Privacy policy

  1. Background is a company incorporated in Quebec that processes personal information in the course of its activities.

The purpose of this policy is to ensure the protection of personal information and to govern the manner in which collects, uses, communicates, retains and destroys it or how it otherwise manages it. In addition, it aims to inform any interested person about how processes their personal information. It also concerns the processing of personal information collected by by technological means.

2. Application and definitions

This policy applies to, including its officers, employees, consultants, volunteers, as well as to any person who otherwise provides services on behalf of It also applies to the website of, as well as to all websites controlled and maintained by

It covers all types of personal information managed by, whether it is the information of its clients, potential or current, its consultants, its employees, its members or any other person (such as visitors to its websites or other).

For the purposes hereof, personal information¬† is information that relates to a natural person and that allows, directly or indirectly, to identify him. For example, this could include an individual’s name, address, email address, telephone number, gender or banking information, information about their health, ethnicity, language, etc.

Sensitive personal information is  information for which there is a reasonable expectation of privacy, e.g. health information, banking information, biometric information, sexual orientation, ethnic origin, political opinions, religious or philosophical beliefs, etc.

Generally, an individual’s business or business contact information¬† is not personal information, such as an individual’s name, title, address, email address or business telephone number. More specifically and for the sake of clarity, within the meaning of Qu√©bec’s Act respecting the protection of personal information in the private sector, and as of September 22, 2023, sections 3 (collection, use, disclosure), 4 (retention and destruction) and 6 (data security) do not apply to information of an individual relating to the exercise of a function in an enterprise,¬† such as name, title, position, and the address, email address and telephone number of their place of work.

These same paragraphs also do not apply to personal information that is public by law, as soon as this policy comes into force.

3. Collection, Use and Disclosure

As part of its activities, may collect different types of information for different purposes. The types of information that may collect, its use (or the intended purpose) and the means by which the information is collected are indicated in Appendix A of this policy. will also inform the persons concerned, at the time of collection of personal information, of any other information collected, the purposes for which it is collected and the means of collection, in addition to other information to be provided as required by law. applies the following general principles regarding the collection, use and disclosure of personal information:


        • In general, collects personal information directly from the person concerned and with his or her consent, unless an exception is provided for by law. Consent may be implied in certain situations, for example, when the individual decides to provide his or her personal information after being informed by¬† this Policy on Use and Disclosure for the purposes identified in this¬† Policy (see Appendix A for more details). Thus, this policy and the information it contains may be consulted by the person concerned at the time of collection of personal information.
        • Normally, must also obtain the consent of the person concerned before collecting his personal information from third parties, before communicating it to third parties or for any secondary use thereof. However, may act without consent in certain cases provided for by law and under the conditions provided for by law. The main situations in which may act without consent are indicated in the relevant sections of this policy.


        • In all cases, collects information only if it has a valid reason to do so. In addition, ¬†the collection will be limited only to that necessary ¬†information that is necessary to fulfill the intended purpose.
        • Please note that’s services and programs are not aimed at minors, and more generally, does not intentionally obtain personal information about minors (in these cases, the information cannot be collected from Azur Inc. without the consent of a parent or guardian).
        • Collection from Third Parties. may collect personal information from third parties. Unless otherwise provided by law, will seek the consent of the person concerned before collecting personal information concerning him or her from a third party. In the event that such information is not collected directly from the individual, but from another organization, the person concerned may request the source of the information collected from

In certain situations, may also collect personal information from third parties, without the consent of the person concerned, if it has a serious and legitimate interest in doing so and a) if the collection is in the interest of the person and it is not possible to do so from him in a timely manner,  or (b) if such collection is necessary to ensure that the information is accurate.

Also, may collect personal information, indirectly, in particular by:

        • Clover. Clover has its own terms¬†and privacy policy, which can be consulted for more information.
        • Global payments.¬†Global payments has its own terms and privacy policy, which can be consulted for more information.
        • Stripe. Stripe has its own terms and privacy policy, which can be consulted for more information.

This collection through third parties may be necessary to use certain services or programs, or otherwise to do business with When required, will obtain the consent of the person at the appropriate time.

Retention and Use:

        • ensures that the information it holds is up-to-date and accurate at the time it is used to make a decision regarding the person concerned.
        • may only use an individual’s personal information for the purposes indicated herein or for any other reason provided at the time of collection. As soon as wishes to use this information for another reason or purpose, a new consent must be obtained from the person concerned, which must be expressly obtained in the case of sensitive personal information. However, in certain cases provided for by law, may use the information for secondary purposes without the ¬†consent of the individual, e.g.:
          • where such use is clearly for the benefit of that person;
          • where necessary to prevent or detect fraud;
          • when necessary to evaluate or improve protection and security measures.
        • Limited access. must implement measures to limit access to personal information only to employees and persons within its organization who are qualified to read it and for whom this information is necessary in the performance of their duties. will seek the consent of the person before granting access to any other person.


        • Generally, and unless an exception indicated in this policy or otherwise provided for by law, will obtain the consent of the person concerned before disclosing his or her personal information to a third party. In addition, when consent is required and when it concerns sensitive personal information, must obtain the express consent of the individual before disclosing the information.
        • However, disclosure of personal information to third parties is sometimes necessary. Thus, personal information may be disclosed to third parties without the ¬†consent of the individual concerned in certain cases, including, but not limited to, in the following cases:
          • may communicate personal information, without the consent of the person concerned, to a public body (such as the government) which, through one of its representatives, collects it in the exercise of its powers or the implementation of a program under its management.
          • Personal information may be shared with its service providers to whom it is necessary to disclose the information without the individual’s consent. For example, these service providers may be event organizers, subcontractors of designated to carry out mandates in programs administered by and cloud service providers. In these cases, must have written contracts with these suppliers that indicate the measures they must take to ensure the confidentiality of the personal information communicated, that the use of this information is made only in the context of the performance of the contract and that they cannot keep this information after its expiry. In addition, these contracts must provide that suppliers must notify the person in charge of the protection of personal information of (indicated in this policy) of any breach or attempted breach of confidentiality obligations concerning the personal information communicated and must allow this person in charge to carry out any verification relating to this confidentiality.
          • If necessary for the purposes of concluding a commercial transaction, may also communicate personal information, without the consent of the person concerned, to the other party to the transaction and subject to the conditions set out by law.
        • Communication outside Quebec: Personal information held by may be disclosed outside Quebec, for example, when¬† uses cloud service providers whose server(s) are located outside Quebec or when does business with subcontractors located outside the province.

Additional information on the technologies used:

        • Use of cookies
          Cookies are data files that are transmitted to a website visitor’s computer by their web browser when they visit that site and can serve several purposes.

The websites controlled by use cookies including:

        • To remember visitors’ settings and preferences, e.g. for language selection and to enable tracking of the current session.
        • For statistical purposes to know the behavior of visitors, the content consulted and allow the improvement of the website.

Websites controlled by use the following types of cookies:

        • Session cookies: These are session cookies that are stored for the duration of the website visit only.
        • Persistent cookies: These are kept on the computer until they expire and will be retrieved the next time you visit the site.

Some cookies may be disabled by default and visitors may choose to activate these functions or not when consulting the websites of

It is also possible to enable and disable the use of cookies by changing the preferences in the settings of the browser used.

        • Use of Google Analytics

All sites under the control of use Google Analytics to enable continuous improvement. Google Analytics makes it possible to analyze how a visitor interacts with a website of Google Analytics uses cookies to generate statistical reports on the behaviour of visitors to these websites and the content viewed.

Information from Google Analytics will never be shared by with third parties.

It is possible to install a browser add-on to disable Google Analytics.

        • Other technological means used also collects personal information through technological means such as web forms integrated into a website controlled by (for example, its contact form, its membership form, its form to subscribe to the newsletter and seminars), questionnaires accessible online on its platforms and applications,  and other forms platforms or tools (e.g. Microsoft Forms).

If collects personal information by offering a technological product or service that has privacy settings, must ensure that these settings offer the highest level of confidentiality by default (cookies are not covered).

4. Retention and Destruction of Personal Information

Unless a minimum retention period is required by applicable law or regulation, will only retain personal information for the time necessary to fulfill the purposes for which it was collected.

The personal information used by to make a decision concerning an individual must be kept for a period of at least one year following the decision in question or even seven years after the end of the fiscal year in which the decision was made if it has tax implications, for example,  the circumstances of termination of employment.

At the end of the retention period or when the personal information is no longer needed, will ensure:

        1. destroy them; or
        2. anonymize it (i.e. it no longer irreversibly identifies the individual and can no longer be linked to personal information) for serious and legitimate purposes.

The destruction of information by must be done in a secure manner to ensure the protection of this information.

This section may be supplemented by any policy or procedure adopted by concerning the retention and destruction of personal information, if applicable. Please contact the Privacy Officer of (indicated in this policy) for more information.

5. Responsibilities of

In general, is responsible for the protection of the personal information it holds.

The person in charge of the protection of personal information of is the president of the organization. It must, in general, ensure compliance with applicable legislation concerning the protection of personal information. The head must approve the policies and practices governing the governance of personal information. Specifically, this person is responsible for implementing this policy and ensuring that it is known, understood and applied. In the event of the absence or inability to act of this person in charge, the president of the company will assume the functions of the person responsible for the protection of personal information. personnel who have access to personal information or are otherwise involved in its management must ensure its protection and comply with this policy.

The roles and responsibilities of Azur Funeral Services Inc. employees throughout the life cycle of personal information may be specified by any other policy of in this regard, if applicable.

6. Data security is committed to implementing reasonable security measures to ensure the protection of the personal information it manages. The security safeguards in place include, among other things, the purpose, amount, distribution, medium and sensitivity of the information. Thus, this means that information that qualifies as sensitive (see definition in Section 2) will need to be subject to greater security measures and better protection. In particular, and in accordance with what was mentioned above regarding limited  access to personal information, must put in place the necessary measures to impose constraints on the rights to use its information systems so that only employees who must have access to them are authorized to access them.

7. Rights of access, rectification and withdrawal of consent

To assert their rights of access, rectification or withdrawal of consent, the person concerned must submit a written request to  this effect to the person in charge of the protection of personal information of, at the email address indicated in the following section.

Subject to certain legal restrictions, the individuals concerned may request access to their personal information held by and request its correction in the event that it is inaccurate, incomplete or ambiguous. They may also require the cessation of the dissemination of personal information concerning them or that any hyperlink attached to their name allowing access to the information by technological means be deindexed, where the dissemination of the information contravenes the law or a court order. They may do the same, or require that the hyperlink to access this information be re-indexed, when certain conditions set out in the law are met.

The person in charge of the protection of personal information of must respond in writing to these requests within 30 days of the date of receipt of the request. Any refusal must be justified and accompanied by the legal provision justifying the refusal. In these cases, the response must indicate the remedies under the law and the time limit for exercising them. The person in charge must help the applicant understand the refusal if necessary.

Subject to applicable legal and contractual restrictions, individuals may withdraw their consent to the disclosure or use of the information collected.

They may also ask what personal information is collected from them, the categories of persons at who have access to it and how long they will be kept.

8. Complaint Process


Anyone wishing to file a complaint regarding the application of this policy or, more generally, the protection of their personal information by, must do so in writing by contacting the person in charge of the protection of personal information of, at the email address indicated in the following section.

The individual must indicate his name, his contact information, including a telephone number, as well as the subject and reasons for his complaint, giving sufficient details so that it can be evaluated by If the complaint is not sufficiently specific, the Privacy Officer may request any additional information it considers necessary to assess the complaint.

Treatment undertakes to treat any complaint received confidentially.

Within 30 days of receipt of the complaint or following receipt of any additional information deemed necessary and required by the person in charge of the protection of personal information of in order to process it, the latter must assess it and provide a written reasoned response by email to the complainant. This evaluation will determine whether the processing of personal information by complies with this policy, any other policies and practices in place within the organization and applicable legislation or regulations.

In the event that the complaint cannot be dealt with within this period, the complainant must be informed of the reasons justifying the extension of the time limit, the progress made in dealing with his complaint and the reasonable time required to be able to provide a definitive response. must establish a separate file for each complaint addressed to it. Each file contains the complaint, the analysis and documentation to support its assessment, as well as the response sent to the person making the complaint.

It is also possible to file a complaint with¬† the Commission d’acc√®s √† l’information du Qu√©bec or any other privacy oversight body responsible for enforcing the law concerned by the subject matter of the complaint.

However, invites all interested persons to first contact their person responsible for the protection of personal information and to wait until the end of the processing process by

9. Approval

This policy is approved by the person in charge of the protection of personal information of, whose business contact information is as follows:

Privacy Officer:

Denis Lachance

260 St-Michel Road

Crabtree, Quebec

J0K 1B0

For any requests, questions or comments under this policy, please contact the person in charge by email at

10. Publication and changes

This policy is published on the website of, as well as on all websites controlled and maintained by, to which this policy applies, with respect to the personal information collected therein. This policy is also disseminated by any means likely to reach the persons concerned. reserves the right to modify this policy at any time. must also do the same for all changes to this policy, which must also be the subject of a notice to inform the persons concerned.

*Notes: Please note that the use of the masculine gender is intended to streamline and facilitate the reading of this policy.

Table of versions and changes:

Version Effective Changes since the last version
1.0 August 23, 2023 N/A ‚Äď First Version

Appendix A

The following is a non-exhaustive list of the types of information that may collect, its use, or the intended purpose, as well as the means by which the information is collected. Thus, this includes, but is not limited to, the following.

Please note that most of the personal information managed by is information of clients, personal employees, job applicants and consultants.

Relationship with, services, program, etc. Type of Personal Information End of collection / uses



How information is collected (means)
Any of these information, where necessary: Used for: The following may be collected:
Clients and deceased
  • name
  • Address
  • phone number
  • email
  • Banking Information
  • sex
  • Date of birth
  • certain health problems
  • Weight
  • Place of birth
  • Place of registration of birth
  • Parents’ names
  • Place of death
  • Date of death
  • Marital status
  • Spouse Information
  • Marriage Information
  • Information on the registrant
  • Information on participation/registration in different public plans
  • Social Insurance Number
  • establish and manage client relationships (and obtain a means of communication)
  • provide a service in compliance with applicable laws
  • gather information as part of a program (e.g., pre-arrangements without payouts)
  • respond to a request for information in our sphere of activity
  • know the preferred language of communication
  • ensure payment of costs related to services or programs
  • Subscribe to the newsletter of
  • by means of web forms integrated into a website controlled by, questionnaires accessible online on its platforms and applications, as well as other platforms or technological tools of forms.
  • by email (directly or through a document or other type of attached form)
  • from third parties (e.g. Clover, Global Payment, Stripe, CallRaill)
Job applicants and employees
  • name
  • phone number
  • email
  • Banking Information
  • Social Insurance Number
  • Date of birth
  • address
  • managing communications with the candidate or employee
  • Keeping the payroll system running
  • by email
  • by phone
  • name
  • phone number
  • email
  • Banking Information
  • address
  • management of communications with the consultant
  • Invoicing
  • by email (directly or through an attached document: Word, PDF, etc.)
Service Providers
  • name
  • phone number
  • email
  • Banking Information
  • tongue
  • management of mandates
  • payment of invoices,
  • know the languages in which they can provide services
  • by means of Web forms integrated into a website controlled by
  • by email
Réseau (ecosystem players)
  • name
  • phone number
  • email
  • bank details (when required)
  • tongue
  • Future Communications
  • Registration for activities organized by and cybersecurity expertise portals
  • surveys
  • the creation of databases for these future communications and to learn about the network’s expertise
  • know the preferred language of communication
  • through web forms integrated into a website controlled by and other platforms or technological tools (e.g. Microsoft Forms)
  • from third parties (e.g. Eventbrite and for bank details)
Partners of
  • name
  • phone number
  • email
  • bank details (when required)
  • establish the partnership (signing partnership agreements)
  • Collaboration
  • by email (directly or through a document or other type of attached form)