in the text:

Service Provider” means any natural or legal person who processes Personal Data on behalf of the Entities. These are third-party companies or individuals employed by either of our Entities to facilitate the Services, to provide the Services on behalf of either of the Entities, to perform services related to the Products or to assist the Entities in analyzing the use of the Services.

Data Protection Officer or DPO“: the person in charge of the application of this Policy in Europe or the United Kingdom and whose contact details are identified in section 1b) – Data Protection Officer of this Policy.

“Personal Information” or “Personal Data” (for EEU residents): any information which relates to a natural person and enables that person to be identified, i.e. which directly or indirectly reveals something about the identity, characteristics (e.g. the abilities, preferences, psychological tendencies, predispositions, mental abilities, character and behavior of the person concerned) or activities of that person, regardless of the nature of the medium and regardless of the form in which the information is accessible (written, graphic, sound, visual, computerized or other). For the purposes of the present document, the terminology “Personal Data” will be used.

“Privacy Officer“: the person responsible for the application of this Policy in any territory other than Europe or the United Kingdom and whose contact details are identified in section 1b) – Data Protection Officer of this Policy.

Services“: Services refers to the Websites and our pages on social networks.

“Cookies” are text files that are installed on Your computer or mobile device. These cookies may contain information about Your search history, the web pages You visit and Your web browser.

“Process”, “Treatment”: A term encompassing all operations that may affect or concern Personal Data, including: collection, use, retention, destruction, communication or transmission or any other operation concerning Personal Data.

 

  1. Processing of Personal Data

3.1   Collection of Personal Data

3.1.1   Various means. We collect Your Personal Data through Our Websites or other technological means in a variety of ways:

  • Automatically. When you connect to a Web Site, the device you use to connect will communicate Personal Data to Us;
  • Communicated e-mails. By e-mails that you communicate to Us using one of the e-mail addresses available on Our Websites;
  • Cookies. Cookies include those identified in Our Cookie Policy;
  • Surveillance cameras. By surveillance cameras installed on our property; and
  • By third parties who collect your Personal Data for Us, as identified in section 3.2Collection of Personal Data by a Third Party of this Policy.

3.1.2   Personal Data Collected From You

As part of our Services, We may process various types of Personal Data, including the information listed below:

  • contact information, such as your first and last name, your e-mail address and telephone number, your country, and the information contained in your Curriculum Vitae, should you send it to us;
  • information you choose to give us, for example, when you apply for one of our job offers or contact one of our employees or representatives;
  • information collected automatically when using any of Our Websites and Services, including :
    • connection and other information about your activities on Our Websites, such as your IP address, the pages you have visited, the time and date of your visits, the number of connections, the type of browser you use, the operating system of your device and other hardware and software information;
    • demographic and geolocation data, such as your IP address, a precise or approximate location determined from your IP address or the GPS of your mobile device (depending on your device’s settings).

In each case, such Personal Data is processed in accordance with the legitimate and necessary purposes listed in article 3.2 below.

3.1.3   Refuse Optional Collection

Withdrawing consent. Unless the law or your contractual obligations provides otherwise, you may refuse or withdraw your consent to certain specific uses or communications of your Personal Data:

  • by not entering your Personal Data in Our electronic or paper forms when the provision of such forms is indicated as being optional;
  • by selecting “decline” in the Cookie banner; or
  • by communicating a request to Our Privacy Officer or, if You reside in Europe or the United Kingdom, Our DPO at the contact details identified in section 1b) of this Policy.

Consequences of refusing to consent to optional collection. If you refuse to consent to the collection of your Personal Data, we may not be able to provide you with an optimal shopping experience.

 Measures offered to refuse means of collecting Personal Data. You may also communicate your Personal Data to Us in ways other than through technological means such as Our Websites. You may communicate through the following :

  • By e-mail ;
  • By telephone; or
  • In person.

 

3.2   Use of Personal Data

We may use your Personal Data for the legitimate purposes described below:

  • operate, maintain, supervise, develop, improve and offer all the functionalities of Our Websites;
  • to enable you to apply for job offers, where applicable;
  • to use surveillance camera footage strictly for security and safety measures monitoring purposes on our premises;
  • perform our contractual obligations to you;
  • send you messages, updates and security alerts;
  • answer your questions and provide assistance when needed;
  • conduct research, analysis and statistics in connection with Our business and Services;
  • detect and prevent fraud, errors, spam, abuse, security incidents and other harmful activities;
  • for any other purpose permitted or required by law.

 

3.3   Communication of Personal Data

3.3.1   Protective Measures for Communication To Third Parties

We may disclose your Personal Data to our officers and certain of our employees (including human resources, IT and finance departments), contractors, consultants, agents, service providers and other trusted third parties (collectively, “Service Providers”), who require such information to assist Us in operating Our Website and serving you, provided that such Service Providers have previously agreed in writing to maintain the confidentiality of your Personal Data in accordance with applicable laws and Our Information Governance Program.

When We communicate your Personal Data to Service Providers, We enter into written contracts with them before your Personal Data is communicated to them, and We only provide them with the Personal Data necessary for the performance of their mandate. In the context of these contracts with our Service Providers, We undertake to ensure that the principles set out in this Policy are respected, and these Service Providers are required to use Personal Data confidentially, in accordance with our instructions and solely for the purposes for which they have been provided the information.  We provide sufficient guarantees that adequate safeguards have been implemented which are proportionate to the sensitivity of the Personal Data processed or communicated. When our Service Providers no longer need your Personal Data, we ask them to destroy it in the appropriate manner.

We do not sell, trade or otherwise disclose your Personal Data to third parties.

3.3.2   External Communication of the Applicable Jurisdiction

Disclosure of Personal Data Outside Quebec. We may disclose your Personal Data outside Quebec.

Safeguards when communicating outside Quebec. Before disclosing your Personal Data to third parties outside Quebec, We conduct a privacy impact assessment to evaluate the risks that may affect the security of Your Personal Data. This assessment is also used to identify appropriate security measures to reduce or eliminate these risks. The communication will then be subject to a written agreement binding these third parties to respect such measures.

Disclosure of Personal Data outside the EEU. We may disclose Your Personal Data outside the EEU.

Protections when communicating outside the EEU. Before communicating Your Personal Data to third parties outside the EEU, We carry out a data transfer impact analysis in order to assess which risks may affect the security of Your Personal Data. This analysis also enables us to identify the appropriate security measures to reduce or eliminate these risks. The communication will then be the subject of a written agreement binding these third parties to respect such measures.

Disclosure of Personal Data outside the United Kingdom. We may disclose Your Personal Data outside the United Kingdom.

Protections when communicating outside the United Kingdom. Before communicating Your Personal Data to third parties outside the United Kingdom, We carry out a data transfer impact analysis in order to assess which risks may affect the security of your Personal Data. This analysis also enables us to identify the appropriate security measures to reduce or eliminate these risks. The communication will then be the subject of a written agreement binding these third parties to respect such measures.

Disclosure of Personal Data outside the United Arab Emirates (Dubai). We may disclose your Personal Data outside the United Arab Emirates (Dubai).

Protections when communicating outside the United Arab Emirates (Dubai). Before communicating your Personal Data to third parties outside the United Arab Emirates (Dubai), We carry out an impact analysis to assess the risks that may affect the security of your Personal Data. This analysis also enables us to identify the appropriate security measures to reduce or eliminate these risks. The communication will then be the subject of a written agreement binding these third parties to respect such measures.

Disclosure of Personal Data outside Singapore. We may disclose your Personal Data outside Singapore.

Protections when communicating outside Singapore. Before communicating your Personal Data to third parties outside Singapore, We carry out an impact analysis to assess the risks that may affect the security of your Personal Data. This analysis also enables us to identify the appropriate security measures to reduce or eliminate these risks. The communication will then be the subject of a written agreement binding these third parties to respect such measures.

3.3.3   Service Providers and Other Third Parties

Although We try to avoid sharing your Personal Data with third parties, We may use Service Providers to perform various services on our behalf, such as IT management and security, marketing, and data analysis, hosting and storage. We have set out below a non-exhaustive list of cases in which such sharing may take place:

  • We use Google Analytics to analyze the website’s audience, compile statistics and converse with customers and prospects. See their privacy policy;
  • We use Google Ads to analyze the audience of our Services, establish statistics and converse with customers and prospects. See their privacy policy. Read their privacy policy;
  • We use the services of HubSpot. See their privacy policy;
  • We use the services of Inspectlet to analyze the Web site audience, compile statistics and converse with customers and prospects. See their privacy policy;
  • We use the services of BambooHR for the administration of human resources activities, including recruitment and management of employee files. See their privacy policy;
  • We use the Meta Group’s Facebook and Instagram social network services to communicate about our Services and Products. Read Meta’s privacy policy;
  • We use the services of the LinkedIn social network to communicate about our Services and Products. See their privacy policy.
  • We use Twitter to present our Products and Services. Read their privacy policy;
  • We use YouTube to present our Products and Services. See their privacy policy;
  • We use AWS (Amazon Web Services) to store our documents. See their privacy policy;
  • We use the services of wpEngine to host our Websites; see their privacy policy.
  • We use Metatracer to ensure our compliance with the privacy laws that apply to us. See their privacy policy.

3.3.4   Compliance With Legislation, Responding to Legal Requests, Preventing Harm And Protecting Our Rights

In accordance with the laws of the territories where Our Entities operate, We may disclose your Personal Data where We believe that such disclosure is authorized, necessary or appropriate, including:

  • to respond to requests from public and government authorities, including public and government authorities outside your country of residence;
  • to protect our business ;
  • to comply with legal proceedings;
  • to protect Our rights, Our privacy, Our security, Our property, yours or that of third parties;
  • to enable Us to pursue available remedies or limit the damages We may suffer; and
  • in accordance with applicable laws, including laws outside your country of residence.

3.3.5   Commercial Transaction

In strict compliance with this Policy and the laws of Quebec and Canada where Our companies operate, We may share, transfer or communicate your Personal Data in the event of the sale, transfer or assignment, in whole or in part, of any of Our Entities or assets (for example, as a result of a merger, consolidation, change of control, reorganization, bankruptcy, liquidation or other business transaction, including in connection with the negotiation of such transactions). In such a case, We will inform you before Your Personal Data is transferred and is governed by a different privacy policy.

 

3.4   Consent for Personal Data

Wherever possible, We obtain consent directly from the data subject for the collection, use and disclosure of its Personal Data. However, if you provide us with Personal Data about other persons, you must ensure that you have duly notified them that you are providing us with their information in addition to obtaining their consent to such disclosure.

We will seek your explicit, manifest, free, informed and intended consent before using or disclosing your Personal Data for purposes other than those set out herein. We will also seek your explicit consent whenever sensitive Personal Data is involved in any of Our Entities’ processing activities. We will ask for your consent for each specific purpose in clear and simple terms, separate from any other information that may be communicated to you.

BY USING OUR WEBSITES, BY SUBMITTING YOUR PERSONAL DATA BY E-MAIL OR USING AN ONLINE FORM, YOU CONSENT TO THIS PRIVACY POLICY AND TO THE COLLECTION AND PROCESSING OF YOUR PERSONAL DATA IN ACCORDANCE WITH THE PRIVACY POLICY.

If you do not consent, please discontinue use of the Web Sites. Except where otherwise provided by law, you may withdraw your consent at any time upon reasonable notice. Please note that if you choose to withdraw your consent to the collection, use or disclosure of your Personal Data, certain features of Our Websites may no longer be available to you or We may no longer be able to offer you some of Our Services.

 

3.5   Retention of Personal Data

Subject to applicable laws, We retain your Personal Data only for the time necessary to fulfill the purposes for which such information was collected, unless you consent to your Personal Data being used or processed for another purpose. The maximum duration varies according to legislation and the purposes following the end of the Services rendered by one of Our Entities to you. In addition, our retention periods may be modified from time to time for legitimate reasons (for example, to guarantee the security of Personal Data, to prevent abuse and violations or to prosecute criminals).

For more information on the retention periods of your Personal Data, please contact our Privacy Officer or Data Protection Officer using the contact details provided in article 1b) of this Policy.

 

  1. Your Rights

As a data subject, you may exercise the rights set out below by contacting Our Privacy Officer or Data Protection Officer in writing at the contact details set out in article 1b) of the Policy. Please note that We may ask you to verify your identity before responding to any of these requests.

  • You have the right to be informed of the Personal Data that We hold about you, its use, communication, retention and destruction, subject to the exceptions provided for by the applicable law;
  • You have the right to access your Personal Data, to request a copy, including hard copies, of the documents containing your Personal Data, subject to the exceptions provided for by applicable law, and to obtain, where applicable, further details on how we use, communicate, retain and destroy them;
  • You have the right to rectify, amend and update the Personal Data we hold about you if it is incomplete, ambiguous, out of date or inaccurate;
  • You have the right to withdraw or modify your consent for Our Entities to collect, use, communicate or retain your Personal Data at any time, subject to applicable legal and contractual provisions;
  • You have the right to object to the processing of Personal Data that We hold about you before profiling or making an automated decision to which you have not consented, subject to the legal exceptions provided by the laws of the countries where either of Our Entities operate their business;
  • You have the right to ask Us to stop disseminating your Personal Data and to de-index any link attached to your name that gives access to such data if such dissemination contravenes the law or a court order;
  • You have the right to request that your Personal Data be communicated to you or transferred to another organization in a structured and commonly used technological format;
  • You have the right to be informed of any privacy incident involving your Personal Data that may cause you serious harm. To this end, we maintain a register of all privacy incidents and assess the harm they may cause;
  • You have the right to lodge a complaint with the local supervisory authority responsible for enforcing the applicable laws on the protection of Personal Data with respect to Our Entities, subject to the conditions provided for by the applicable law. You will find below a list of the supervisory authorities to which Our Entities are accountable.

In order to process your request, you may be asked to provide appropriate identification or to identify yourself in some other way.

 

  1. Questions and Complaints

Complaints to the Entity. If You are dissatisfied with Our protection of your Personal Data, you have the right to complain to Our Privacy Officer using the contact details identified in section 1b) of this Policy or, if you are a European resident, to Our DPO whose contact details are also specified in section 1b) of this Policy.

Complaints to Supervisory Authorities. If You are dissatisfied with Our protection of your Personal Data, you also have the right to file a complaint with the local supervisory authority that enforces applicable privacy laws against Our Entity, subject to the conditions set forth in the applicable law.

 

  1. Cookies and Other Tracking Technologies

We use cookies and similar technologies (collectively, “Cookies”) to help us operate, protect and optimize the Websites and the Services we offer. Cookies are small text files that are stored on your device or browser. They enable us to collect certain information when you visit the Website, including your preferred language, browser type and version, the type of device you are using and your device’s unique identifier. While some of the Cookies We use are deleted after your browser session ends, other Cookies are retained on your device or browser to enable Us to recognize your browser the next time you visit the Website. The Personal Data collected through these Cookies is not intended to identify you. They are used to guarantee the operation of Our Websites, to improve the user’s browsing experience and to provide certain data that enables us to better understand the traffic and interactions that take place on Our Website, as well as to detect certain types of fraud. Cookies do not cause any harm to your device and cannot be used to extract your Personal Data. We collect your IP address, information about your device and your operating system or browser, your activity and browsing history on Our Website as well as your requests, your browsing preferences (languages used), etc.

You can set your browser to notify you when you visit Our Websites, so that you can decide whether or not to accept some or all Cookies. Please note that disabling Cookies on your browser may adversely affect your browsing experience on Our Websites and prevent you from using some of its features.

To find out more about how we use Cookies, please see Our Cookie Policy.

 

  1. Safety Measures

Our Entities have implemented physical, technological and organizational security measures to adequately protect the confidentiality and security of your Personal Data against loss, theft or any unauthorized access, disclosure, reproduction, communication, use or modification. These measures include in particular:

Administratively, the adoption of a series of policies and procedures as part of the implementation of our Information Governance Program, including :

  • govern the access, communication, storage, de-identification, anonymization and/or, where applicable, destruction of Personal Data;
  • determine the roles and responsibilities of our employees throughout the life cycle of Personal Data and documents;
  • establish procedures for intervention and response in the event of a confidentiality incident;
  • govern the process for requests and complaints relating to the protection and processing of Personal Data.

 

Technically, the use of several means such as :

 

  • the use of a secure server. All sensitive information provided is transmitted via Secure Socket Layer (SSL) technology, then encrypted in Our databases to be accessible only by authorized persons with special access rights to these systems, and are required to keep the information confidential;
  • use of backup systems, network monitoring software, etc. ;
  • the use of encryption and segregation of duties, access controls and internal audits.

 

Given the public nature of this Policy, we have not provided an exhaustive list of the measures we are implementing.

Despite the measures described above, We cannot guarantee the absolute security of your Personal Data. If you have reason to believe that your Personal Data is no longer protected, please contact Our Privacy Officer or Data Protection Officer immediately using the contact details provided in article 1b) above.

 

  1. Changes to this Privacy Policy

We reserve the right to modify this Policy at any time in accordance with applicable law. In the event of a change, We will post the revised version of the Privacy Policy and update the date in the footer of the Privacy Policy. We will also reserve and allow you to visit a page archiving the version of Our Policy prior to the changes communicated. We will notify you prior to the effective date of the new version of Our Policy. If you do not agree with the new terms of the Privacy Policy, We invite you to stop using Our Website and Our Services. If you continue to use Our Web Site or Services after the new version of Our Policy becomes effective, your use of Our Web Site and Services will be governed by the new version of the Policy.

 

  1. Links to Third-Party Websites

From time to time, We may include on Our Website references or links to websites, products or services provided by third parties (“Third Party Services”). These Third-Party Services, which are not operated or controlled by the Company, are governed by privacy policies that are entirely separate from and independent of ours. We therefore assume no responsibility for the content and activities of these sites. This Policy applies only to the Websites and the Services we offer.

 

  1. Invisible ReCAPTCHA

Invisible reCAPTCHA analyzes activity on a web page function (e.g. mouse movements and typing patterns) to determine whether a user is a bot.

The invisible reCAPTCHA service may collect information from your device.  Information collected by reCAPTCHA is stored in accordance with its privacy policy.

  

  1. Information about Your Rights to the protection of Personal Data under the General Data Protection Regulation (GDPR)

We are a controller of Personal Data. For the purposes of this Privacy Policy, We act as the controller of your Personal Data identified in Europe as “Personal Data“.

Applicable legal bases. If you are a resident of EEU, Our legal basis for collecting and using your Personal Data, as described in this Privacy Policy, depends on the information We collect and the specific context in which We collect it. We may process your Personal Data because:

  • We need to enter into a contract with you, such as when you use Our Service;
  • Your consent, in which case You may withdraw Your consent at any time by contacting Our DPO using the contact details provided in section 1b) of this Policy;
  • The processing is in Our legitimate interest and does not override Your rights;
  • To comply with the law.

Rights applicable to European residents. If you reside in Europe, you have certain rights to protect your Personal Data. Under certain circumstances, you may have the following protection rights:

  • The right to access, update or delete the Personal Data that We have about You;
  • The right of rectification;
  • The right of objection / opposition (which allows you to object to your data being used by an organization for a specific purpose under certain conditions and circumstances);
  • The right to restrict;
  • The right to portability;
  • The right to be forgotten;
  • The right to withdraw your consent.

Please note that We may ask you to verify your identity before responding to these requests.

Complaint to a Supervisory Authority. You have the right to complain or make a claim to a Supervisory Authority about Our collection and use of your Personal Data. For more information, please contact your local data protection authority.

How we store your Personal Data. Your Personal Data is stored securely. For more information about retention periods and methods of retention, we encourage you to contact the Data Protection Officer.

 

11.1   Specific information for people covered by the UK scheme

 Applicable legal bases. If you are a UK resident, Our legal basis for collecting and using your Personal Data, as described in this Privacy Policy, depends on the information We collect and the specific context in which We collect it. We may process your Personal Data because:

  • We have a contract with You, as when you use Our Service;
  • Your consent, in which case You may withdraw Your consent at any time by contacting our DPO using the contact details provided in section 1b) of this Policy;
  • The processing is in Our legitimate interest and does not override Your rights; and
  • To comply with the law.

Rights applicable to UK residents. If you reside in the United Kingdom, you have certain rights to protect your Personal Data. In certain circumstances, you may have the following rights:

  • The right to access, update or delete the Personal Data We have about You;
  • The right of rectification;
  • The right of objection / opposition (which allows you to object to your data being used by an organization for a specific purpose under certain conditions and circumstances);
  • The right to restrict;
  • The right to portability;
  • The right to be forgotten;
  • The right to withdraw your consent.

Please note that We may ask you to verify your identity before responding to these requests.

How we store your Personal Data. Your Personal Data is stored securely. For more information about retention periods and methods of retention, we encourage you to contact the Data Protection Officer.

Complaint/complaint to the Information Commissioner’s Office. You have the right to complain or make a claim to the Information Commissioner’s Office about Our processing of your Personal Data. For more information, please contact the Information Commissioner’s Office.

   

  1. Information about your rights to the protection of Personal Data under Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (FPPPD)

For the purposes of this Privacy Policy, We act as the controller of your Personal Data. If you are a citizen or resident of the United Arab Emirates (UAE), Our legal basis for the collection and use of your Personal Data, as described in this Privacy Policy, is consent, except as otherwise provided by the FPPPD. We may process your Personal Data because:

  • We need to fulfill Our contractual obligations with you, such as when you use Our Service;
  • We need to operate, maintain, supervise, develop, improve and offer all the functionalities of Our Service;
  • You have used Our Service to apply for job offers;
  • The Entity conducts research, analysis and statistics in connection with Our Services;
  • We want to help you exercise your rights;
  • We want to defend the rights and interests of the Entity;
  • To comply with the law.

 If you reside in the United Arab Emirates, you have certain rights to protect your Personal Data. Under certain circumstances, you may have the following protection rights:

  • The right to access your Personal Data;
  • The right to erasure of Personal Data;
  • The right of rectification ;
  • The right to object and to cease processing Personal Data;
  • The right of restriction ;
  • The right to portability ;
  • The right not to be subject to a decision based solely on automated processing.

Please note that We may ask you to verify your identity before responding to these requests.

You have the right to complain to a Data Protection Authority about Our collection and use of your Personal Data. For more information, please contact your Data Protection Authority.

  

  1. Information about your privacy rights under the Personal Data Protection Act of 2012 (PDPA) (No 26 of 2012) of October 15, 2012

For the purposes of this Privacy Policy, We act as the controller of your Personal Data. If you are a citizen or resident of Singapore, Our legal basis for the collection and use of your Personal Data, as described in this Privacy Policy, is consent, except in the exceptions set out in the PDPA. We may process your Personal Data because:

  • We need to fulfill Our contractual obligations with you, such as when you use Our Service;
  • We need to operate, maintain, supervise, develop, improve and offer all the functionalities of Our Service;
  • You have used Our Service to apply for job offers;
  • The Entity conducts research, analysis and statistics in connection with Our Services;
  • We want to help you exercise your rights;
  • We want to defend the rights and interests of the Entity;
  • To comply with the law.

 If you reside in Singapore, you have certain rights to protect your Personal Data. Under certain circumstances, you may have the following protection rights:

  • The right to access your Personal Data;
  • The right to erasure of Personal Data;
  • The right of rectification ;
  • The right to object and to cease processing Personal Data;
  • The right to portability.

Please note that We may ask you to verify your identity before responding to these requests.

You have the right to complain to a Data Protection Authority about Our collection and use of your Personal Data. For more information, please contact the Data Protection Authority.

  1. Minors

We do not knowingly collect or use Personal Data of minors. If, provided the applicable laws where the Entity operates, you are under the age of 16 or under the legal age of majority, or under the legal age to make independent decisions, you must not provide us with your Personal Data without the consent of your parent or guardian. If you are a parent or guardian and you become aware that your child has provided Personal Data to Us without consent, please contact Us using the contact details set out in section 1b) above to request that We delete that child’s Personal Data from our systems.

  1. Applicable Laws

The laws of Quebec, Canada, Belgium, the United Kingdom, the United Arab Emirates and Singapore, excluding its conflict of law rules, will govern this Policy and your use of Our Websites. Your use of Our Web Sites may also be subject to other local, sectorial, provincial, state, territorial, national or international laws.

  1. Use of surveillance cameras

As part of our efforts to ensure the safety of our facilities, employees and visitors, we use surveillance cameras in our workplaces and public areas. Surveillance cameras may record images of people entering or circulating on our premises.

16.1   Purpose of image collection

Images captured by surveillance cameras are collected for the purposes of :

  • Security of people and property;
  • Prevention and detection of theft, vandalism and other incidents;
  • Investigation of incidents or suspicious activity;
  • Compliance with legal obligations.

16.2   Legal basis for collection

The collection of images via our surveillance cameras is carried out under the terms of article 12 of Law 25, which authorizes the collection of personal information when this is necessary for reasons of security or the protection of property and persons.

16.3   Location of collection and access to images

Surveillance cameras are installed only in public or semi-public places, and not in private areas such as toilets, checkrooms or individual offices. Recorded images are accessible only to authorized personnel, as part of their security or incident management duties.

16.4   Image retention period

Recordings are kept for a limited and reasonable period, i.e. a maximum of 90 days (3 months) after they are captured, except in cases where an incident has occurred and requires further investigation.

16.5   Rights of data subjects

In accordance with Law 25, you have the right to access your personal information, including recorded images, within the limits of what is reasonably possible. You may also request the rectification or deletion of your information if you believe it is inaccurate or has been collected in a manner that does not comply with the law.

If you have any questions or requests concerning the use of surveillance cameras, please contact us at the following address: hr@tornatech.com

 

© 2024 Tornatech All Rights Reserved | Cookie Policy | Privacy and Protection Policy