top of page

Confidentiality and Privacy Policy

At the Indigenous Health Centre of Tiohtià:ke, we attach great importance to protecting the personal information of our clients, employees and representatives. In accordance with the law on the protection of personal information in the private sector, we are committed to preserving the confidentiality of personal information collected in the course of our activities. The purpose of our privacy policy is to inform you about our practices regarding the collection, use, disclosure, retention and protection of your personal information. By providing us with your personal information, you agree to the terms of this policy and authorize us to process your information in accordance with it.

 

1. Consent

1.1 Commitment to the Protection of Privacy

We are committed to protecting the privacy of our users. We collect and use personal information only with their explicit consent and in compliance with applicable laws.

1.2 Acceptance of the Terms of our Policy

By accessing our website, https://ihct.ca/, or providing us with personal information, you agree to the terms of our privacy policy. This includes your consent to the collection and use of your personal information in accordance with this policy. 

 

1.3 Right to Withdraw Consent

You have the right to withdraw your consent at any time. However, this is subject to certain legal or contractual restrictions. We will inform you of the possible consequences of such withdrawal, such as the impossibility of supplying certain products or processing certain requests. Your decision to withdraw will be recorded in our files.

1.4 Exceptions to the Need for Consent

In certain exceptional circumstances, we may collect, use or disclose personal information without obtaining your prior consent. This may occur in situations where legal, medical or security imperatives make it impossible or impractical to obtain your consent. These situations include, but are not limited to, suspected breach of contract, fraud prevention or detection, or law enforcement purposes.

 

2. Collection of Personal Information

2.1 We collect personal information through various means, such as:

  • E-mails and communications with our employees

  • Online contact forms

  • Cookies and similar technologies on our website

  • Connected devices

2.2 We may also collect information from third parties, such as:

  • A technology service provider such as a newsletter service.

  • Consultants who provide part of the services we offer our users.

  • An online payment service provider to process financial transactions for donations.

  • A cloud company storing user data.

  • A digital marketing company analyzing user behavior on our website.

  • An IT security service provider that monitors threats and protects data.

2.3 We may use advanced technologies to collect personal information, in particular to identify, locate or profile our customers (for example, to create consumer profiles). However, we are committed to protecting the privacy of our clients:

  • Responsible use of technology: We use these technologies only to improve our services and better understand our customers' needs.

  • Activate functions: By default, these functions are deactivated to protect data confidentiality. Our users always have the choice of whether or not to activate these functions, according to their preferences.

We are committed to being transparent about our use of these technologies and to respecting our customers' privacy choices.

 

3. Types of Personal Information Collected

3.1 We collect various types of data, including but not limited to:

  • Personal details (name, postal address, e-mail address, telephone number)

  • Technical or numerical information (IP address, online activities)

  • Financial information (payment details)

  • Health data (weight, sex at birth, health history, lifestyle habits, medication)

  • Demographic data (age, ethnic origin, nationality, place of residence)

3.2 Children's Privacy

We do not knowingly collect or solicit personal information from children under the age of 14. By using our website, you represent that you are at least 14 years of age. If you are under 14, please do not attempt to send us any personal information. If we discover that we have inadvertently collected personal information from a user under the age of 14, we will attempt to delete that information from our files and records immediately. We also encourage website users under the age of 14 to ask their parents or guardians for permission before sending any information about themselves over the Internet.

 

If you believe that a child under the age of 14 has provided us with personal information, please contact us using the details provided in the following section.
 

4. Use of Personal Information

4.1 We use your personal information for a range of essential activities:

  • Answers to requests: To respond efficiently to your requests and queries.

  • Transaction management: process payments and issue receipts for completed transactions.

  • Registrations and participations: Manage your registrations for events, training courses, newsletters, downloads from our website, or participation in webinars.

  • Human resources management: For internal management and administration of human resources, recruitment, employment contracts and service agreements.

  • Improving the user experience: Operating, maintaining and improving our website, customizing your online experience, and providing requested services and information.

  • Marketing communications: information, special offers and relevant news, with the option of unsubscribing at any time.

 

These uses are intended to enhance your experience with our services and to facilitate efficient interaction with our organization.

4.2 We offer various options to allow you to control and limit the collection of your personal information. These options include:

  • Communication choices: You can choose to receive our communications by various means (telephone, SMS, e-mail), or to refuse them altogether.

  • Cookie management: Our site allows you to refuse or customize the use of cookies. Please note that blocking certain cookies may affect the accessibility and functionality of our site.

  • Granular consent: In most cases, when we collect information for specific purposes, you have the opportunity to consent only to certain uses of your data.

It is important to note that some of these options may limit your access to all features of our service. For example, by refusing certain cookies, some parts of our website may not function as intended, or by choosing not to create an account, certain personalization features may not be available.

5. Sharing and Disclosure of Personal Information

5.1 Personal information collected by our organization is accessible to specific categories of our staff and to certain partner organizations, in order to provide our products and services efficiently. For example:

  • Administration Staff: Access contact information to respond to requests and to use data for advertising campaigns.

  • IT Consultant: Accesses technical data for support and maintenance, information to ensure security and data protection against unauthorized access or cyber-attacks, and hosts data on secure servers, enabling information storage and retrieval.

  • Payment service providers: Access financial information for transaction processing.

  • Legal consultants: Use data to ensure compliance with applicable laws and regulations.

We ensure that this information is used exclusively for the stated purposes and in a confidential manner. Data transfers outside Quebec are carried out within the framework of international collaborations, while ensuring adequate protection of information in accordance with the laws in force.

6. Links to Other Websites

6.1 Our website may contain links to third-party websites.

When you follow these links, you leave our website. Information exchanged at that time is no longer subject to our privacy policy. We recommend that you read the privacy statements of other websites you visit before providing any information.

 

7. Security of personal Information

7.1 Security Measures to Protect Personal Information

To ensure the security and confidentiality of personal information, the Indigenous Health Centre of Tiohtià:ke adopts rigorous security measures, including both physical and technological aspects. Here are a few concrete examples:

  • Physical security: Use of electronic locking systems and security locks for access to offices, cupboards and filing cabinets, installation of surveillance cameras, and restricted access to areas where personal data is stored.

  • Access controls: Restrict access to personal data to authorized employees only.

  • Staff training: Regular staff training in data security best practices.

  • Data encryption: Protect sensitive data using advanced encryption techniques.

  • Intrusion detection and monitoring: Set up systems to monitor suspicious activity and detect potential intrusions.

  • Disaster recovery plans: Develop plans to rapidly restore data in the event of an incident such as an outage or cyber-attack.

These measures are designed to protect personal information from unauthorized access, use or disclosure, and to maximize its integrity and confidentiality. While we make every effort to protect your personal data, it is important to keep in mind that no method of transmission over the Internet or method of electronic storage is 100% secure. We therefore cannot guarantee their absolute security.

7.2 Staff and Board Commitments

Each employee, director, volunteer, independent contractor or ad hoc advisor working on our Board committees undertakes to respect the personal information we collect. In addition, these individuals undertake to maintain the confidentiality of information specific to our activities and not to divulge it or use it for personal gain or for the benefit of others. This commitment exists from the moment the employee, director, volunteer, independent contractor or ad hoc consultant takes up his or her post, and continues indefinitely.

8. Retention and Destruction of Personal Information

We will only retain your personal data for as long as is necessary for the purposes set out in this privacy policy. We will retain and use it to the extent necessary to comply with our legal obligations, to resolve disputes and to enforce our legal policies.

 

We will also retain usage data for internal analysis purposes. This data is generally kept for a shorter period, unless it is used to enhance the security or improve the functionality of our website, or we are legally obliged to keep it for longer.

 

9. Transfer of business or assets

If we become involved in a reorganization or dissolution, this may result in the transfer of your personal data to a third party. We will endeavor to protect your personal data and to inform you of any transfer to the extent required by applicable law.

10. Disclosure of your personal information

Your data, including your personal data, is processed at our operational offices and at any other location where the parties involved in such processing (such as our service providers) are located. This means that this information may be transferred to computers located outside your state, province, country or other governmental jurisdiction where data protection laws may differ from those in your jurisdiction. Consequently, in certain circumstances, foreign governments, courts, law enforcement agencies or regulatory bodies may be authorized to access personal data collected and held under our control.

 

By using our website, you consent to this transfer. We will take all necessary steps to ensure that your personal data is treated securely and in accordance with this privacy policy. No transfer of your personal data will take place to any organization or country without adequate controls in place, including with respect to the security of your personal data and other personal information.

 

Each employee, director, volunteer, independent contractor or ad hoc advisor working on our Board committees undertakes to respect the personal information we collect. In addition, they undertake to maintain the confidentiality of information specific to our activities, and not to divulge it or use it for personal gain or for the benefit of others. This commitment exists from the moment the employee, director, volunteer, independent contractor or ad hoc consultant takes up his or her post, and continues indefinitely.

 

11. Use of cookies

We use tracking technologies such as cookies, beacons and scripts to improve and analyze our website. We use temporary and persistent cookies for a variety of reasons, including to provide the services available on the website, to personalize the user experience and to track information about website traffic and usage.

 

Some cookies are essential to provide the services requested. We also use persistent cookies to remember user choices, such as language preferences, to enhance the user experience.

 

We also use persistent tracking and performance cookies to track information about website traffic and to test new pages, features or functionality on the website to observe user reaction. These cookies may be administered by third parties and may identify you directly or indirectly as an individual visitor.

 

You can set your browser to refuse cookies or to notify you when a cookie is being sent. However, please note that some parts of our website may not function properly if you refuse cookies.

 

12. Your rights

12.1 Recognizing and Respecting your Rights

As part of our privacy policy, we recognize and respect the fundamental rights of individuals affected by the personal information we hold. These rights include:

  • Right of access: Individuals have the right to consult the personal information we hold about them. For example, a patient or client may ask to see the data collected when registering for our service.

  • Right of rectification: If information is inaccurate or incomplete, data subjects may request that it be updated. For example, an employee may request that his or her incorrect postal address be corrected in our files.

  • Right to de-index: Individuals may request that their personal information be withdrawn from circulation, or that any hyperlink associated with their name be de-indexed, if such circulation causes them harm or is in violation of the law or a court order. This right to erasure or forgetting allows individuals to control the availability of their personal information on the Internet.

  • Right to file a complaint: In the event of concerns about the processing of their data, individuals may lodge a complaint in accordance with our established process.

Subject to applicable laws, upon receipt of a written request from an individual and after verification of his or her identity, we will inform the individual whether we hold personal information about him or her and will disclose such information to him or her.

We may refuse a person access to his or her information in accordance with applicable laws, in which case we will give reasons for our refusal.

To facilitate these rights, the contact details of our Privacy Officer are clearly indicated for any questions or concerns. These measures ensure that individuals can exercise their rights with confidence and transparency.

 

13. Policy Changes

This policy may be updated to reflect changes in our practices or legal requirements. Changes will be posted on our Web site. We encourage you to periodically review this privacy policy to stay informed of any changes.

14. Contact

Any requests or questions regarding this privacy policy may be sent to the person responsible for the protection of personal information at the following address

 

  • By e-mail: carrie@ihct.ca

  • By post: 2100 Marlowe Avenue, Suite 236, Montreal, Quebec  H4A 3L5, Tel.:  514-482-8557

 

 

Effective date of policy: May 20, 2025

Last update: September 17, 2025

bottom of page