1. General information
a) Introduction
Protecting your privacy is important to Société Mondo America Inc (hereinafter referred to as “Entity“, “We“, “Us“, “Our“). For this reason, We have implemented safeguards and practices for the sound management of your Personal Information in accordance with applicable laws in Quebec and Canada.
This privacy policy (the “Policy“), which should be read in conjunction with our Terms and Conditions, describes our practices regarding the collection, use, processing, disclosure, and retention of Personal Information of our customers, visitors and users.
By using our website www.mondoworldwide.com/na/en (the “Website“) or any of our services, you agree that We may collect, use, process, disclose and retain your Personal Information in accordance with the terms described herein. If you do not agree to comply with and be bound by this Policy, you may not visit, access or use Our Website or Services, or share your Personal Information with Us.
This Policy does not apply to Personal Information of the Entity’s employees, representatives and consultants, or any other person affiliated with the Entity, or to any information that does not constitute Personal Information as defined by applicable laws in Quebec and Canada.
b) Privacy Officer
Questions, comments and complaints regarding the Entity’s Privacy Policy and practices may be addressed to Our Privacy Officer at the following coordinates:
Telephone: 1-800-361-3747
E-mail: privacy@mondousa.com
Address: Mondo s.p.a. Piazzale E. Stroppiana 1, Alba Frazione, Gallo, 12051 (CN), Italy
2. Definitions
The following words and expressions, when they appear with a capitalized first letter in the Policy, have the meanings attributed to them hereinafter, unless otherwise implied or explicit in the text:
“Service Provider” means any individual or entity that processes Personal Information on behalf of the Entity. This includes third-party companies or individuals employed by the Entity to facilitate the Services, to provide the Services on behalf of the Entity, to perform services related to the Services or to assist the Entity in analyzing the use of the Services
“Personal information” means any information that relates to a natural person and allows that person to be identified, i.e., that directly or indirectly reveals something about the identity, characteristics (e.g., abilities, preferences, psychological tendencies, predispositions, mental abilities, character and behaviour of the person concerned) or activities of that person, regardless of the nature of the medium or the form in which the information is accessible (written, graphic, sound, visual, computerized or other).
“Privacy Officer”: the person who is responsible for the application of this Policy and whose contact information is identified in section 1 of this Policy.
“Services”: Services refers to the website.
3. Treatment of Personal Information
3.1 Collection of personal information
In the course of our activities, We may process various types of Personal Information, including the information listed below:
- contact information, such as your first and last name, address, e-mail address and telephone number;
- information relating to products or services, such as information concerning the Services we have rendered to you;
- information that you choose to provide or transmit to Us, for example, when you fill out a form, respond to surveys, apply for one of our job offers or contact one of our employees or representatives;
- information automatically collected through the use of the Website and our Services, including :
- connection and other information about your activities on the Website, such as your IP address, the pages you visit, the time and date of your visits, the number of connections, the type of browser you use, the operating system of your device and other hardware and software information;
- demographic and geolocation data, such as your IP address, a precise or approximate location determined from your IP address or the GPS of your mobile device (depending on your device’s settings).
In each case, such Personal Information is processed in accordance with the legitimate and necessary purposes listed in article 3.2 below.
3.2 Use of Personal Information
We may use your Personal Information for the legitimate purposes described below:
- operate, maintain, supervise, develop, improve and offer all the functionalities of Our Website;
- to introduce you to our services;
-
- allow you to apply for job opportunities;
- to enable you to purchase our Services and to carry out transactions in connection with our Services;
- perform our contractual obligations to you;
- develop, improve and offer new Services;
- to send you messages, updates and security alerts;
- for any other purpose permitted or required by law.
3.3 Disclosure of Personal Information
We may share your Personal Information with our employees (including marketing and sales departments) who need to know that information to help us operate our Website, conduct our business or serve you, provided that such Service Providers have previously agreed in writing to maintain the confidentiality of your Personal Information in accordance with applicable laws and our Information Governance Program.
We do not sell, trade or otherwise disclose your Personal Information to third parties.
3.3.1 Service providers and other third parties
Although We try to avoid sharing your Personal Information with third parties, We may use Service Providers to perform various services on our behalf, such as IT management and security, marketing, and data analysis, hosting and storage. We have defined below the cases in which such sharing may take place:
- We use Google Ads to analyze the audience of Our Services, establish statistics and converse with customers and prospects. See their privacy policy.
- We use the services of the social network LinkedIn for our publications, achievements. Consult their privacy policy;
- We use YouTube to present our products and Services. See their Google privacy policy;
- We use the services of Facebook to communicate about our activities and to present our products and Services. See Meta’s privacy policy;
- We use the services of Salesforce. See their privacy policy;
- We use the services of TMR Communications to host Our Website;
- We use Metatracer to ensure Our compliance with the privacy laws that apply to Us. Consult their privacy policy.
Prior to disclosing your Personal Information to Service Providers outside the province of Quebec, or depending on the nature of the Personal Information disclosed, We conduct a Privacy Impact Assessment. When we disclose your Personal Information to Service Providers, we enter into written contracts with them before disclosing your Personal Information to them, and we provide them with only the Personal Information they need to perform their mandate. As part of these contracts with our Service Providers, We undertake to ensure that the principles set out in this Policy are respected, and these Service Providers are required to use Personal Information confidentially, in accordance with Our instructions and solely for the purposes for which it was provided. We provide sufficient assurances that adequate safeguards are in place that are proportionate to the sensitivity of the Personal Information being processed or disclosed. When our Service Providers no longer need your Personal Information, we ask them to destroy this data in an appropriate manner.
3.3.2 Compliance with legislation, responding to legal requests, preventing harm and protecting our rights
- We may disclose your Personal Information when We believe such disclosure is authorized, necessary or appropriate, including:
- to respond to requests from public and governmental authorities, including public and governmental authorities outside your country of residence;
- to protect our business;
- to comply with legal proceedings;
- to protect Our rights, Our privacy, Our security, Our property, yours or that of third parties;
- to enable Us to pursue available remedies or limit the damages We may sustain; and
- in accordance with applicable laws, including laws outside your country of residence;
3.3.3 Commercial transactions
We may share, transfer or communicate, in strict compliance with this Policy and the provisions of the Act respecting the protection of personal information in the private sector, RLRQ c P-39. 1 (the “Private Sector Act”) and the Act to modernize legislative provisions respecting the protection of personal information, LQ 2021, c 25 (the “Act 25”, assented to on September 22, 2021), your Personal Information in the event of a sale, transfer or assignment, in whole or in part, of the Entity or our assets (for example, as a result of a merger, consolidation, change of control, reorganization, bankruptcy, liquidation or any other business transaction, including in connection with the negotiation of such transactions). In such a case, We will inform you before Your Personal Information is transferred and is governed by another privacy policy.
3.4 Consent for Personal Information
Wherever possible, the Entity obtains consent directly from the individual concerned for Us to collect, use and disclose his or her Personal Information. However, if you provide us with Personal Information about other persons, you must ensure that you have duly notified them that you are providing us with their information, in addition to obtaining their consent to such disclosure.
We will seek your explicit, manifest, free, informed and purposeful consent before using or disclosing your Personal Information for purposes other than those set out herein. We will also seek your explicit consent whenever sensitive Personal Information is involved in any of the Entity’s processing activities.
We will ask for your consent for each specific purpose in clear and simple terms, separate from any other information that will be communicated to you.
BY USING OUR WEBSITES, BY TRANSMITTING YOUR PERSONAL INFORMATION BY E-MAIL, YOU CONSENT TO THIS PRIVACY POLICY AND TO THE COLLECTION AND PROCESSING OF YOUR PERSONAL INFORMATION IN ACCORDANCE WITH THE PRIVACY POLICY.
If You do not consent, please stop using the Websites. Except where otherwise provided by law, You may withdraw Your consent at any time upon reasonable notice. Please note that if You choose to withdraw Your consent to the collection, use or disclosure of Your Personal Information, certain features of our Website may no longer be available to You or we may no longer be able to provide You with some of our services.
3.5 Retention of Personal Information
Subject to applicable law, We retain your Personal Information only for as long as necessary to fulfill the purposes for which the information was collected, unless you consent to your Personal Information being used or processed for another purpose. As an indication, the duration of certain information may extend up to 10 years following the end of the Services rendered by the Entity to you. In addition, our retention periods may be changed in a timely manner due to legitimate interests (for example, to ensure the security of Personal Information, to prevent abuse and violations or to prosecute criminals)
For more information on the periods for which your Personal Information is retained, please contact our Privacy Officer using the contact information set out in section 1b) of this Policy.
4. Your rights
As a data subject, you may exercise the rights set out below by communicating in writing with Our Privacy Officer at the contact information provided for in section 1b) of the Policy. Please note that We may ask you to verify your identity before responding to any of these requests.
- You have the right to be informed of the Personal Information We hold about you, its use, disclosure, retention and destruction, subject to exceptions provided by applicable law;
- You have the right to access your Personal Information, to request a copy, including a paper copy, of the documents containing your Personal Information, subject to the exceptions provided by applicable law, and to obtain, if necessary, additional details about how we use, disclose, store and destroy it;
- You have the right to have the Personal Information We hold about you corrected, amended and updated if it is incomplete, ambiguous, out of date or inaccurate;
- You have the right to withdraw or modify your consent for the Entity to collect, use, disclose or retain your Personal Information at any time, subject to applicable legal and contractual restrictions;
- You have the right to ask Us to stop disseminating your Personal Information and to de-index any link to your name that provides access to that information if such dissemination contravenes the law or a court order;
- You have the right to request that your Personal Information be disclosed to you or transferred to another organization in a structured and commonly used technology format;
- The right to be informed of a privacy incident involving your Personal Information that may cause you serious harm. To this end, we keep a record of all privacy incidents and assess the harm they may cause;
- You have the right to file a complaint with the Commission for access to information, subject to the conditions set out in applicable law.
In order to comply with your request, you may be asked to provide appropriate identification or otherwise identify yourself.
5. Cookies and Other Tracking Technologies
We use cookies and other similar technologies (collectively, “Cookies“) to help us operate, protect and optimize the Website and the Services we offer. Cookies are small text files that are stored on your device or browser. They collect certain information when you visit the Website, including your language preference, browser type and version, the type of device you are using, and your unique device identifier. If some of the Cookies We use are deleted after the end of your browser session, other Cookies are stored on your device or browser to allow us to recognize your browser the next time you visit the Website. The Personal Information collected through these Cookies is not intended to identify you. In particular, they make it possible to ensure the functioning of the Website, to improve the browsing experience of users and provide certain data that allow us to better understand the traffic and interactions that take place on Our Website as well as to detect certain types of fraud. Cookies do not cause any damage to your device and cannot be used to extract your Personal Information. We collect your IP address, information about your device and your operating system or browser, your browsing path and history on Our Website as well as your requests, browsing preferences (the languages used), etc.
You can configure your browser so that you are informed of the setting of Cookies during your visit to the Website, so that you can decide, in each case, to accept or refuse the use of some or all Cookies. Please note that disabling Cookies on your browser may affect your browsing experience on the Website and prevent you from using some of its features.
To learn more about how we use Cookies, you can see Our “Cookie Policy”.
6. Security Measures
The Entity has implemented physical, technological and organizational security measures to adequately protect the confidentiality and security of your personal information against loss, theft or unauthorized access, disclosure, reproduction, disclosure, use, modification. These measures include:
At the administrative level, the adoption of a series of policies and procedures as part of the implementation of our information governance program that include:
- govern the access, communication, retention, de-identification, including the anonymization and/or, where applicable, destruction of Personal Information;
- determine the roles and responsibilities of our employees throughout the lifecycle of Personal Information and documents;
- establish procedures for responding to and responding to privacy incidents;
- oversee the process of requests and complaints relating to the protection and handling of Personal Information.
On the technical level, the use of several means such as:
- the use of a secure server. All sensitive or credit information provided is transmitted via Secure Socket Layer (SSL) technology and then encrypted into Our database of payment gateway providers only to be accessed by authorized persons with special access rights to these systems, and are required to keep the information confidential;
- the use of backup systems, network monitoring software, etc. ;
- the use of encryption and segregation of duties, access controls and internal audits.
We have not exhaustively listed the set of measures we put in place given the public nature of this Policy.
Despite the measures described above, We cannot guarantee the absolute security of your Personal Information. If you have reason to believe that your Personal Information is no longer protected, please contact Our Privacy Officer immediately using the contact information set out in section 1b) above.
7. Changes to this Privacy Policy
We reserve the right to modify this Policy at any time in accordance with applicable law. In the event of any changes, We will post the revised Privacy Policy and update the date it was updated in the footer of the Privacy Policy. We will also notify you by email at least thirty (30) days prior to the effective date of the new version of our Policy. If you do not agree to the new terms of the Privacy Policy, We invite you to stop using Our Website and Services. If you continue to use Our Website or Services after the new version of our Policy becomes effective, then your use of Our Website and Services will be governed by that new version of the Policy.
8. Links to Third Party Websites
From time to time, We may include on Our Website references or links to Our Facebook page, websites, products or services provided by third parties (“Third Party Services“). These Third Party Services, which are not operated or controlled by the Entity, are governed by privacy policies that are entirely separate and independent from ours. We therefore assume no responsibility for the content and activities of these sites. This Policy applies only to the Website and the Services We offer. The Policy does not extend to Third Party Services such as Our Facebook Page / Our Facebook Pages and YouTube.
9. ReCAPTCHA invisible
Invisible reCAPTCHA analyzes activity on a web page function (e.g., mouse movements and keystroke patterns) to determine if a user is a bot.
The invisible reCAPTCHA service may collect information from your device. The information collected by reCAPTCHA is held in accordance with its privacy policy.
10. Information about your rights to the protection of Personal Information under the General Data Protection Regulation (GDPR)
For the purposes of this Privacy Policy, We act as the controller of your Personal Information. If you are from the European Economic Area (EEA), Our legal basis for collecting and using your Personal Information, as described in this Privacy Policy, depends on the information We collect and the specific context in which We collect it. We may process your Personal Data because:
- We need to perform a contract with you, such as when you use Our Service;
- You have given us permission to do so;
- The processing is in Our legitimate interests and does not override your rights;
- To comply with the law.
If you reside in the European Economic Area (EEA), you have certain rights to protect your Personal Information. In certain circumstances, you have the following protection rights:
- The right to access, update or delete the Personal Data We have about you;
- The right to rectification;
- The right to object;
- The right of restriction;
- The right to portability;
- The right to withdraw your consent from the data.
Please note that We may ask you to verify your identity before responding to such requests.
You have the right to complain to a Privacy Authority about Our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area (EEA).
11. Reseller Services
We use the services of resellers. What is a reseller? In digital marketing, reselling (or retargeting) is the practice of serving ads across the internet to people who have already visited your website. It allows your business to leave the impression that visitors to your website follow you across the Internet by presenting ads from Our Service on the websites and platforms they use most.
12. Payment details
With respect to credit card details or other payment information you have provided to Us, We are committed to ensuring that such confidential information is stored as securely as possible.
13. Individuals under the age of 14
We do not knowingly collect or use Personal Information from anyone under the age of 14. If you are under the age of 14, you must not provide Us with your Personal Information without the consent of your parent or guardian. If you are a parent or guardian and you become aware that your child has provided Personal Information to Us without consent, please contact Us using the contact information set out in section 1b) above to request that We delete that child’s personal information from our systems.
14. Governing Law
The laws of Canada and Quebec, excluding its conflict of law rules, will govern this Agreement and your use of the Website. Your use of the Website may also be subject to other local, provincial, national or international laws.