Confidentiality Policy and data security

If you have any questions or concerns about our confidentiality policy, please contact us at:


At INTEGRIM, we attach paramount importance to protecting the privacy and security of our customers’ data and our commitment to transparency is fundamental.

Within this confidentiality policy, we will use the following terms to clarify the various parties involved:


Refers to our company INTEGRIM and our SenSaaS! software solution.


Companies with whom we have a contractual agreement for the use of our services.


Parties who use SenSaaS! services via our customers. They include our customers’ employees, partners and customers.

Third parties

The parties we work with to deliver agreed services to our customers and their beneficiaries.

Data collection

As part of our confidentiality policy, please note that we collect different types of data:

Online data collection

When you visit our website or interact with our sales team, we collect information such as your IP address, your browsing history, the pages you view, as well as the information you choose to share with us during these interactions.

By accessing our website, you consent to the collection and processing of your data in accordance with our confidentiality policy.

Administrative data

For our customers and their beneficiaries to access the SenSaaS! platform, the only information required is a name and e-mail address.

Customer and beneficiary data

In the course of their operations, our customers may expose personal information about their beneficiaries in order to confirm or complete a transaction or operation. This information varies depending on the nature of the platform used.

For example :
T&E module: The employee who submits an expense report with an invoice that contains his or her home address.
Document management module: The doctor who submits his patient’s medical file so that his claim can be reimbursed by the government.



The Customer warrants that all Beneficiaries whose personal data is shared with the Supplier have given their informed and free consent to the processing of their personal data by the Supplier for the purposes set out in this Agreement. The Customer undertakes to inform the Beneficiaries of the purposes of the processing of their personal data by the Supplier.

The Supplier shall not be liable for any consequences resulting from the Customer’s failure to obtain the appropriate consent from the Beneficiaries. The Customer agrees to indemnify and hold harmless the Supplier for any claim, loss or damage resulting from the Customer’s failure to obtain valid consent. The same shall apply to any claim against the Supplier that may arise even if a valid consent of the Beneficiaries had first been obtained by the Customer.

The Customer undertakes to inform the Supplier immediately in the event of revocation of consent by any of the Beneficiaries, and to take all necessary measures to comply with such revocation.

Finality Policy

Personal data collected by INTEGRIM (hereinafter referred to as “the Provider”) will be used strictly for the purposes specified in the contract entered into between INTEGRIM and the Customer. The purposes of the processing of personal data are detailed in the said contract and may include, but are not limited to, the provision of the agreed services, the management of customer accounts, invoicing, and any other aspect necessary for the performance of the contract.

INTEGRIM undertakes not to use personal information for purposes other than those explicitly stated in the contract, except with the prior consent of the Customer or in compliance with applicable laws and regulations.

Personal information will not be disclosed to third parties without the explicit consent of the Customer, except in cases where disclosure is required by law or by a competent authority.
INTEGRIM will implement appropriate security measures to protect personal information against unauthorized access, disclosure, alteration or destruction.

Any subsequent modification of the purposes of personal data processing will require mutual agreement between INTEGRIM and the Customer, and will be formalized by an amendment to the contract.

The Customer is invited to carefully examine the purposes of personal data processing foreseen in its SenSaaS! system and to contact INTEGRIM for any further questions or clarifications.

Data Security Policy

Data Security Policy

Confidentiality and Integrity: INTEGRIM is committed to maintaining the confidentiality and integrity of personal data collected. All information will be treated with the utmost care and protected against unauthorized access, disclosure, alteration or destruction.
If you have any questions or concerns, wish to exercise your rights or make a complaint to us, you can contact us at

Security Measures: INTEGRIM has implemented appropriate security measures to protect all customer data, including, but not limited to, access controls, firewalls, regular backups and security audits. INTEGRIM is committed to keeping these measures up to date with industry best practices.

Restricted access: Access to data is restricted to INTEGRIM employees and subcontractors who require access in order to perform the contract. All authorized users will be informed of their confidentiality responsibilities.

Training and Awareness: INTEGRIM regularly shares data security best practices with its staff and promotes security awareness throughout the organization.

Notification of leaks : In the event of data leaks entailing a risk, INTEGRIM shall immediately notify the Customer in accordance with the legal provisions in force.

Subcontracting: If INTEGRIM uses subcontractors to process personal data, these subcontractors will be subject to security standards similar to those set out in this policy.

Legal Compliance: INTEGRIM undertakes to comply with all applicable data protection laws and regulations, including Quebec’s Bill 25.

If you have any questions or concerns about our confidentiality policy, please contact us at:

Data retention policy

Retention periods: Data retention periods are determined contractually and according to the nature of the data and legal requirements.

Secure Destruction: At the end of the retention period, or when the data is no longer required for the purposes specified in the contract, INTEGRIM undertakes to securely destroy customer data in order to prevent unauthorized access.

Requests for extended retention : If the Customer wishes extended retention of data beyond the period specified in the contract, an explicit written request must be submitted. INTEGRIM will evaluate the request and implement it in accordance with legal requirements.

Extraction: If the Customer wishes to extract his data for storage elsewhere, this can be requested.






ISO 27001






Would you like to learn how we can help your organization increase productivity and efficiency by simplifying and automating your business processes?


What’s new in document management? How does it impact your business? Visit our blog to know the information you need to improve your operations