Data privacy and security policy
We at Spiria put the highest priority on the security and privacy of the personal data of our clients, employees and suppliers, as well as of the people who contact us, who visit our Web site, or who, for any reason, share their personal data with us.
This Data Privacy and Security Policy for visitors of our Web site is part of our compliance measures process under the European General Data Protection Regulation (“GDPR”). The aim of this Policy is to outline why we collect personal data, when, and what we do with it. It also explains how you can access your personal data and have it corrected, if need be.
Please note that this Policy is subject to modifications and additions at any time to follow regulatory or technological developments, to clarify it or to strengthen your protection.
What Is Personal Data?
Personal data includes any information, of any type, relating directly or indirectly to an identified or identifiable physical person.
Personal data can include:
— Your contact details (name, email address, telephone number, etc.) when provided by you in order for us to respond to you.
— Your browsing preferences on our site, for example cookie settings or language selection.
— Information provided by you on your occupation, for example your job title or the name of your company.
— Technical information related to your Internet connection (Internet protocol address, IP) and to the settings of the device you use to browse our Web site (operating system, display resolution, browser, etc.).
— Information on your browsing path through our Web site (pages viewed, time spent on each page, links followed, etc.) and your interaction with some of its features, like data forms.
— Any comments you post on our blog or social networks like Facebook and LinkedIn.
— Any communication you may have through our Web site with our sales, customer relations, human resources or other teams.
We do not store any data relating to your private life, like date of birth, age, personal interests, political or religious affiliations, etc., as there is no reason to do so. Spiria only stores data relevant to a business-to-business relationship, in full compliance with regulations.
We do not use geolocation tools. However, your IP address can allow anyone who knows it to geographically pinpoint your connection location. You can keep this information confidential by using a proxy server (for example, the free VPN provided by the Opera browser).
How We Handle Personal Data
We store personal data when you interact with our Web site, for example when you fill out a form, sign up for our newsletter or apply for a position.
We may also collect personal information when you click on our messages and advertisements on third-party sites like Google Search, LinkedIn and Facebook.
The entity responsible for the handling of your data is the following:
Spiria Digital Inc.,
110, rue Jean-Talon Ouest, Montreal, QC H2R 2X1.
Tel. 514 272-0979.
Purpose of Data Collection
We can collect and process personal information for the following purposes:
— To respond to your queries, for example when you sign up for our newsletter, when you send a message to our sales representatives, when you apply for a position at Spiria, when you request a White Paper, etc.
Spiria is the recipient of your personal data and, as such, pledges not to trade it or share it. Your data may flow through, or be hosted by, IT subcontractors, for example, a company that manages our client relations system, or statistical services companies. These companies all comply with the same regulations as Spiria. We disclose the name and the privacy policies of these companies. Spiria monitors the full compliance of its suppliers and partners with the highest standards of data privacy, use and protection.
The data Spiria collects is not stored indefinitely. Rather, it is kept for a predetermined length of time depending on its purpose and according to regulatory requirements, in compliance with the GDPR, among other regulations. For example, we keep your email address for as long as you are signed up for our newsletter, while information on your cookie settings is deleted after 10 months.
Right to Access, Communicate and Correct Data
You have the right to access all of the personal data about you that we have stored. In order to ensure security and privacy, we may ask you to provide proof of identity before releasing this information.
You own the personal data relating to you. At any time, you may request that it be corrected, updated or permanently deleted. Permanent deletion of personal data is done to avoid its use for marketing purposes by Spiria, or for any other legitimate purpose. However, data pertaining to contracts between Spiria and its clients or suppliers cannot be deleted.
For any enquiry relating to your personal data, or to exercise your rights, please contact our Data Protection Officer: firstname.lastname@example.org.
Transfer to a Non-European Union Country
As Spiria is a Canadian company operating under Canadian law, the personal data you provide to us leaves the territory of the European Union. Likewise, Spiria uses IT subcontractors in the United States (see “Data Recipient”). Canada and the United States are recognized by the European Union as providing an adequate level of protection of personal data.
Spiria takes every technical and organizational measure necessary to ensure the security and privacy of the personal data you provide us with. We apply IT security best practices at every level to avoid any risk of loss, distortion, deterioration or misuse of data stored on our systems. Any staff authorized to access your data has received training on personal data privacy and protection.
Visiting Our Web Site
You can visit our Web site without providing personal data other than your IP address (which is unavoidable due to the nature of the Internet). You will never be compelled to provide us with any personal information.
Cookies on Our Web Site
Cookies do not allow you to be personally identified, but if you have previously contacted us and given us your identity (through a form, for example), then our client relation management system can correlate some cookies with your personal data.
|__cfduid||This cookie is defined by the CloudFlare service. It identifies individual clients behind a shared IP address and applies security settings on a per-client basis. This cookie does not collect identifying personal information and is essential to support the operation and security of the site.|
|languechoisie||This cookie is defined by Spiria. It is used to remember your choice of language during your visit on our site.|
|lang||This cookie is defined by LinkedIn. It is used to remember your choice of language.|
|CookieControl||This cookie is defined by Cookie Control. It saves your cookie preferences for 365 days.|
|phc-*||This cookie is defined by Spiria. It is used by our site counter to count the number of visits per page, without identifying end-users. This cookie is only valid during any given session and is deleted as soon as the browser is shut down.|
|wires||This cookie is defined by Spiria. It is used to count the number of times each page was displayed in either language. It allows us to quickly see which contents are the most interesting for our visitors.|
|__hstc||This cookie is used by Hubspot to track visits. It contains time-stamping information (first and last visit) and a session number.|
|_ga, _gid||These cookies are used by Google Universal Analytics, Google’s statistical analysis service. They are used to identify individual users by assigning a unique, randomly-generated number as a client identifier.|
|_gat||This cookie is used by Google Universal Analytics, Google’s statistical analysis service. It is used to reduce the number of queries and expires after 10 minutes.|
|_gat||This cookie is used by Google Universal Analytics, Google’s statistical analysis service. It is used to reduce the number of queries, which limits data collection on very busy Web sites. It expires after 10 minutes.|
|hjTLDTest||This cookie is used by HotJar, a service that allows us to see how visitors are using our Web site. It is used to identify the most generic path for other HotJar cookies and is deleted at the end of the test.|
|_hjAbsoluteSessionInProgres||This cookie is used by HotJar, a service that allows us to see how visitors are using our Web site. It is used to detect the first pageview session of a user.|
|_hjid||This cookie is used by HotJar, a service that allows us to see how visitors are using our Web site. It is used to persist the Hotjar User ID, unique to that site on the browser.|
|calltrk_landing, calltrk_nearest_tld, calltrk_referrer, calltrk_session_id||These cookies are defined by CallRail. They are used to identify visitors’ physical location in order to provide them with the appropriate phone number for Spiria.|
|_fbp||This cookie is defined by Facebook. It is used to target advertisements.|
|__hssc||This cookie is used by HubSpot, our client relationship management (CRM) and marketing tool. This cookie keeps track of the different sessions on the site.|
|_hssrc||This cookie is used by Hubspot. Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If the cookie doesn’t exist, HubSpot considers it is a new session.|
|hubspotutk||This cookie keeps track of a visitor’s identity. It is passed to HubSpot on form submission.|
Social Networking Cookies
|loc, uvc||These cookies are defined by AddThis. They support the operation of web widgets that allow visitors to create and share links on social networks.|
|__atrfs, __atuvc, __atuvs, at-rand||These cookies are defined by AddThis. They remember your identity in order to display the appropriate social media icons in the “Share” links.|
|wtc||This cookie is defined by AddThis. It is a geo-tracking cookie that allows to know where the users that share our information are located.|
Should you have any questions or require further information on the way that Spiria protects your data, or suggestions to enhance our Data Privacy and Security Policy, please do not hesitate to contact our Data Protection Officer at email@example.com.
Effective date of Policy: July 13, 2019. Latest update of Policy: March 17, 2020.