Skip to main content

Privacy and Governance Policy

Espace M

Last updated: April 27, 2026
Privacy Officer (RPRP): Marc-André Cloutier

1. Scope of the Policy

This policy applies to all personal information collected and processed by Espace M, including that of our clients, our clients’ own customers (third-party data), as well as our employees and candidates.

2. Our Technology Ecosystem (Enterprise Security)

To ensure compliance with Law 25, Espace M prioritizes “Enterprise-grade” tools where data is contractually protected against being used to train public AI models:

  • Google Workspace (Enterprise): Including Gmail, Drive, Meet, and Gemini.

  • Advertising Platforms: Meta, TikTok, Google Marketing Platform (GMP), Amazon Advertising. We ensure that data sharing (e.g., audience lists, pixels) respects the consents obtained by our clients.

3. Personal Information of Employees and Candidates

We collect the data necessary for human resources management:

  • Recruitment: Resumes (CVs), cover letters, and test results.

  • Hiring: Social Insurance Numbers (SIN), void cheques, benefits files, and performance evaluations.

  • Access: This data is stored in secure environments (Google Workspace Enterprise) and is accessible only to authorized personnel (HR and Management).

4. Use of Data and Consent

We use data solely for:

  • Providing marketing services and fulfilling client contracts.

  • Managing the employment relationship.

  • Optimizing advertising campaigns via partner platforms.

5. Transfers Outside of Quebec and Subcontracting

In the course of our business activities, personal information may be transferred to platforms whose servers are located outside of Quebec (e.g., the United States).

  • Assessment: Before using any new tool (e.g., an AI or SaaS software), the Privacy Officer conducts a Privacy Impact Assessment (PIA) to verify that the provider offers adequate protection.

  • Contracts: We require Data Processing Agreements (DPA) with all our subcontractors.

6. Data Lifecycle: Retention and Destruction

  • Retention: Data is kept for the period required by legal obligations (e.g., 7 years for tax/payroll records) or for the duration of the contract.

  • Destruction: Once the retention period has expired, information is securely destroyed or anonymized.

7. Privacy Incident Management

Espace M maintains an official incident register.

Any employee who identifies a potential leak or unauthorized use (e.g., uploading sensitive data to an unapproved AI or sending an invoice to the wrong client) is obligated to inform the Privacy Officer immediately.

We commit to informing the relevant authorities and the affected individuals in the event of a risk of serious injury.

8. Your Rights

In accordance with Law 25, you have the right to access, rectify, withdraw consent for, and request the portability of your data. For any requests, please contact:

Marc-André Cloutier
marc-andre@espace-m.ca
(514) 730-8719

Privacy Policy

At Espace M, we place great importance on the protection of your privacy and personal data. Our privacy policy describes how we collect, use, and protect your information. It draws from the best industry practices and the requirements of Law 25 currently in effect in Quebec.

Collection of Personal Information

We collect certain personal details to enhance your experience on our website and provide you with quality services. The types of information we may collect include:

- Your first name
- Your mailing address
- Your postal code
- Your email address
- Your phone number

This information is collected through forms, interactions with our website, and the use of cookies for a better understanding of your use of our site.

Use of Personal Information

We use the personal information collected in several ways, including to:
- Provide you with personalized information and services
- Improve our website and services
- Respond to your comments and questions
- Contact you if necessary

Protection of Personal Information

We take the protection of your personal information very seriously. We have appointed Marc-André Cloutier, Operations Manager and agency partner, as our personal information protection representative, in accordance with Law 25.

Email: marc-andre@espace-m.ca
Phone number: (514) 730-8719

Right to Object and Withdraw

We offer you the opportunity to object to the use of your personal information for specific purposes or to remove it from our mailing lists. To exercise these rights, please contact our personal information protection representative at the contact details provided above.

Right of Access and Correction

You have the right to access your personal information and request its correction if necessary. Our personal information protection representative is available to assist you in exercising these rights.

Security

We use security measures, such as the SSL protocol, network monitoring software, computer backups, and firewalls, to protect your personal information. However, it's important to note that no system is completely risk-free.

Legislation

We comply with the Personal Information Protection Act and best practices in data privacy.

This privacy policy reflects our commitment to protecting your personal data, relying on the best practices of our partners and meeting the legal requirements of Quebec.