A confidentiality policy is a contract between the manager of a digital platform and the internet user who accesses it. With its Confidentiality Policy, the Conseil des arts et des lettres du Québec (CALQ) informs web users of its commitments with regard to the treatment of information, personal or otherwise, which is gathered either directly or indirectly on its website.
The CALQ considers assuring the integrity and protection of the personal information it gathers to fulfill its mission of great importance. It has undertaken and applied specific security measures to ensure the confidential nature of this information and demonstrate transparency in this regard. All personal information provided to the CALQ is protected under the dispositions of the Loi sur l’accès aux documents des organismes publics et sur la protection des renseignements personnels (L.R.Q., c. A-2.1) (An Act respecting the protection of personal information in the private sector L.R.Q., c. A-2.1) and any other applicable laws.
To facilitate comprehension of the following document, here is a glossary of the principal terms employed.
Authorized person: A CALQ employee authorized to access in whole or in part the personal information required to carry out his duties.
Cookie: A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information about you.
Domain name: The part of an internet address that specifically identifies the website registered by an organization.
IP Address: A computer’s Internet Protocol number composed of four sets of numbers (ex: 188.8.131.52) which is assigned for precise identification of a device on the Internet.
Log file: A plain text file that lists every request made to the web server, allowing for analysis of the volume of events logged by the server.
Person concerned: A natural person that a piece of personal information allows to identify.
Personal information: Any information allowing for the identification of an individual.
General information collected when accessing the website
When a visitor accesses the CALQ’s website, there is an automatic exchange of information between their computer and the website’s server. This exchange is necessary so that the server can transmit a file to the visitor that is compatible with the computer equipment they’re using.
The data transferred automatically between computers doesn’t enable personal identification of the visitor. It is collected due to the technological demands inherent in navigation on the web, and is saved in log files for security purposes. These files may be needed for legal investigations and are not used for any other purposes.
The communication between the visitor’s computer and the CALQ website’s web server is established through the Secure Socket Layer (AES 256 bits) protocol, which ensures a secure link.
The following information is transferred:
- the domain name of the internet service provider and the IP address used by the visitor to access the CALQ’s website;
- the type of browser and operating system used to access the site;
- the date and time a visitor accesses the site;
- the pages visited on the site.
The CALQ makes use of a web monitoring program recommended by the Centre de services partagés du Québec to gather visitor usage statistics for its website, such as the number of visitors, visitors to each page, average number of pages viewed on each visit and the technology used by the CALQ’s clientele. This compilation of data does not contain any personal information; it allows the CALQ to measure the interest in its services as well as to optimize navigation on its website and assist in its development.
Personal information collected
In relation to its website service offer, the CALQ obligatorily collects the following personal information which is required to process the file of the person concerned. The obligatory information requested is:
- the last and first names;
- mailing address;
- social insurance number (as soon as the CALQ must issue a payment to that person);
- postal code;
- telephone number;
- e-mail address;
- date of birth;
- the year their artistic career began.
The CALQ collects information given voluntarily on the demographic and professional characteristics of artists who apply to the grant program, for statistical purposes. This information remains confidential and is concealed during the peer evaluation process of an application for financial support. It helps the CALQ have a global view of its clientele and is taken into consideration when programs are modified. The choice not to reply to the request to voluntarily provide information has no effect on how an application is processed. The voluntary information requested focuses on:
- mother tongue;
- place of birth;
- ethno cultural group;
- main occupation;
- the type of artistic training and where;
- the type of degree held;
- the type of course and where education or development courses were taken;
- financial support obtained from another body;
- income category;
- proportion of overall revenue from artistic pursuits;
- exhibit of works outside Québec.
Methods used for collecting personal information
The CALQ collects personal information by means of the following methods:
- application form;
- opinion polls;
- log files*;
* These files are used to facilitate website navigation and allow for optimal use of its functionality, but they do not allow for personal identification of the web user.
Objectives of collecting personal information
The CALQ collects personal information for the following reasons:
- to determine an applicant’s eligibility for its programs and to ensure the processing and follow-up of a request for financial support;
- to manage its bank of resource persons;
- to manage its human resources;
- to create a personalized profile of the applicant in order to facilitate access to services;
- to communicate with the user;
- to transmit any pertinent information to the user regarding his application and area of artistic activity (e-mail newsletter, calls for candidacy, changes to programs, application dates, etc.);
- to manage the electronic services website;
- to reply to a complaint;
- to evaluate and improve its services and operating procedures.
When accessing the clicSÉQUR service, which precedes use of the CALQ’s online website services, personal information is requested to verify the web user’s identity.
Access to the personal information collected
The CALQ’s managers and employees must obtain permission and a password to access the databases. Personal information is only accessible to those authorized to receive it, when necessary in the course of their duties:
- the employee charged with protection of personal information;
- program teams and technical support;
- accounting department;
- human resources department;
- communications department.
The CALQ does not exchange any personal information with a third party without permission from the person concerned, unless authorized by law. In such an event, if the CALQ is obliged to communicate personal information to a third party in order to fulfill legal or regulatory obligations, the person(s) concerned cannot oppose such transmission, in whole or in part.
The information transmitted to Revenu Québec is subject to the Treasury’s confidentiality policy: http://www.revenuquebec.ca/en/politiques-consignes-utilisation/politique.aspx
Storage and retention of personal information
Personal information is stored at secure sites as well as on servers controlled by the CALQ or the Centre de services partagés, situated either in CALQ’s offices, or in those of its service providers, which make daily backup copies.
In accordance with the provisions of article 76 of the Loi sur l’accès aux documents des organismes publics et sur la protection des renseignements personnels, the CALQ has established and maintains updated an inventory of the personal information files it retains:
- a database and files on the artists and organizations who submit applications for financial support;
- a database and files on the experts registered in the Bank of resource persons (assessors, members of selection committees and juries);
- a database and files on the CALQ’s employees (including former employees and applications received from non-employees);
- files of complaints and access to information requests (individuals).
Personal information is not retained for purposes other than that for which it was collected. The procedures for storing, archiving and destroying CALQ documents – some of which contain personal information – are in accordance with applicable laws, including the Loi sur les archives (Archives Act) (L.R.Q. chap. A-21.1, art. 8, 9 and 35), and the policy for the management of active and semi-active documents of public bodies established by the Bibliothèque et Archives nationales du Québec (BAnQ), which approved the retention schedule and procedure for the destruction of personal information retained by the CALQ. According to their nature, semi-active documents or those that should not be disposed of are transferred either to the archives at the Centre de conservation des documents of the Centre de services partagés du gouvernement, or to the BAnQ (Bibliothèque et Archives nationales du Québec).
Protection of personal information
The CALQ treats e-mail correspondence with the same concern for confidentiality as conventional mail. Since the transmission of information by e-mail is not secure, the CALQ never requests the transmission of personal information by e-mail; however, if it receives e-mail containing confidential information, it will reply to the sender by retaining only the information required to respond to the request addressed in the message. When the CALQ is obliged to transmit data of a confidential nature, it will make use of a means of communication other than e-mail.
The CALQ has adopted measures intended to protect collected information from fraudulent use, unauthorized communication or access as well as copying, alteration and accidental or illegal loss or destruction. These measures, which offer an appropriate degree of security for the treatment and nature of the information collected, are as follows:
- SSL protocol;
- computer data backup;
- digital certificate development;
- access management – authorized person;
- login / password;
- access management – person concerned;
- network monitoring software;
- Québec government’s clicSÉCUR authentication service – Citizens.
Precautions users should exercise
It is each user’s responsibility to exercise all the necessary measures to ensure that his user ID and password are used under optimal security conditions in order to protect the confidential nature of the data used to identify him. He should exercise particular care to:
- choose a password that cannot be easily guessed, composed if possible of at least eight characters combining letters, numbers and symbols;
- avoid using personal information (ex: date of birth, family name or first name) in choosing his user ID and/or password;
- memorize his user ID and password rather than making a note of them;
- safeguard his user ID and password from a third party;
- change his password frequently;
- log off after every site visit, especially if he is browsing from a public computer;
- clear his computer’s cache memory;
- avoid sending personal information by e-mail.
If a user suspects that the confidentiality of his personal information has been compromised, he must inform the CALQ and the clicSÉQUR customer service department as soon as possible to prevent fraudulent use of this information.
Access and correction rights
All persons concerned have the right to be informed of any personal information the CALQ has on file regarding them. The exercise of this right may lead to the updating or rectification (right of correction) of the information retained. The Commission d’accès à l’information du Québec recommends that no personal information be communicated on the web or by e-mail unless it is encoded. Any request for rectification of personal information must thus be made by:
- accessing the user’s client profile with his password, on the secure site;
- communicating by mail with the person responsible for access to documents and the protection of personal information.
Mme Lorraine Tardif
Responsable de l’accès aux documents et de
la protection des renseignements personnels
1435, rue De Bleury, bureau 300
Telephone: 514 864-4346 or, toll-free, 1 800 608-3350
Fax: 514 873-7885
About the CALQ’s website:
As a public body, the CALQ is subject to the laws and regulations in effect for the public service, in particular the Loi sur l’accès aux documents des organismes publics et sur la protection des renseignements personnels. For more information on this topic, the CALQ invites you to consult the Diffusion de l’information section Diffusion de l’information on its website:
In addition, the CALQ has developed Déclaration de services aux citoyens, numerous policies and action plans and internal management by-laws that can be consulted on its website.
Other sites (French):