Synex Business Performance Inc. and its partner firms Synex Insurance and Synex Group Solutions (hereinafter "Synex") recognizes the importance of privacy and is committed to protecting the personal information it collects and processes in the course of its activities.
The purpose of the Personal Information Protection Policy (hereinafter the "Policy") is to set out the principles applied by Synex with respect to the personal information protection practices (hereinafter the "PRI") of Data Subjects.
The Policy describes the PRI standards and practices applied by Synex in order to:
This Policy applies to any identified or identifiable individual about whom Synex collects Personal Information in the course of its business.
The Policy reflects Synex's ongoing commitment to comply with the PRI requirements of the following persons:
(Collectively, the "Data Subjects")
Guiding principles: Synex's PRI practices are defined and applied in accordance with the following PRI guiding principles, consistent with applicable law:
Accountability: Synex is responsible for the handling of PRP in its possession, including information that is entrusted to third parties. A Privacy Officer, whose contact details can be found in paragraph 7, has been appointed and ensures that the Policy is applied and that Synex complies with applicable laws and regulations relating to PRP.
Purposes of Collection: Synex identifies the purposes for which it collects, uses, discloses and retains PRP before collecting it. Synex ensures that it only collects PR that is necessary to fulfill the predetermined purposes. The purposes for which PR will be used will be specifically identified at the time of collection. As of the date of adoption of the Policy, the purposes for which PR is used include, but are not limited to:
Collection: Synex limits the collection of PI to that which is necessary for the identified purposes. Synex collects PR directly from the Data Subject, unless it has obtained the Data Subject's consent to collect PR from third parties or is otherwise permitted by law. Synex may also receive PR from its partners.
Limiting use, disclosure and storage
Limitation: Synex restricts the use of PR to the purposes for which it was collected and to which the Data Subject has consented, subject to exceptions provided by law or to obtaining new consent.
Synex limits access to the PR it holds to only those persons for whom access is required for the performance of their duties and provides PRP training to its staff. Synex employees are also bound by a confidentiality undertaking, which covers in particular the confidentiality of PR processed in the course of their duties.
Communication: Synex may communicate the PR of Data Subjects to various business partners, suppliers or other third parties in the course of its activities. It may also disclose to courts, regulators, government officials or prosecutors, or any other investigative or law enforcement party. Synex ensures that PR is only disclosed for the purposes identified and consented to by the Data Subject, unless the Data Subject gives consent to the new purposes or unless exceptions are provided by law.
Retention: Synex uses systems and technology service providers that ensure the retention of Data Subjects' PR in a manner that maintains its confidentiality. Synex retains data and documents containing PR for the length of time necessary to fulfill the purpose for which it was collected and for the retention periods required by law.
PR is generally kept in the province of Quebec. It is possible, however, that the disclosure of PR to certain service providers may result in the transfer of PR outside of Quebec, in which case Synex will consult the applicable PRP laws and practices in the relevant jurisdiction and ensure that PR is adequately protected through a privacy impact assessment and that the contractual framework stipulates appropriate PRP commitments.
Security measures: Synex applies security measures that are proportionate to the sensitivity of the PR it holds in order to prevent breaches of confidentiality and integrity, in accordance with its information security frameworks.
Transparency: Synex documents its PR management practices simply and clearly, and makes them available on its websites. Synex provides the prescribed information to the Data Subject when the collection is made through the use of technology that includes functionalities that allow the Data Subject to be identified, located or profiled through the use of technology.
Rights of Data Subjects: Synex has procedures in place to deal with requests for the exercise of rights by Data Subjects, including requests for access, rectification and withdrawal of consent. Requests for the exercise of rights must be forwarded to the office of the PRP Manager, whose contact details appear in paragraph 7, for processing in accordance with the law.
Synex respects the rights granted to Data Subjects in respect of their PRP and has procedures in place to deal with the following requests:
Synex will respond to all requests within 30 days of receipt of such a request. Where Synex is unable to meet this deadline, or if additional time is required to satisfy a request, it will inform the Person concerned in writing.
Synex has appointed a Privacy Officer who is responsible for Synex's compliance with applicable privacy legislation.
If you have any questions regarding the collection, use, disclosure or retention of PR by Synex, you may contact the PRP Officer as indicated below:
Privacy Officer
Civic address: 2828, boul. Laurier, Suite 1300,
Quebec City, Quebec G1V 0B9
Phone: 1-866-321-2233
E-mail: confidentialite@synexcorp.ca
This Policy has been adopted by the Synex Executive Board and takes effect on the date of adoption. It replaces all previous versions. Historical versions of the Policy may be obtained from the PRP Manager upon request. The collection, use, disclosure and other processing of a Data Subject's PRP by Synex will be governed by the version of the Policy in effect at the time of processing.
The PRP Manager is responsible for the Policy and its revision. The Policy may be amended at Synex's discretion to reflect changes in applicable requirements or Synex's practices and will be reviewed at least every three years.
Our Complaint Handling and Dispute Resolution Policy is to establish a procedure that is fair and free of charge to our clients in order to ensure that complaints received by Synex, hereinafter referred to as "the firm", are handled appropriately.
Our firm wishes to take charge of any dissatisfaction communicated by its customers, with the aim of satisfying its customers while respecting the legal framework to which our firm is subject.
SANDRA LAFLAMME, Vice-President of Compliance for Synex’s partner firms, acts as a representative to the Autorité des marchés financiers and oversees the training of company personnel. The person in charge must pass on to staff all the information they need to comply with this policy, while ensuring that it is applied.
For the purposes of this policy, a complaint is the expression of at least one of the following three elements:
A complaint must be recorded in writing in a manner that allows it to be retained. If a consumer instead expresses their complaint verbally, the person handling it must then document it in a way that allows for its retention.
A complaint does not include any informal action taken to correct a particular problem, as long as the problem is dealt with as part of the registrant's regular activities and the consumer has not lodged a complaint.
In the first instance, SYNEX and its partner firms encourage all complainants to contact their representative or the customer service department by telephone (418) 650-5566 or by e-mail at the following address: info@synexcorp.ca.
Complainants who are not satisfied with the answers or information obtained at the previous stage and wish to lodge a complaint should do so by e-mail or in writing to the following address:
Email : complaint@synexcorp.ca
SYNEX ASSURANCE
2828, LAURIER BLVD, SUITE 1300
QUEBEC, QC
G1V 0B9
Tel: (418) 650-5566
With the subject line: "Complaint - to be given to the complaints officer".
Any employee who receives a complaint must forward it, as soon as it is received, to the person in charge of complaints. The complaint officer will proceed to open a file for each of these complaints, taking into account the rules for maintaining these files. The person in charge must acknowledge receipt of the complaint within 10 working days of receipt.
Upon receipt of a complaint, SYNEX shall initiate its complaint handling process. The processing of the complaint, i.e. the analysis of the complaint and relevant documents, must be completed within a reasonable period of time, i.e. within 30 days of receipt of all the information required to study the complaint.
In the case of an incomplete complaint, a notice will be sent with a request for further information, to which the complainant must reply within 5 working days, failing which the complaint will be deemed to have been abandoned.
Once the complaint has been examined, the person in charge must send the complainant a final written response, with reasons.
A separate file must be kept for each complaint. This file must include the following elements:
The complainant must receive the firm's final, reasoned, written response. The complainant may accept or refuse the firm's written reply, and may request that his or her file be transferred to the Autorité. In the absence of a response from the complainant within 5 working days, the complaint will be considered abandoned.
If the complainant is not satisfied with the final position reached or with the handling of his/her complaint, he/she may ask the person in charge to transfer his/her file to the Autorité at any time. The transferred file contains all the information relating to the complaint. SYNEX remains responsible for compliance with the rules governing the protection of personal information in our possession