cONFIDENTIALITY pOLICY

 Compliant with the General Data Protection Regulation (GDPR)

 About this review

GoCarCanada Brokerage Inc. and its subsidiaries (together, the "Company") are committed to protecting the privacy and security of your personal information. In accordance with data protection laws, this privacy notice describes how we collect and use data that relates to you personally as a resident of Canada. Please read it carefully.

Under data protection laws, the personal data we hold about you must be: · used lawfully, fairly and transparently; · Collected only for valid purposes that we have clearly explained to you, and used in a manner compatible with those purposes; · Relevant to the purposes we have told you about, and limited to those purposes; · Accurate and kept up to date to the extent possible; · Kept for as long as necessary for the purposes we have informed you of; · Kept safe.

 If you have any questions about this notice or how we collect and use your personal data, please contact us.

About us

We are GoCarCanada Brokerage Inc., a company incorporated in the province of Quebec, Canada. Our head office is located at 164 rue Cowie, suite 303 Granby (Quebec) J2G 3V3, and our registration number (NEQ) is 1174527094. If you have any questions, you can direct them to: · 164 rue Cowie, suite 303 Granby (Quebec) J2G 3V3 · Info@gocarcanada.ca · We have appointed Mr. Jocelyn Beaudoin of the firm Groupe Loyer Avocats to represent us for the purposes of the law on data protection. Their coordinates are: · 910 rue Shefford Bromont (Qc) Canada, J2L 1C3 Tel .: 450 919-3900;

 Contact details and other correspondence

 If you contract with us as a private individual (or if someone does it on your behalf) some of your personal data like your name, contact details, contract details will be included in the contract and in our correspondence. relating to the contract. Any other correspondence or interaction with us (for example by email, phone, mail, text message, social media or our website) will also contain personal data such as your name and contact details. These communications may be investigations, reviews, follow-up comments, complaints made by or against you, and disputes with you or your organization. Call data. We may also collect the telephone numbers used to call our organization as well as the date, time and duration of the calls. We will notify you of any calls recorded with you, whoever the caller is. We will retain and use the personal data collected to perform our contract with you (if applicable), to comply with any legal requirements that require us to keep certain records or perform certain checks, to pursue our legitimate interests in processing your data. '' a complaint or request for data or in the administration of your account, (or that of your organization) and the services we offer, as well as to evaluate and improve our offer, including troubleshooting, data analysis, testing, research, statistics and survey. Your personal data relating to a contract are kept for a period of up to seven years after the closure of your account in order to enable us to process any data requests or after-sales complaints and to comply with tax requirements. All other information mentioned above is kept for seven years.

 Marketing 

 We may collect your name and contact details (such as your email, phone number or address) in order to send you data about our products and services that may be of interest to you. We may collect this information directly from you or through a third party. If a third party has obtained your name and contact details, they will only provide them to us for marketing purposes if you have consented to this. You have the right at any time to opt out of receiving our promotional material. You can exercise this right at any time by contacting us or by selecting it in the appropriate place directly on the email we have sent you. If we send you promotional emails, you will always find an unsubscribe option so that you do not receive further emails. By unsubscribing, we'll add you to our exclusion list to ensure we don't accidentally send you further marketing materials. If you are a client or act in a professional capacity with a corporation or LLP, we will use your contact information as necessary to pursue our legitimate promotional interests with you and to maintain our list of potential clients. If you are not a client and are not acting in a professional capacity within a corporation or LLP, we will only communicate with you for promotional purposes with your consent (whether we have collected your data directly from you or through a third party). We will never share your name or contact details with third parties for promotional purposes, unless you have expressly consented to a particular third party sending you promotional communications. We use third party service providers to send our promotional communications, but we only allow them to use shared data as directed by us and only if they agree to treat it confidentially and keep it secure. We keep your details on our promotion list until you opt out, in which case we add you to our exclusion list. We keep this list indefinitely to comply with our legal obligation not to inadvertently send you promotional communications

 Website data

 We may collect data about you and your use of our website through technical means such as cookies, web page counters, and other analytical tools. This data may include IP address, connection data, browser type and version, time zone and location, types and versions of browser plug-ins, system and operating platform. and other technologies on the devices you use to access the website. We use this data to the extent necessary to pursue our legitimate interests to administer and improve our website and its content, ensure its efficient and secure operation, develop our business and guide our marketing strategy. We might create aggregate statistical data (for example, the total number of website visitors) from this data, which is not personal data. We keep your personal data for one year after it is collected or the corresponding cookie expires. Our website may contain links to third party websites, plugins and applications. Clicking on these links or activating these connections may allow third parties to collect or share data about you. We do not control third party websites and are not responsible for their privacy policies. We encourage you to read the privacy notice of all websites you visit. 

 Employee data

If you work for one of our customers, suppliers or business partners, the data we collect about you may include your contact details and details of your employment and our relationship with you. This data may be collected from you or provided by your organization, which should have informed you that your data will be provided to us and invited you to read this notice. We use your employee data to the extent necessary to pursue our legitimate interests to manage our relationship with your organization. If we have a business relationship with you or your organization, your organization may send us data about you. We keep employee data for up to seven years after our relationship with your organization has ended.

 Complaints founded in law

When we believe we run the risk of having to defend ourselves or take legal action, we may retain the personal data necessary to defend our legitimate interests. We may need to share this data with our insurers or legal advisers. We keep this data for a variable period of time depending on the nature of the dispute and the interval during which we believe we run the risk of having to defend ourselves or take legal action.

 Data obtained from third parties

We may obtain data about you from the following sources: · Our service providers. We work closely with third parties (including business partners, technical, payment and delivery service contractors, advertising networks, analytics and research data providers, and industry benchmarks. credit card) who can provide us with data about you. We use this data in accordance with the above. · The businesses we buy. If we acquire another business, or substantially all of its assets, and that business holds personal data about you, we will retain and use that data in accordance with this privacy notice. Our other channels. We have access to data about you if you use any of the other websites we operate or the other products and services we provide. We will have informed you that we collect your data if we intend to share it internally and combine it with data collected on this website. We will also have indicated to you for what purpose we intend to share and combine your data. · Sources available to the public. We get data from public sources like Companies House, Facebook, Twitter or LinkedIn. · Credit information. We may also collect your credit data from credit reporting agencies.

 Other reasons for using your data Common uses of your data.

 We only use your personal data when permitted by law. In certain circumstances, we might use your data because you have expressly consented to it, but as a rule, we use it in accordance with this notice to: · perform a contract that we have entered into with you; · Comply with a legal obligation; · Pursue our legitimate interests (or those of a third party), insofar as your interests and rights do not take precedence; · Protect your interests (or those of others) or, more rarely, the interests of the public. Change of endings. We will only use your personal data for the purposes for which we collected it, in accordance with this notice, unless we need to use it for another reason, compatible with the original purpose. If we need to use your personal data for a different purpose, we will notify you and explain the legal basis for doing so. 

 Sharing your data 

In addition to the above, we may share your data with third parties, including service providers and other entities in our group. Third parties are required to respect the security of your personal data and to treat it in accordance with the law. We never sell your data to third parties. Why can we share your personal data with third parties? We may share your personal data with third parties if we have a legal obligation to disclose or share it, in order to enforce or enforce our agreements with you or to protect our rights, property or safety or our customers or others or when we have another legitimate reason to do so. In particular, we may share your data with other companies and organizations for the purposes of fraud protection and credit risk reduction. Who are the third party service providers who process your personal data? We may need to share your personal data with third party service providers (including contractors and appointed agents) so that they can provide their services to us. In particular, we hire legal advisers, accountants and tax advisers. When can we share your personal data with other entities in our group? We may share your personal data with other entities in our group as part of our regular corporate performance reporting activities, in the context of a corporate reorganization or financial year. group restructuring, as well as system maintenance and data hosting. To what extent is your data protected by third party service providers and other entities of our group? All of our third-party service providers and all other group entities are required to take appropriate security measures to protect your personal data. When third parties process your personal data on our behalf as "data controllers", they should only do so on our instructions and only if they agree to treat it confidentially and keep it safe. . What about other third parties? We may share your personal data with other third parties, for example in the context of a possible sale or restructuring of the business in pursuit of the purposes for which your data was collected if this is necessary. We may also have to share your personal data with a regulatory body or to comply with the law.

Data location

Our head office is located in Canada. Your data is stored in the cloud. We will take all reasonable steps to ensure that your personal data is treated securely and in accordance with this privacy notice.

 Data security

  In addition to the above measures governing the sharing of your data, we have implemented internal security measures to prevent your personal data from being accidentally lost, used or consulted without authorization, modified or disseminated. In addition, only employees, agents, contractors and other third parties who need to know your personal data have access to it. They will only process them according to our instructions and are subject to a duty of confidentiality. We have procedures in place to deal with any suspected data breach, in which case we will notify you and any relevant regulatory body.

 How long do we keep your data

Subject to the general provisions above, we may in certain circumstances retain your data longer to fulfill the purpose for which we collected it, including to comply with any legal, accounting or reporting requirements. To determine the retention period of your personal data, we take into account their quantity, nature and sensitivity, the potential harm that would arise from their unauthorized use or disclosure, applicable legal requirements and the purposes we use them. We also wonder if we can achieve these ends otherwise. In certain circumstances, we may anonymize your personal data so that it can no longer be associated with you, in which case we may use it with.

Your rights

Data protection law gives you a number of rights with respect to the personal data we hold about you. The main ones are set out below. In certain circumstances, you have the right: To be informed in a clear and transparent manner of how we are using your personal data and of your rights, as is the case in this notice. If you need more information about how we use your personal data, please let us know; · To request access to your personal data (commonly called a "data subject access request"), to receive a copy of your data and verify that we are processing it in accordance with the law; Request the correction of the personal data that we hold about you to restore incomplete or inaccurate data; To request the erasure or removal of your personal data if we have no valid reason to keep them (for example to comply with our legal obligations) or if you have exercised your right to oppose them treatment (see below); To object to the processing of your personal data if we are pursuing a legitimate interest (or that of a third party) for which you refuse our use of your data, provided that we do not have a compelling legitimate interest exceeding your rights, interests or freedoms (for example, the defense of a legal claim). You have the right to object to the processing of your personal data for direct marketing purposes; To request the restriction of the processing of your personal data to suspend the processing of data concerning you, for example if you want us to establish their accuracy or the reason for their processing; To request the transfer of your personal data to another party, if you have provided them to us and we use them with your consent, or to perform a contract, request processed in an automated manner; · Withdraw your consent at any time to the use, processing and transfer of your data for specific purposes if you have expressly consented thereto. As soon as you notify us that you withdraw your consent, we stop processing your data for the purposes you originally consented to, unless we have another compelling legitimate interest in doing so; · Lodge a complaint with your national data protection authority if you believe that we are using your data in a way that violates data protection laws. If you wish to consult, verify or correct your personal data, request its erasure, object to its processing, withdraw your consent or ask us to transfer a copy to another party, please contact us. No fees usually required. You will not have to pay any fees to access your personal data (or to exercise any other right). However, we may charge a reasonable fee if your request for access is manifestly unfounded or excessive. In this case, we can also refuse to act on the request. Information required. We may need to request information from you to better understand the nature of your request, to confirm your identity, and to ensure your right to access data (or exercise any other right). This security measure aims to ensure that your personal data is not communicated to any person not authorized to consult it. Deadlines. Please make reasonable requests. We will respond to them as soon as possible. Usually, the deadline is one month from receipt of the request. If it takes longer to process the request, we will notify you.

Modification to this privacy notice

Any changes to this privacy notice will be posted here. You will be notified by email or otherwise as appropriate. We invite you to consult this page frequently to take note of any update or modification.