Our Commitment to Privacy
Quantum Management Services Limited provides recruiting solutions to our clients and career opportunities to our candidates.
Our head office is located at:
2000 McGill College Avenue
Montreal, Quebec, H3A 3H3
We are committed to protecting the privacy of customers’ and employment candidates’ (hereinafter collectively referred to as “Clients”) personal information by complying with the respective privacy laws and regulations of the provinces of Quebec and Ontario, Canada.
In this policy, “Personal Information” means any information about an identifiable individual with the exception of the name, title or business address or telephone number of an employee of an organization:
- Age, name, ID numbers, income or ethnic origin
- Opinions, evaluations, comments or disciplinary actions
- Employee files, medical records, existence of a dispute, intentions (i.e. to change jobs)
Standard – The Principles of Fair Information Practices
We are responsible for protecting Clients’ Personal Information under our control, including Personal Information that we transfer to our subsidiaries, affiliates, agents, contractors and dealers for contract management, administration and other reasonable business purposes.
- Our Privacy Officer has been designated to oversee compliance with this Policy. We may delegate other individuals to act on our behalf or to perform certain functions of our Privacy Officer or to take responsibility for managing the day–to–day collection and processing of Personal Information.
- We use appropriate contractual agreements or other means to require third parties to which we transfer Personal Information to provide a comparable level of protection to that which we provide Personal Information.
- We have implemented procedures to give effect to this Policy, including:
- procedures that govern the collection, storage, use, disclosure, protection and accuracy of Personal Information;
- procedures that analyze new initiatives that may affect Personal Information;
- procedures to receive and respond to inquiries and complaints;
- procedures to provide individuals with access to their Personal Information and, where warranted, to correct that Personal Information; and
- training and communicating information to employees about our privacy policies and practices.
Identifying Purposes for which Personal Information Is Collected
The purpose of this Policy is to help Clients understand the practices that we have implemented regarding the collection, storage, use, disclosure, protection and accuracy of Personal Information that we collect and control. This Policy balances a Client’s right to privacy with our need to collect, use and/or disclose the Personal Information for legitimate business purposes.
We identify the purposes for which we collect, use and disclose Personal Information (“Identified Purposes”) at or before the time of collection from a Client and will collect only information necessary for the Identified Purposes.
- We collect Personal Information from our Clients for the following purposes:
- to evaluate a customer’s credit application and eligibility for credit;
- to perform activities related to contract management and administration such as credit, billing, collection and service;
- to conduct reference checks necessary to assist employment candidates with their job search;
- to market and promote services to Clients; and
- to meet legal and regulatory requirements.
- We will provide the Identified Purposes to the Client orally, electronically or in writing at or before the time Personal Information is collected. On request, persons collecting Personal Information from Clients on our behalf will explain the Identified Purposes or refer Clients to an employee of ours to explain the purposes.
- As required by law, we will identify to the Client any new purposes for using or disclosing his or her Personal Information prior to such use or disclosure.
We make reasonable efforts to ensure that Clients understand how we use and disclose Personal Information. We obtain the consent of the Client for the collection, use, or disclosure of Personal Information, except in circumstances where such collection, use or disclosure is permitted or required by law.
- We obtain consent from the Client for the collection, use or disclosure of Personal Information, primarily in the form of a Credit Application and Acknowledgement and Consent form. We may seek Consent in other ways, such as electronic enrolment forms, survey forms and by facsimile, electronic mail and telephone conversations. The form of consent, including whether it is express or implied, or oral or written may vary depending upon the circumstances and the type of information involved, including the sensitivity of the information.
- Generally, we will seek consent for the use and/or disclosure of Personal Information at the time of its collection. In certain circumstances, consent may be sought after we collect the Personal Information, but before it is used or disclosed, for example, when we want to use Personal Information for a purpose not previously identified to the Client.
- Clients may withdraw their Consent for any of the Identified Purposes at any time, subject to legal and/or contractual restrictions and reasonable notice. Clients may contact any one of our Branch offices for more information regarding the implications of such withdrawal.Exemptions to consent include:
- Information contained in a witness statement and necessary for an insurance claim.
- Information produced in the course of employment (work product).
Personal Information will be limited for the purposes set out in this Policy. Information will be collected by fair and lawful means.
Limiting Use, Disclosure, and Retention
We do not use or disclose Personal Information for purposes other than those for which it is collected, except with the consent of the Client or as required or permitted by law.
Transfer/Disclosure of Personal Information
- We will not sell any Personal Information provided by a Client.
- We may transfer or disclose Personal Information, subject to having obtained a Client’s consent, as follows:
- to our subsidiaries and affiliates for contract management and administration;
- to credit/consumer reporting agencies, and/or financial institutions for the purposes of extending credit to a customer;
- to agents, contractors, or individuals employed by or under contract with us to perform reasonable business functions on our behalf, such as but not limited to contract management and administration;
- to a government institution or part of a government institution, if we have reasonable grounds to believe that there is imminent danger to life or a contravention of the law involving property which is being or is about to be committed;
- in connection with a corporate merger, consolidation, sale of substantially all assets, or other fundamental corporate change; and
- as required by law.
Exemptions to disclosure include:
- Information requested to be communicated to next of kin or authorized representative of an injured, ill or deceased individual.
- Information requested in order to perform policing services. (Disclosure of information without consent required for policing/law enforcement purposes, or to government institutions, will be provided as long as the lawful authority has been identified).
Retention of Personal Information
We retain Personal Information only as long as necessary for the Identified Purposes; as required by law; where the Personal Information has been used to make a decision about a Client, long enough to allow the Client access to the information for a reasonable period of time after the decision has been made; and where the Personal Information is the subject of a request from a Client, for as long as is necessary to allow the Client to exhaust any recourse the they may have under the law.
We keep Personal Information as accurate, complete, and up–to–date as is necessary for the identified purposes so as to minimize the possibility of using incorrect information about a Client.
- We update the Personal Information about a Client in our possession or control as it is made available to us by the Client, and only if the information is necessary to fulfill the Identified Purposes.
- Clients or their agents are responsible for informing us about changes to Personal Information that are necessary to fulfill the Identified Purposes, such as but not limited to; changes to name or address, telephone number, banking information, etc.
- We will not routinely update Clients’ Personal Information, unless current information is necessary to fulfill the Identified Purposes.
We protect Clients’ Personal Information with security safeguards appropriate to the sensitivity of the Personal Information.
- We protect Clients’ Personal Information (regardless of the format in which it is held) against lost or theft and unauthorized access, disclosure, copying, use, or modification, through appropriate safeguards which include:
- physical measures; for example, locked filing cabinets and restricted access to offices, access cards, shredding procedures, etc;
- organizational controls; for example, staff training, access limited to a need–to–know basis, visitor sign-in/escorting policy, privacy management – officer, privacy compliance audits, confidentiality agreements, etc., and,
- technological tools; for example, the use of passwords and firewalls, remote workstations practices, etc.
- We ensure our employees are aware of the importance of maintaining the security and confidentiality of Clients’ Personal Information and restrict their access to Clients’ Personal Information to information they need to know in connection with their duties and in order to fulfill the Identified Purposes.
- We dispose of and destroy Client’s Personal Information with care, in order to prevent unauthorized parties from gaining access to the information.
We also protect customers’ Confidential Information. It is understood that candidates placed by Quantum on temporary assignment at our customers’ premises may have access to Confidential Information in order to carry out the duties required by their assignment. Quantum ensures that each candidate signs a confidentiality agreement prior to his or her assignment at any of Quantum’s customers.
Openness and Individual Access
Except in circumstances prescribed by law, upon written request, we will give Clients access to their Personal Information and an account of its use and disclosure.
- Clients can inquire and request access to Personal Information held by us, by requesting from our Privacy Officer at the address provided below, completing and returning a Personal Information Request to our head office. Clients making requests in respect to Personal Information we are holding should be as specific as possible with respect to the information that is the subject of their request.
- We will respond to Clients’ requests for Personal Information not later than thirty (30) days (the “Notice Period”) after receipt of a written request. We may extend the Notice Period another thirty (30) days when:
- responding within the Notice Period would unreasonably interfere with our business activities; or
- the time required to undertake any consultations necessary to respond to the request would make the Notice Period impractical to meet,
- it is necessary to remove personal information about a third party, sensitive or confidential business information about Quantum, or, any other information that Quantum is required or permitted by law to remove.
- It is determined that Clients’ Personal Information which is held by Quantum is inaccurate or incomplete, appropriate amendments or annotations to the information will be made.
- We will respond to each such request:
- at no cost to the Client; or
- at a minimal cost to the Client where we provide the Client with an estimate of the approximate cost within the Notice Period. Upon receipt of the estimate, the Client must advise us within the Notice Period, if he or she wishes to continue with the request. Where the Client does not advise us within the Notice Period that he or she wishes to continue with the request, we will deem the request withdrawn.
- In our response to a Client’s request for Personal Information we will inform the Client whether or not we hold Personal Information about the Client and where the Client requests the information and it is reasonably possible to provide it, we will provide:
- the source of the information;
- an account of the use that has been or is being made of the information; and
- a list of organizations to which we have, or may have, disclosed the information
- If a Client successfully demonstrates the inaccuracy or incompleteness of Personal Information, we will amend the information as required. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question. If a challenge is not resolved to the satisfaction of the Client, we will record the substance of the unresolved challenge. When appropriate, the existence of the unresolved challenge will be transmitted to third parties having access to the information in question.
Quantum may refuse access to Personal Information if the information was generated in the course of a formal dispute resolution process.
Challenging Compliance and Complaint Resolution
We have procedures in place to receive and respond to Client challenges or complaints about the handling of his or her Personal Information or this Policy and our practices relating to this Policy.
- Clients who have further inquiries regarding their Personal Information or who wish to challenge our compliance with this Policy, may contact our Privacy Officer in writing at the address listed below:
Quantum Management Services Limited
2000 McGill College Avenue
Montreal, Quebec, H3A 3H3
We investigate all written complaints. If we find a complaint to be justified, we will take all appropriate measures, including, if necessary, amending our policies and practices.
Standard – Breach Reporting and Notification
Quantum will report to the Commissioner any material breach of security safeguards involving personal information under its control, depending on and taking into consideration factors such as sensitivity of personal information, number of individuals involved and whether the breach was a systematic or security failure.
Quantum will notify the individuals of any breach of security safeguards that poses a “real risk of significant harm.” The notification will be made as soon as is feasible once confirmation has been made.
CNESST Permit No.: AP-2000414