Total Compliance Privacy Policy: Protection of Personally Identifiable Information (PII)


Effective Date: April 17, 2024


Company Information:

Total Compliance is operated by InnuCloud Experts Inc.

Need Help?

Do you have questions about this Privacy Policy? Contact us. Understanding your concerns is crucial, and we are here to assist: [email protected].

Introduction:

By using our services and/or purchasing our documents, you entrust us with some of your personal information. At Total Compliance, the security of your personal information is of utmost importance, and we strive to protect it. However, due to the nature of emails, the internet, and information technologies, security and privacy risks cannot be completely eliminated, and we cannot guarantee that your personal information will not be accessed or intercepted by means unforeseen by this policy.

Acceptance of This Privacy Policy:

This Privacy Policy aims to inform you about the types of personal information collected, used, and potentially disclosed, the purpose of collecting this information, and the risks that may be incurred by using our platform. By using the Total Compliance platform and/or obtaining certain tools, you consent to your personal information being collected, used, and disclosed in accordance with this policy, and you agree to comply with all applicable laws and regulations when using the platform. If you do not agree to the terms of this policy or any other operating rule, policy, and procedure of Total Compliance, you must not use the platform and should immediately cease its use.

Information Collected:

As a user, when you purchase a course or a document on the platform, you must create a profile using an email address and a password to log in. Subsequently, information such as your payment method, first name, last name, and banking details (card number, expiration date, and security code of the credit card used for the payment) will be collected to proceed with your purchases. This information is confidential and treated as such. After payment, we will send you a form via Google Workspace software, allowing you to semi-automatically customize the documents purchased via our platform. In this form, you will be asked to transmit both public and personal information. We will specifically ask for information about the identity of your company's Privacy Officer and their contact details.

Use and Processing of Personal Information:

All public and personal information collected from a user is stored in a file accessible to the members of the Total Compliance team. These members are bound by confidentiality obligations both by their ethical duties (if applicable) and their confidentiality agreement signed in their role within the company. Following the receipt of your information described above, the documents you have purchased will be semi-automatically customized. Our team will then see to transmitting these documents for your use only within your company. After sending the documents containing some of your personal information to the email address provided during your registration, Total Compliance will no longer be responsible for maintaining the confidentiality of the personal information included in the created documents since these documents will be in your hands and could be made public.

Internal Management of Personal Information:

Total Compliance commits to adopting internal processes before September 22, 2023, to ensure compliance with various obligations regarding personal information coming into force on that date, including a staff training and awareness plan, a dedicated complaint handling process related to the protection of personal information, and an approach to reviewing and publishing its privacy policy.

Right of Access to Your Information:

Subject to certain exceptions provided by law, you have the right to access your personal information at any time and without charge, to challenge the accuracy and completeness of this information, and to have it amended as appropriate. You can make a request for access to your information by contacting the Privacy Officer of InnuCloud Experts Inc.

Privacy Officer:

At InnuCloud Experts Inc., the company behind Total Compliance, the Privacy Officer is named Soufiane Adil. Any inquiries, complaints, consultations, or corrections of your personal information should be addressed to Mr. Soufiane Adil, Privacy Officer of InnuCloud Experts Inc. (2400 Rue Lucerne, Mont-Royal (Montreal) QC H3R 2J8) at [email protected].

Sharing of Information:

The company will comply at all times with applicable laws in the use or disclosure of your personal information. Besides the persons and organizations listed below, your personal information will not be transmitted to anyone, except if the company is legally and/or judicially compelled to transmit it to a competent authority. In all cases, these individuals/authorities/organizations are subject to the same obligations as the company under this policy.

Access to this information is granted:

  • to the platform administrators for the purpose of operating the platform effectively, for example, to communicate with users and/or improve the service offered;
  • to a potential acquirer and any organization involved in an operation involving the sale or transfer of part or all of the assets of the company behind Total Compliance, in which case the use of your personal information by the new entity or any organization involved would continue to be subject to applicable laws and fully respect this policy;
  • to any organization when the company has reasonable grounds to believe that the information could be useful in the investigation of an illegal activity and/or to comply with a subpoena, a warrant, a court order, or to comply with court rules regarding the production of records and information and/or to protect the rights and property of the company;
  • to software providers allowing the generation of statistics and improving your experience as a customer of Total Compliance, such as Google Analytics, Podia, PandaDoc, and Mailchimp;
  • to service providers helping us administer our website, for example, in the context of technical assistance, processing your payment, or executing document shipments.

Data Aggregation:

Regarding the aggregation of usage data of the platform and the use of this data for commercial prospecting purposes, the company reserves the right to:

  • provide third parties with aggregated data of users and the use of the platform (e.g., the number of courses purchased, the number of documents bought, etc.) to provide an indication of the interest generated by it. In this case, the company commits not to reveal the identity of the users who served to aggregate the data;
  • send you electronic communications through the email address provided when creating a user account. At any time, you can ask us to stop sending by contacting [email protected].
  • use "cookies" or similar technologies to proceed with audience measurements of our platform (number of pages viewed, visitor activity, etc.). "Cookies" or similar technologies are then used, in particular, for purposes of statistical measurements and geolocated services.

Data Retention:

The company may retain and process your personal information as long as necessary for the purposes for which it was collected and for a maximum of six months after the deletion of your account or as the law permits and/or requires. After this period, the company commits to securely delete all your personal information retained.

Please note that the personal information collected by the company is processed and stored in confidential and secure databases, located at Google, in Canada, and mandated by the company. This organization has obtained an ISO 27001 certification and conducts annual Type II audits (SSAE16 / ISAE 3402 Type II), FedRamp, NIST.

Limitation of Liability:

Although Total Compliance acts diligently and takes all reasonable measures to secure your personal information, due to the nature of the Internet and technologies, it cannot be guaranteed that your personal information will not be accessible or intercepted by means other than those provided for in this policy.

Furthermore, as mentioned in the sections on sharing information and data aggregation, third parties may have access to your confidential information. Although we commit to taking reasonable measures so that these parties preserve the confidentiality and security of your information, including by creating a confidentiality contract between Total Compliance and these third parties, we cannot take responsibility and be liable for a security incident occurring at these third parties.

By using Total Compliance, you accept the risk that these third parties may cause a security incident concerning your personal information.

Third-Party Policies:

The platform uses Google Analytics, Teachable, Google Workspace, and Mailchimp to analyze the audience and improve the user experience. Follow the links below for information on the privacy policies related to the use of Google Analytics, Teachable, Google Workspace, and Mailchimp.

If you have comments or questions about this policy, the policies of third-party software used by Total Compliance, or your personal information, please write to us at [email protected].

Update of This Privacy Policy:

This policy may be updated by the company from time to time at the sole discretion of the company behind Total Compliance, and will be minimally updated once on September 22, 2024, to insert the necessary information following the entry into force of certain articles resulting from the adoption of Law 25. The collection, retention, consultation, and communication of your personal information are governed by the most recent version of this Privacy Policy and the terms of use available on our platform. This policy and these conditions may be modified from time to time by the administrators of the company behind Total Compliance. By proceeding to purchase training and/or tools, and/or by using the documents of Total Compliance or listening to the training of Total Compliance, you consent to the collection, retention, consultation, and communication of your personal information in accordance with the most up-to-date policy.