Privacy Policy

Privacy Policy

Groupe CIMA+ Inc and its subsidiaries (“CIMA+”) is committed to maintaining the privacy and security of your personal information (“Personal Information”) and complying with relevant data protection legislation. Please take the time to read this Privacy Policy, as it provides information about the types of Personal Information CIMA+ may collect and how it is used and protected. This Privacy Policy on any of the CIMA+ websites should be read in conjunction with CIMA+’s website Terms of Use.

About us

As a global professional services firm, CIMA+ acts as a data controller for the Personal Information provided by clients, business partners, and other individuals, including website users and job applicants who access the CIMA+ “Careers” website (“Data Subjects”). If you have any questions regarding the management of your Personal Information, please refer to the “Contact us” section below.

Collection and use of your personal information

The types of Personal Information that CIMA+ collects and processes about you depend on whether you are a potential or existing client or business partner, a CIMA+ website user or an applicant to a position within CIMA+. If you are providing CIMA+ with Personal Information about other individuals (for example, other people within your organization), please refer them to this Privacy Policy.

View the categories below to understand how CIMA+ collects and processes your personal information.

 

1. CIMA+ website users or persons interacting with CIMA+ on social media or by email

1.1. What information may CIMA+ collect?

  • Your name.
  • Company.
  • Title.
  • Email address.
  • Telephone number.
  • Your IP address.
  • Information obtained through our use of cookies (please refer to our Cookie Policy) and widgets.

1.2. How will CIMA+ collect your Personal Information?

  • Through requests or inquiries to CIMA+ through email, social media sites or affiliated blogs.
  • Through a subscription to a CIMA+ newsletter, blog, or other marketing-related communications.
  • Through your access to CIMA+ websites (cookies may be placed on your computer or mobile device).

1.3. What does CIMA+ use your Personal Information for?

CIMA+ uses the Personal Information it is provided with for legitimate business purposes, including marketing its services, engaging in business development activities, or as otherwise permitted by applicable law. The following are examples of the ways CIMA+ uses your Personal Information for business purposes:

  • To answer any inquiries or requests you make.
  • To further communicate with you on any matter relating to your inquiry or request.
  • To contact you about other CIMA+ information and services that may be of interest to you.

1.4. Who will CIMA+ share your Personal Information with?

CIMA+ will not sell, rent, or trade your Personal Information to any third party and will only share your Personal Information with:

  • Other CIMA+ entities.
  • Third-party service providers, who process data on CIMA+’s behalf or who facilitate or are outsourced one or more aspects of the operation of the websites or the business such as our website and software providers.
  • Specific third parties in the context of a merger, acquisition, or sale of all or a portion of CIMA+ assets. In such cases, due notifications, as required by law, will be made.
  • Third parties where CIMA+ is required by law, such as to comply with a subpoena, or similar legal process in any country where CIMA+ operates or to conduct any similar sharing permitted by applicable law.

2. Potential or existing clients or business partners

2.1. What information may CIMA+ collect?

  • Your name.
  • Title.
  • Company.
  • Email address.
  • Information gathered from public sources such as internet searches.

2.2. How will CIMA+ collect your Personal Information?

  • Through requests or inquiries to CIMA+ through email, social media sites or affiliated blogs.
  • Through a business event or conference.
  • In person (for example, if you provide your business card to a CIMA+ employee).
  • Provision of services for or otherwise contracting with CIMA+.
  • Through the development of business partnerships.
  • Upon your visiting CIMA+ offices, facilities or accessing CIMA+ systems.
  • Through direct contact with CIMA+ by telephone (voice over IP [VoIP] telephones may capture your Personal Information).
  • From public sources, such as internet searches, your company’s website, and social media sites (such as LinkedIn and Twitter through questions, answers and comments between you and CIMA+).

2.3. What does CIMA+ use your Personal Information for?

CIMA+ uses the Personal Information it is provided with for legitimate business purposes, including to enter or perform obligations under the contract CIMA+ holds with you, or to engage with clients and business partners, to deliver its professional services, or as otherwise permitted by applicable law. The following are examples of the ways CIMA+ uses your Personal Information for business purposes:

  • To provide professional services.
  • To engage you as a business partner.
  • To manage CIMA’s business relationship with you or your employer.
  • To comply with legal obligations.
  • To investigate and prevent fraud or misconduct.
  • To issue communications or billings around projects, contracts, or joint undertakings.
  • To pursue or contract for work.
  • To evaluate prospective service providers.
  • To answer questions and inquiries related to the services of either party.
  • To otherwise conduct everyday business activities, such as business development, business planning, strategic reviews, and statistical evaluation for reporting purposes.
  • To contact you about other CIMA+ information and services that may be of interest to you.

2.4. Who will CIMA+ share your Personal Information with?

CIMA+ will not sell, rent or trade your Personal Information to any third party and will only share your Personal Information with:

  • Other CIMA+ entities.
  • Specific third parties in the context of a merger, acquisition, or sale of all or a portion of CIMA+ assets. In such cases, due notifications, as required by law, will be made.
  • Third-party service providers, who process data on CIMA+’s behalf or who facilitate or are outsourced one or more aspects of the operation of the websites or the business. Third-party service providers include IT service providers, lawyers in connection with actual or threatened litigation, and auditors.
  • CIMA+ business partners who provide services to our clients.
  • CIMA+ clients where you are a business partner.
  • Third parties where CIMA+ is required by law, such as to comply with a subpoena, or similar legal process in any country where CIMA+ operates.
  • To third parties when it is reasonably believed that disclosure is necessary to protect people’s safety, security, rights, or property, or as otherwise permitted by applicable law.
  • To the police or financial crime and fraud detection agencies to investigate fraud or corruption, or to conduct any similar sharing permitted by applicable law.
  • To a government entity in response to a government request.

3. Potential or existing job applicants

CIMA+ collects and processes your Personal Information when you apply for a job at CIMA+, including applications made on the CIMA+ careers website. In accordance with applicable law, CIMA+ may keep the information you submit in connection with an application for employment for future consideration.

3.1. What information may CIMA+ collect?

  • Your name.
  • Adress.
  • Contact details.
  • Education background.
  • Employment history.
  • Reference or results of employment checks.
  • Your resume (CV).
  • Information obtained from your cover letter and in the context of your job application.

All information provided in job applications must be accurate and any errors may result in withdrawal of an offer of employment or termination of employment. When applying through CIMA+ careers webpages, you may delete or change your account by yourself at any time or you may request that CIMA+ do so by sending an email to the Privacy Officer.

3.2. How will CIMA+ collect your Personal Information?

  • Directly from you when you provide it in your resume (CV) or in the context of a job application. From CIMA+ careers webpages.
  • From references you provide.
  • From references received from third parties such as education institutions or your current or past employers.
  • From employment checks, including from publicly available sources, such as Google and LinkedIn.

3.3. What does CIMA+ use your Personal Information for?

CIMA+ uses the Personal Information it is provided with for legitimate business purposes, including to enter into an employment relationship with you, and because there is a legitimate business need to assess job applications or as otherwise permitted by applicable law. The following are examples of the ways CIMA+ uses your Personal Information for business purposes:

  • To consider your application and assess your suitability for the position applied for or for other suitable positions that might match your profile.
  • To check/obtain information or references about you from third parties.
  • To inform you of job opportunities, forums, actions or publications that might be of interest to you.
  • To review and assess CIMA+’s hiring policies, practices and statistics.

3.4. Who may CIMA+ share your Personal Information with?

CIMA+ will not sell, rent or trade your Personal Information to any third party and will only share your Personal Information with:

  • Other CIMA+ entities.
  • Specific third parties in the context of a merger, acquisition, or sale of all or a portion of CIMA+ assets. In such cases, due notifications, as required by law, will be made.
  • Third parties contacted by CIMA+ to verify your information and to obtain references such as your previous employers or education institutions.
  • Third-party service providers which CIMA+ uses as part of the job application process.
  • Third parties where CIMA+ is required by law, such as to comply with a subpoena, or similar legal process in any country where CIMA+ operates, or to conduct any similar sharing permitted by applicable law.

4. No selling of personal information

CIMA+ is a business-to-business company and does not sell Personal Information. CIMA+ does not distribute personal information it holds to outside parties for their direct marketing, or any other purpose, except as provided for in this Privacy Policy.

5. Protection of your personal information

CIMA+ employs reasonable and customary security measures and technologies to keep your Personal Information secure and protected against loss, misuse, and unauthorized access, disclosure, alteration and destruction. Where third party vendors process Personal Information on CIMA+’s behalf (e.g., payroll or outsourcing companies), specific security arrangements will be implemented, when required, through contractual arrangements with those organizations.

CIMA+ may use your email address to contact you about a security incident involving your Personal Information.

Email monitoring or blocking software may be used for security purposes and for compliance with CIMA+ policies.

6. Links to other websites

CIMA+ websites may also contain links to other websites or services which are outside CIMA+’s control and are not covered by this Privacy Policy. If you access or share data to other sites using the links provided, the operators of these sites may collect data on you, which they will use in accordance with their privacy policy, which may differ from ours. CIMA+ is not responsible or liable for the privacy standards and practices of third parties. Your use of such websites is at your own risk.

7. Social media

Any information you post or disclose on CIMA+’s social media or community forums (for example, Facebook, YouTube, Twitter, or other social media applications) is public. CIMA+ cannot control the use of information disclosed in social media platforms or CIMA+ community forums. Exercise caution when disclosing information on public platforms. Content posted in CIMA+’s community forums, including advice and opinions, represents the views of the individuals who post that content and CIMA+ does not bear any responsibility whatsoever for the posting of that content. CIMA+ does not necessarily endorse, support, verify, or agree with any content posted on our social media or community forums.

8. Social Media Widgets

CIMA+’s website may include social media widgets to directly access social media such as but not limited to Facebook, YouTube, LinkedIn, Instagram and Twitter. CIMA+’s website may also use another type of widgets in the form of buttons, such as the “Share” button. Social Media widgets are either hosted by a third party or hosted directly on CIMA+’s website. Your interactions with these widgets are governed by the privacy policy of the company providing it. These widgets may collect your IP address, which CIMA+ webpage you are visiting, and may set a cookie to enable the feature to function properly.

9. Cloud

CIMA+ may store your Personal Information in a cloud. This means that your Personal Information may be processed on CIMA+’s behalf by a cloud provider and could be stored in different locations around the world. CIMA+ makes use of organizational and contractual measures to protect your Personal Information and to impose appropriate security and data protection requirements on our cloud services providers, including the requirement that your Personal Information be processed exclusively for the purposes set out in this Privacy Policy.

10. Telephone calls

CIMA+ uses VoIP technology when you communicate with CIMA+ over the telephone. As your call will be relayed via the internet, CIMA+ cannot control where your data is processed.

11. Retention of Personal Information

CIMA+’s objective is to retain Personal Information as long as it is necessary and to comply with its legal and contractual obligations, as well as to resolve disputes, enforce agreements and in the case of litigation, or potential litigation.

12. Your rights as a data subject

CIMA+ will respect your rights as a data subject pursuant to applicable laws.

All requests regarding your Personal Information should be sent to the Privacy Officer.

CIMA+ will respond to such requests within thirty (30) business days of their receipt or within any other delay required or authorized by applicable law. CIMA+ will take reasonable steps to functionally correct or delete your Personal Information from CIMA+ database(s) upon request, although CIMA+ may keep a copy for archival purposes in compliance with applicable laws. Before CIMA+ provides you with any data, corrects any inaccuracies or deletes any data, CIMA+ may request additional information to verify your identity or otherwise help respond to your request.

13. Compliance

CIMA+ complies with this Privacy Policy as well as applicable laws, including the Canadian Personal Information Protection and Electronic Documents Act.

14. Contact us

If you have any questions, complaints or concerns about privacy or the security of your Personal Information, please contact the CIMA+ Privacy Officer. Where relevant or required, CIMA+ will collaborate with the appropriate regulatory authorities to resolve any complaints or issues regarding Personal Information.

15. Changes to this privacy policy

CIMA+ may need to make changes to this Privacy Policy from time to time to reflect any changes in data protection and privacy laws and to update you on CIMA+’s privacy practices.

This Privacy Policy was last updated in January 2022.

Outils d'accessibilités