Confidentiality Policy and data security

At INTEGRIM, we attach paramount importance to protecting the privacy and security of our customers’ data and our commitment to transparency is fundamental.

Within this confidentiality policy, we will use the following terms to clarify the various parties involved:

Refers to our company INTEGRIM and our SenSaaS! software solution.

As part of our confidentiality policy, please note that we collect different types of data:

When you visit our website or interact with our sales team, we collect information such as your IP address, your browsing history, the pages you view, as well as the information you choose to share with us during these interactions.

By accessing our website, you consent to the collection and processing of your data in accordance with our confidentiality policy.

For example :
T&E module: The employee who submits an expense report with an invoice that contains his or her home address.
Document management module: The doctor who submits his patient’s medical file so that his claim can be reimbursed by the government.

The Supplier shall not be liable for any consequences resulting from the Customer’s failure to obtain the appropriate consent from the Beneficiaries. The Customer agrees to indemnify and hold harmless the Supplier for any claim, loss or damage resulting from the Customer’s failure to obtain valid consent. The same shall apply to any claim against the Supplier that may arise even if a valid consent of the Beneficiaries had first been obtained by the Customer.

The Customer undertakes to inform the Supplier immediately in the event of revocation of consent by any of the Beneficiaries, and to take all necessary measures to comply with such revocation.

INTEGRIM undertakes not to use personal information for purposes other than those explicitly stated in the contract, except with the prior consent of the Customer or in compliance with applicable laws and regulations.

Personal information will not be disclosed to third parties without the explicit consent of the Customer, except in cases where disclosure is required by law or by a competent authority.
INTEGRIM will implement appropriate security measures to protect personal information against unauthorized access, disclosure, alteration or destruction.

Any subsequent modification of the purposes of personal data processing will require mutual agreement between INTEGRIM and the Customer, and will be formalized by an amendment to the contract.

The Customer is invited to carefully examine the purposes of personal data processing foreseen in its SenSaaS! system and to contact INTEGRIM for any further questions or clarifications.

Confidentiality and Integrity: INTEGRIM is committed to maintaining the confidentiality and integrity of personal data collected. All information will be treated with the utmost care and protected against unauthorized access, disclosure, alteration or destruction.
If you have any questions or concerns, wish to exercise your rights or make a complaint to us, you can contact us at confidentialite@integrim.com.

Security Measures: INTEGRIM has implemented appropriate security measures to protect all customer data, including, but not limited to, access controls, firewalls, regular backups and security audits. INTEGRIM is committed to keeping these measures up to date with industry best practices.

Restricted access: Access to data is restricted to INTEGRIM employees and subcontractors who require access in order to perform the contract. All authorized users will be informed of their confidentiality responsibilities.

Training and Awareness: INTEGRIM regularly shares data security best practices with its staff and promotes security awareness throughout the organization.

Notification of leaks : In the event of data leaks entailing a risk, INTEGRIM shall immediately notify the Customer in accordance with the legal provisions in force.

Subcontracting: If INTEGRIM uses subcontractors to process personal data, these subcontractors will be subject to security standards similar to those set out in this policy.

Legal Compliance: INTEGRIM undertakes to comply with all applicable data protection laws and regulations, including Quebec’s Bill 25.

Secure Destruction: At the end of the retention period, or when the data is no longer required for the purposes specified in the contract, INTEGRIM undertakes to securely destroy customer data in order to prevent unauthorized access.

Requests for extended retention : If the Customer wishes extended retention of data beyond the period specified in the contract, an explicit written request must be submitted. INTEGRIM will evaluate the request and implement it in accordance with legal requirements.

Extraction: If the Customer wishes to extract his data for storage elsewhere, this can be requested.