Privacy policy

Last updated: 2026-01-30
SIPVM places the highest importance on the protection of personal information and is committed to complying with the requirements of the Act respecting the protection of personal information in the private sector (Québec – Law 25), as well as all other applicable privacy laws.

1. Scope of this policy

This Privacy Policy is intended to inform any individual (client, partner, website visitor, or representative of an organization) about how SIPVM collects, uses, discloses, retains, and protects personal information in the course of its business activities.
This policy applies in particular to personal information collected through:

  • IT and cybersecurity services provided by SIPVM
  • Contractual and operational communications
  • Forms available on the website (contact, IT assessment, quotation requests)
  • Digital and technical interactions related to managed IT and infogérance services.

2. Person in charge of the protection of personal information

SIPVM has appointed a Person in Charge of the Protection of Personal Information (PCPPI).
For any questions, requests, or complaints regarding this Privacy Policy or the handling of personal information, you may contact:
Person in Charge of the Protection of Personal Information
Email: support@sipvm.com
Phone: 450-664-1117

3. Personal information collected

SIPVM may collect the following categories of personal information:

  • Identification and contact information (name, title, email address, phone number)
  • Contractual and administrative information
  • Technical and operational information (system logs, IP addresses, technical identifiers)
  • Information related to IT security and compliance
  • Any other information required to deliver services

Personal information collected is limited to what is necessary for the identified purposes.

4. Purposes of collection

Personal information is collected and used for the following purposes:

  • Delivering and managing IT and cybersecurity services
  • Monitoring, maintaining, and securing IT environments
  • Managing contractual and business relationships
  • Responding to inquiries and communications
  • Meeting legal and regulatory obligations
  • Improving service quality, reliability, and security

5. Use of automated tools and artificial intelligence

SIPVM may use automated tools and artificial intelligence technologies for analysis, security, monitoring, and optimization of IT services.
No fully automated decision-making producing legal or similarly significant effects on individuals is carried out, except where permitted by law and governed by contractual safeguards.

6. Cookies and similar technologies

SIPVM’s website uses cookies and similar technologies to ensure proper operation and to analyze usage.
Non-essential cookies (such as analytics or marketing cookies) are disabled by default and are activated only after obtaining explicit consent through the cookie management banner.
Users may modify their cookie preferences at any time.

7. Disclosure and third-party service providers

Personal information may be disclosed to service providers or partners acting as processors when required to deliver services.
When personal information is hosted or processed outside Québec or Canada, SIPVM conducts a privacy impact assessment and ensures that appropriate contractual and technical safeguards are in place.

8. Retention and destruction

Personal information is retained only for the period necessary to fulfill the purposes for which it was collected, or as required by applicable laws.
At the end of retention periods, personal information is securely destroyed, anonymized, or archived in accordance with SIPVM’s internal policies.

9. Information security

SIPVM implements appropriate administrative, technical, and organizational security measures to protect personal information against unauthorized access, loss, misuse, or disclosure.

10. Confidentiality incidents

SIPVM maintains a confidentiality incident register and applies a formal incident management process.
Any incident presenting a serious risk of harm is reported in accordance with applicable legal requirements.

11. Rights of individuals

Subject to legal exceptions, individuals may:

  • Access their personal information
  • Request rectification of inaccurate information
  • Withdraw consent where applicable
  • File a complaint regarding the handling of personal information

Requests must be submitted to the PCPPI and will be processed within a maximum of 30 days.

12. Updates to this policy

This Privacy Policy may be updated to reflect legislative or operational changes. The most recent version is always available on SIPVM’s website.

13. Contact

For any questions regarding this Privacy Policy or the protection of personal information, please contact the Person in Charge of the Protection of Personal Information using the details provided above in section 2.