Privacy policy "Fondation de l'Institut de recherches cliniques de Montréal"
Privacy and data protection policy of the IRCM Foundation

The Montreal Clinical Research Institute Foundation (IRCM Foundation) is a philanthropic organization dedicated to raising funds to support basic and clinical health research conducted by the Montreal Clinical Research Institute (IRCM). In carrying out our mission, we process personal information relevant to activities such as soliciting donations or contributions of various kinds and fundraising events (such as galas, golf tournaments and auctions). The processing of personal information collected by the IRCM Foundation, including that obtained through third-party platforms, is governed by the Act respecting the protection of personal information in the private sector.

This Privacy and Data Protection Policy (the “Policy”) sets out our practices for collecting, using, disclosing and retaining personal information. By providing us with your personal information (see “How does the IRCM Foundation collect your personal information?”), you consent to the processing of your personal information in accordance with this Policy and the law and authorize the IRCM Foundation, its third-party partners and service providers to process your personal information for the purposes set out below.

This Policy does not apply to third-party websites that may be accessed through a link on our website. When you click on third-party links on our website, you will be directed to websites with separate and independent privacy policies. We encourage you to carefully review the privacy policy of any organization before submitting your personal information. 

In addition, please note that our website collects basic technical information related to Internet browsing. For more details, see “Website Terms of Use.”

What personal information does the IRCM Foundation collect?

We may collect and process various types of personal information that is relevant to our activities, including:


  • Relevant personal contact information such as first names, last names, addresses, email, date of birth and telephone number;

  • Biographical and professional details such as job title, employer, professional and personal background, networks, social participation, professional and personal affiliations, as well as your affiliation with IRCM clinics, if applicable;

  • Comments and answers to surveys;

  • Information relating to participation in IRCM Foundation events, as well as related information such as food preferences, photos and video or audio content;

  • Financial information such as contribution history, billing or payment data;

  • Information obtained during recruiting activities such as CVs, educational and employment background, professional affiliations and other information that may be relevant to the IRCM Foundation’s recruitment processes;

  • Information about your philanthropic preferences, such as the types of orientations supported by your donations and community investments, your contributions, the recipient organizations and their focus or mission, any recognition, the decision-making process and the people involved in the organization and this process; 

  • Proof of consent given to us (date, time, means) for the processing of personal information when required;

  • Any other personal information provided. 

If you provide us with personal information about other individuals (such as your customers, directors, officers, shareholders or beneficial owners), you must ensure that you have duly notified them that you are providing us with their information and confirm that you have obtained their consent to such disclosure.

We do not knowingly collect information from minors. If you are a minor, please do not provide us with any personal information without the express consent of a parent or guardian/tutor. If you are a parent or guardian/tutor and you know that minors under your responsibility have provided us with personal information, please contact us. If we become aware that we have collected personal information from minors without obtaining parental consent, we will delete that information from our servers.

How does the IRCM Foundation collect your personal information?

We collect the personal information you provide during your interactions with us:

  • When you register for events or use our communication tools, such as newsletters, surveys and telephone follow-ups;

  • When you make a donation to our organization, regardless of the type of donation;

  • When you apply for a job or become a volunteer in our organization;

  • When you complete forms on our website;

  • During events organized by us that you attend.

We also collect publicly available information, particularly on public and social media platforms.

How does the IRCM Foundation use your personal information?

We may use personal information in any way set out below, with your consent or where permitted by law. In each case, we indicate the purposes for which we use your personal information:

  • To carry out, administer and perform our philanthropic activities, including fulfilling our obligations under any agreement between you and us;

  • To facilitate the use of our websites and to ensure that content is relevant and presented in the most effective manner for you and your device;

  • For philanthropic solicitation, information sharing about developments in our organization and the IRCM and invitations to events with individuals who have elected to receive such information;

  • For volunteer or employee recruitment purposes, to assess whether an individual meets the requirements of the IRCM Foundation;

  • To prevent fraud or conduct other background checks which may be required at any time by applicable law, regulation or best practices (if the information provided is false or inaccurate or fraud is detected or suspected, information may be passed to fraud prevention agencies and recorded by us or such agencies);

  • To comply with our legal or regulatory obligations, including reporting requirements, or to protect the rights of third parties;

  • To promote our activities by publishing visual or audio content on third-party sites and social networks such as LinkedIn and Facebook.

We will use personal information only to achieve the primary purpose and applicable legitimate purpose for which it was collected or for purposes consistent with that primary purpose.

With whom does the IRCM Foundation share personal information?

The personal information we collect may be shared with certain third-party service providers, partners and volunteers of the IRCM Foundation to be processed as follows:

  • To recruit staff and volunteers and solicit financial or other contributions;

  • To solicit donations, database and website analysis, application development, hosting, maintenance, event organization and related services;

  • For government authorities and law enforcement agencies where required by applicable law. More specifically, we may disclose personal and other information if we are required to do so by tax or other laws or if we believe in good faith that such disclosure is necessary to comply with applicable laws, respond to a court order or subpoena or a government search warrant, or otherwise cooperate with such government authorities and law enforcement agencies.

We limit the information we provide to third-party service providers, partners and volunteers to what is reasonably necessary for them to perform their duties, and all such parties are required under a contract or legal obligation to protect and maintain the confidentiality of such information. Third parties must destroy such information when it is no longer relevant to the services unless there are legislative requirements concerning retention periods.

For how long and where does the IRCM Foundation retain personal information?

We will retain personal information only as long as necessary for the purposes set out in this Policy and to comply with our statutory and regulatory obligations.

Personal information is kept by the IRCM Foundation in its computer records on the IRCM network or on the servers of its information technology vendors, which are located in the province of Quebec.

How does the IRCM Foundation protect personal information?

We ensure that our practices are aligned with generally accepted industry standards to fulfill our obligations to protect personal information. We maintain administrative, physical and technological safeguards to protect the personal information we process and meet our obligations under applicable privacy laws. We also ensure that access to your personal information is restricted to those who need the information to fulfill their duties.

Despite our precautions, incidents occur, and we cannot guarantee the security of the information you knowingly provide. Members of our community and third-party partners are invited to report confidentiality incidents of which they become aware in accordance with our confidentiality incident management procedure. In the event of a confidentiality incident presenting a risk of serious injury related to your personal information, we will notify you and the Commission d’accès à l’information promptly, as soon as we become aware of the incident, as per the applicable law. We will take reasonable steps to reduce the risk of injury and prevent further incidents of a similar nature.

If you have reason to believe that your personal information has been compromised, please get in touch with us as indicated in the “Contact Us” section.

What rights do individuals have concerning their personal information?

In certain circumstances and under applicable data protection and privacy laws, individuals have the following rights concerning their personal information:

  • Right of access: individuals have a right to access personal information about themselves and to receive a written or electronic copy of such information;

  • Right to rectification: individuals are entitled to request correction of their personal information where they believe there is an error or omission;

  • Right to be informed if a decision is based exclusively on the automated processing of their personal information;

  • Right to withdraw consent to the use and disclosure of personal information.

To exercise any of these rights, please get in touch with us as indicated in the “Contact Us” section.

Finally, you may file a complaint with a data protection supervisory authority in the country, province/territory or state in which you reside (in Quebec, the Commission d’accès à l’information) or where we are located or in which an alleged breach of data protection laws has occurred.

How do we use cookies and similar technologies?

For detailed information about the cookies we use, please refer to our Website Terms of Use, which form part of this Policy.

Contact Us

To submit a request or report under this Policy regarding your personal information, please get in touch with our Data Protection Officer, Secretary General:


This policy may be updated from time to time in keeping with changes in applicable legislation and practices relating to protecting personal information.

This policy was last updated on May 30, 2023.
Privacy policy "Logilys"
Logilys uses the most appropriate means to ensure the confidentiality of the people who use its sites and agrees to take reasonable means in order to protect the personal information provided. Logilys uses the information collected through its websites to facilitate the collection and processing of online donations or online registrations transactions, to provide official receipts or invoices, to process registration for LogiZone Online accounts, and to communicate news and relevant updates to you. Logilys does not trade, license, rent or sell your personal information in any way.
Please note that if you do not agree to this Policy, you must immediately stop using any services provided by Logilys. Your continued use of these services will constitute your acceptance of this Policy.
Privacy and security
Logilys takes the necessary precautions to ensure that your personal information is protected throughout the transaction process and in other contexts where this information is under its custody or management.
Logilys is committed to protecting and safeguarding the confidentiality and security of personal information provided to it by its users and organizations, in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada).
By making a transaction, requesting information on a website, or subscribing to a LogiZone account, you give Logilys permission to collect some of your personal information and to contact you using the information provided for the purposes described in this Policy.
Personal Information
The term "Personal Information" designates any information about an identifiable individual, including information that can be used to recognize, identify or contact a specific individual, such as an e-mail address, home address, interests and causes and organizations with which the individual deals. Personal information does not include most information about business relationships, such as the name, title, business address, or telephone or fax number of an employee of an organization, and certain other publicly available information.
Logilys observes the following practices regarding personal information:
Logilys collects information only for the purposes specified in this Policy;
Only personal information that allows the use of our services will be requested, all in accordance with the requirements of the law or the competent authorities;
Additional information may be requested in order to provide personalized information or services. In such circumstances, there is no obligation on your part to provide such information;
Personal information collected by Logilys is treated with the strictest confidentiality and is protected by industry best practices.
Logilys limits the collection of personal information to that which is reasonably necessary for the purposes identified. The information collected by Logilys can be summarized as follows:
Contact information (name, address, email address and phone number);
Donation history (amount of donations and charities to which these donations are given);
Registration history (amount of registrations and organizations with which these registrations are made);
Information for official receipts or invoices;
LogiZone account username password information.
Financial Information
Certain financial information may be requested if you make a credit card payment. This information is processed through a secure PCI compliant payment gateway to process the credit card payment.
Changes to this Policy
Logilys reserves the right to periodically modify this Policy, for example to adapt it to legislative and regulatory changes. Therefore, we advise you to consult this policy regularly in order to validate its content. In case of modification, the modified version will be available on the website with an amended effective date.
Links to third-party websites
The various Logilys websites may contain links to third-party websites. You should be aware that when you use these links, the operators of the linked sites may also collect your personal information (including information generated through the use of cookies).
You may refuse or disable cookies if your browser permits. To do so, consult your browser's configuration options. However, disabling cookies may prevent you from accessing certain websites.
Logilys is not responsible for how such third parties collect, use or disclore your personal information. Furthermore, it is important that you learn about their privacy and security policies before providing them with your personal information.
Privacy and Security Principles
Logilys is commited to the following privacy and security principles under PIPEDA:
Logilys is responsible for the personal information in its custody or control and has designated a person in charge of confidentiality and security. This person must ensure that Logilys is in compliance with PIPEDA;
Logilys has policies and procedures in place to implement and comply with this Policy, including procedures for the collection, processing, disclosure, retention and destruction of personal information;
Third parties who engage in a business relationship with Logilys and who post content on Logilys' platforms are responsible for complying with the privacy principles set forth in this Policy, PIPEDA and any other applicable privacy legislation. Logilys is not responsible for the personal information collected, used, shared or processed by these thirds parties.
Identifying Purpose of Collection
Logilys collects and uses personal information for the following purposes:
Provide official receipts or invoices when users make online donations or register online;
Allow users to register or create a LogiZone Account, and manage these accounts;
Administer single or scheduled donations or payments;
Generate statistics and summary reports for internal and external use, the latter without reference to personal information;
Communicate directly with users, including through the Logilys News and Updates Service, charitable promotions, or other forms of communication in compliance with the Canadian Anti-Spam Act (CASL);
Provide support and guidance to clients.
Consent for the use of your personal information
Logilys collects personal information about you only when you voluntarily provide it, or only with your consent, as required by PIPEDA or other applicable law;
By visiting and using a Logilys website, the visitor agrees to the Privacy Policy and the Terms of Use linked to this Privacy and Security Policy. If you do not agree with the Privacy and Security Policy, do not use this website or provide any personal information to Logilys;
As a condition of providing our services, we will not require you to consent to the collection, use, or disclosure of information beyond what is necessary to fulfill the explicitly specified legitimate purposes for which the information is provided;
A user may withdraw consent for the use of his or her personal information at any time, subject to legal or contractual restrictions. If you wish to withdraw your consent, please contact a person in charge at Logilys at the contact information below;
Information collected
Personal information provided to Logilys: Logilys collects certain personal information directly from individuals who interact with one of its websites or otherwise with us, including this information;
Non-personal information: When a visitor access one of our websites, anonymous, non-personal information about their visit is automatically collected. This information may include the date of the visit, how the visitor uses the website, the length of the visit, the pages viewed, the type of browser and operating system used, and the domain name of the visitor's Internet service provider. Logilys may also collect statistics that describe how visitors use the website. This information can include the average transaction amount, the geographic breakdown of transactions by region, the times of day when traffic is heaviest, and the type of organization that most frequently receives visitors to their section. This information, collected in aggregate form, allows Logilys to better serve visitors and organizations. None of these statistics reveal personally identifiable or individual information, and Logilys does not use this information to identify individuals. In some cases, to detect and limit fraud, IP addresses are collected to protect Logilys from possible illegal activities;
Information provided by cookies: When our clients, visitors and other stakeholders access one of our websites, a small text file, called a "cookie", may be sent from our web server to their web browser and stored on their computer. Cookies allow us to recognize users while they are connected to a Logilys website. Cookies used by Logilys are strictly used to perform the function desired by the user, such as keeping the user securely logged into the service or storing preferences for future visits. Some browsers can be set to reject all cookies. If you choose to modify your browser in this manner, some pages of the website may not function properly.
Limiting use, disclosure and retention
Logilys does not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or as permitted or required by law;
Logilys does not store or share credit card numbers and security codes (CVV) provided by users. This information is processed through a secure PCI compliant payment gateway;
Logilys may be required to disclose personal information to comply with a law, regulation or government request, or to comply with a subpoena, search warrant or court order;
Logilys may disclose personal information to third parties who use our Services or who assist us in providing our Services. These third parties are responsible for protecting your personal information, as described above in the "Responsibility" section;
Logilys reserves the right to disclose and transfer personal information to a third party in the event of a proposed or completed purchase, sale, lease, merger, amalgamation, or any other type of acquisition, disposition, transfer, assignment or financing of all or any portion of Logilys so that you may continue to receive the same services from the third party;
Logilys retains personal information only as long as necessary to fulfill the purposes for which it was collected or to comply with the law; your consent to use it for these purposes remains valid after the termination of our relationship with you.
Accuracy of information
Logilys makes reasonable efforts to ensure that personal information is as accurate, complete and up-to-date as necessary for the purposes for which it is to be used. Individuals can verify the accuracy of their personal information and make changes or corrections if necessary. Logilys relies on individuals and organizations to help us maintain the completeness, accuracy and timeliness of the information we collect. You must log in to your LogiZone Account in order to update, modify, correct or delete your personal information.
Security measures
Logilys uses commercially reasonable efforts to protect personal information against loss, theft, unauthorized access, disclosure, copying, use, modification and destruction by establishing and maintaining security safeguards appropriate to the sensitivity of the personal information;
All Logilys staff members are aware of the need to maintain strict confidentiality of all personal information;
In terms of the processing of credit card information, Logilys adheres to the Payment Card Industry Data Security Standards (PCI DSS) and, in order to securely store your payment card details, uses the systems of payment processors that comply with the PCI DSS;
Logilys uses the Secure Sockets Layer (SSL) protocol to help ensure the security of online transactions. The SSL protocol allows for the encryption of sensitive information, including passwords and credit card numbers, during your online transactions;
Logilys has implemented strict security standards to protect its systems and your personal information from unauthorized access and use. This includes the security measures required for PCI compliance, as well as specific procedures to ensure that your transaction information is secure and confidential, and remains in Canada.
Logilys makes information about its policies and practices regarding the management of personal information readily available to users of its services and to the public. We post our Privacy and Security Policy on our websites, which tells users what information we collect, how we use it, and to whom we may disclose it.
Access to personal information
Upon request, Logilys:
Will inform users of the existence and use of their personal information;
Will inform users about the disclosure of their personal information to authorized third parties;
Will provide users with access to their personal information in its custody or control, subject to legal restrictions.
Requests should be sent to:
Logilys inc.
217, avenue Léonidas Sud, Porte 13
Rimouski (Quebec) G5L 2T5
Logilys will use its best efforts to respond to requests for access to personal information in a reasonable and timely manner.
Possibility of filing a complaint for non-compliance
Any questions, requests or concerns regarding Logilys's compliance with this Privacy Policy, or regarding Logilys's privacy and security practices, may be directed to Logilys as indicated above.
Effective date: May 6, 2015