Personal information

1. Scope of the policy

This policy applies to all employees and associates of FLC (hereinafter referred to as “FLC members”) when they collect, use, communicate, retain, or destroy Personal Information (PI) in the course of their duties at FLC. The life cycle of Personal Information is as follows:

Source :

2. Policy Objective

This policy aims to:

  • inform the public of the personal information (PI) that may be held by FLC
  • state the guiding principles that FLC has implemented to protect the PI it collects, in accordance with the requirements of the Act to modernize legislative provisions regarding the protection of personal information
  • and to mention the rights of the public with respect to the PI that concerns them.

Policy Update: On an ongoing basis, it may be modified from time to time in order to maintain compliance with the law and to take account of any changes in the collection-use-conservation-destruction and communication of PI.

3. Definitions

  1. Personal Information

Personal information is information that enables a natural person to be identified, either directly or indirectly. PI has a nature and is considered sensitive if it is: medical, biometric, otherwise intimate (financial (e.g. salary data, banking information, etc.), social insurance, RAMQ, etc.). PI is confidential by default (source:

4. Guiding Principles for PI Protection at FLC

a. Collection of PI and Consents

What does FLC collect?

  • FLC members do not collect PI from visitors to the website.
  • FLC members may collect PI directly from their customers/suppliers, as required for the purposes of their business, such as:
    • Contact details: surname, first name, e-mail address, home address, telephone number
    • IP addresses, in the specific context of online survey data processing
    • Economic information: Income strata, sales, production volume-types, surface area-livestock, other costs, number of employees, etc.
  • FLC members encourage their contacts not to provide them with more PI than originally requested. And they ensure that minors under the age of 14 do not provide them with PI.

Where do FLC’s PIs come from?

  • These PI can come from:
    • in the course of online consultations/and or surveys requested directly from the persons concerned, as part of a mandate. In this case, your PI is always used for study, research, or statistical purposes, and is de-personalized.
    • when you communicate directly with us (e.g. to establish a contract, to contact us (e.g. first name, surname, contact details, for an unsolicited application, for invoicing/payment of services, etc.).
    • or in the course of specific services (directly with the person concerned) specific agro-economic advice

How does FLC inform you about data collection?

  • At the time of collection, FLC members adequately inform all individuals of the collection of information concerning them, the use they will make of it, and to whom they will communicate their information for this purpose. FLC members make sure that the individual’s consent is freely given and informed before using or disclosing his or her information.

b. PI use and communication

What does FLC collect PI for?

  • FLC members use PI for the purposes specified at the time of collection, including:
    • Use for study, research, or statistical purposes. PI is de-identified.

To whom does FLC communicate the PI collected and what are your rights?

  • All FLC members have access to the data collected, except for those mandates deemed confidential (with restrictive access rights).
  • FLC members do not share PI outside the company.
  • In connection with a request for access, an individual may obtain disclosure of his or her personal information. In addition to disclosure, an individual may also request that information be corrected or deleted. This type of request must be made in writing to the person named in section 6 of this policy. FLC has 30 calendar days from receipt of your request to respond.

c. Retention and destruction of PIs

As part of their duties, FLC members may store PI on the FLC IT environment. A strategy for storing and destroying PI has been drawn up to ensure the security of PI.

5. How does FLC protect held PIs?

a. Assessment of privacy risks and implementation of measures

All FLC members must comply with the measures set out in this policy and in the risk management assessment manual on the protection of personal information.

b. Incident Management

By law, “Confidentiality Incident” means :

  • unauthorized access to personal information;
  • unauthorized use of personal information;
  • unauthorized disclosure of personal information;
  • the loss of personal information or any other breach in the protection of such information.

In the event of a confidentiality incident, FLC members must complete an incident log and follow the appropriate procedures.

6. Responsibilities

  • All FLC members are bound by confidentiality agreements at FLC and are required to comply with the measures identified in this policy, in FLC’s risk management manual, and in all other training documents provided by FLC under the Personal Protection Act.
  • For any questions, information concerning this policy, or to exercise your rights in relation to PI please contact: PI Protection Officer: Margot Potoczek: