CyberPerformance Privacy Policy

We are committed to respecting the privacy of our users and ensuring the protection of their personal information in accordance with Bill 25. This policy provides comprehensive details about the types of information we collect, how we use it, the security measures in place, and your rights in this regard. It applies to all digital and contractual interactions between CyberPerformance and its clients, prospects, partners, and website visitors.

1. Personal Data Collection We collect only the personal information necessary for providing our services, managing client relationships, securing our operations, and ensuring legal compliance. The information collected may include:

  • First and last name
  • Email address
  • Mailing address
  • Telephone number
  • Contractual information
  • Banking or payment information (via Zoho Invoice)
  • Voice recording data from telephone calls
  • IP addresses and browsing data when you visit our website

2. Data Usage Personal information is used for the following purposes:

  • Responding to user inquiries and communications
  • Processing payments and issuing refunds via Zoho Invoice (banking data is not hosted on our servers)
  • Managing electronic signatures of legal documents via Zoho Sign
  • Managing customer relationships via Zoho CRM
  • Managing appointments and scheduling via Zoho Bookings
  • Sending newsletters and commercial communications with prior consent
  • Improving user experience and website usability
  • Preventing fraud, abuse, and disputes by using call recordings as evidence of good faith or verbal agreements

3. Legal Basis for Processing Our processing is based on:

  • Free, informed, and specific consent of the individual concerned
  • Performance of a contract between the user and CyberPerformance
  • Compliance with our legal obligations (e.g., retention of tax documents)
  • Pursuit of legitimate interests, particularly in matters of security, fraud prevention, and continuous service improvement, without infringing on the fundamental rights of individuals

4. User Rights In accordance with Bill 25, any person whose personal information is collected may:

  • Access their personal data
  • Request its correction
  • Request its deletion, when permitted
  • Object to its use for prospecting purposes
  • Withdraw consent at any time when processing is based on consent
  • Exercise their right to data portability: in this case, we will create a secure and restricted Google Drive folder containing the requested information in a structured, commonly used, and machine-readable format

5. Data Transfer Outside Quebec We use third-party platforms whose servers are located outside Quebec, particularly in the United States, including:

  • Zoho Sign (electronic signature)
  • Zoho Invoice (billing and payment processing)
  • Zoho CRM (customer management)
  • Zoho Bookings (appointments)
  • Google Workspace (professional emails, internal documents)

Before using these services, a privacy impact assessment was conducted, confirming that adequate security measures are in place, including encryption, access controls, and compliance with international certifications (ISO 27001, SOC 2). Contractual clauses and data protection mechanisms govern all these transfers.

6. Data Retention Unless otherwise specified or required by law, personal information is retained for a maximum of three (3) years following its collection or the end of the contractual relationship. Regarding recorded calls, the retention period is extended to ten (10) years to preserve evidence in case of dispute or contractual recourse. This duration is based on the principle of proportionality and the legitimate purposes of mutual protection between parties.

7. Telephone Call Recording CyberPerformance may record all incoming and outgoing calls for quality, training, and contractual validation purposes. This practice is disclosed through our privacy policy and applies to anyone communicating with us. These recordings are:

  • Encrypted and secured via a restricted-access system
  • Retained for a maximum of ten (10) years
  • Used only to assert a verbal agreement, demonstrate absence or involvement of liability, or serve as evidence in case of dispute
  • Accessible only to authorized persons and, in certain cases, judicial authorities

An opt-out mechanism is available: any person may request deletion of their recording if it does not interfere with the legitimate purpose of retention, by writing to [email protected] or to our head office, whose address is listed in the Quebec Business Register. In cases of judicial requests, a rigorous protocol will be followed, including authentication of the requester and, if necessary, an in-person meeting. Reasonable fees may be charged.

8. Cookies Our site uses cookies to improve user experience and measure the effectiveness of our campaigns. On your first visit, a consent banner allows you to:

  • Accept essential cookies, enabled by default
  • Accept or refuse analytical and advertising cookies (Google Analytics, Facebook Pixel, etc.)
  • Manage your preferences at any time via a link at the bottom of the page

No cookies are activated without your explicit consent, except those strictly necessary for the technical operation of the site.

9. Data Security CyberPerformance implements strict security measures, both technical and administrative:

  • SSL/TLS encryption for all communications
  • Restricted access to sensitive data via two-factor authentication
  • Regular automatic backups
  • System connection logging
  • Regular staff training on privacy and secure information management

10. Personal Information Protection Officer (PIPO) Antoine Côté, President of CyberPerformance, is designated as PIPO. He oversees:

  • Implementation of Bill 25 within the company
  • Responses to access, correction, or deletion requests
  • Management of privacy incidents
  • Risk assessment related to third-party tools

He can be contacted:

  • Via the form on the “Contact Us” page
  • By email at [email protected]
  • By phone at (418) 431-7824 ext. 101

11. Complaint Procedure Any person wishing to submit a complaint or request regarding their personal information may do so in writing to the designated officer. We are committed to processing all requests within a maximum of 30 business days. In case of dissatisfaction, a complaint may be filed with the Commission d’accès à l’information du Québec (CAI).

12. Notification of Privacy Breach In the event of a personal information breach likely to present a high risk to rights and freedoms, CyberPerformance will notify the incident to the CAI within 72 hours, unless the risk is deemed negligible. If the risk is high, affected individuals will also be informed by appropriate means, including measures taken to mitigate the consequences.

13. Policy Updates This privacy policy may be modified at any time to reflect legislative, technological, or organizational changes. In case of substantial modifications, a notice will be published on our site. We invite you to consult this page regularly.

14. General Information CyberPerformance is registered with the Quebec Business Register under NEQ: 1171593842. Our head office is located at 2828 Ste-Anne, Lévis, G6J 1H8, Canada. All content on our site, including texts, photographs, logos, and visual elements, is protected by copyright laws.

15. Intellectual Property and Site Usage This website and its content are the exclusive property of CyberPerformance. You agree not to reproduce, distribute, modify, or transmit any part of this site without our prior written authorization. Any fraudulent or abusive use will result in immediate exclusion and may lead to legal action.