Privacy policy

Policy quick links:
Privacy Policy (this page)
End-User License Agreement (EULA)
Data Security & Retention Policy

Privacy Policy – Les Industries Royalty Inc.

Les Industries Royalty Inc. aka Groupe Royalty (the “Company”, “we”, “us”, or “our”) recognizes the importance of protecting your personal information and is fully committed to respecting your privacy. We have implemented security safeguards, governance practices, and procedures to manage your personal information in accordance with applicable laws, including Québec’s Bill 25 and Canada’s PIPEDA.

This Privacy Policy also applies to our internal and external software systems, including integration and data transfer services, where applicable.

Last update: March 24, 2026
Person Responsible for Privacy: Compliance Manager

 

1. PERSONAL INFORMATION WE COLLECT

We collect, process, and store personal information when you use our website, interact with us, or use our services. This includes when you:

  • Request information
  • Submit a form
  • Subscribe to a newsletter
  • Enter a contest
  • Make a purchase
  • Apply for a job
  • Use or interact with our connected systems or integrations

The information collected may include (but is not limited to):

  • First and last name
  • Postal address
  • Telephone number
  • Email address
  • Preferred language
  • Purchase history
  • Preferences or usage habits
  • Information submitted in forms or job applications

We also collect information through cookies and similar technologies (see Section 6).

 

2. PURPOSE OF COLLECTION AND USE

We use your personal information for the following purposes:

Website visitors

  • First-party cookies – Required for site functionality
  • Analytics cookies – Website performance and usage analysis (Google Analytics, etc.)
  • Marketing cookies – Targeted advertising (Meta, Google, LinkedIn)

Newsletter subscriptions

  • Sending newsletters
  • Marketing and promotions
  • Targeted advertising

Contest participation

  • Managing entries
  • Communicating with participants
  • Marketing and targeted advertising

Contact forms

  • Responding to requests
  • Sending newsletters
  • Providing information to authorized retailers when needed
  • Marketing and targeted advertising

Job applications

  • Evaluating candidates
  • Maintaining a talent pool

System integrations and data transfers

We may process data through our internal systems or integration services to:

  • transfer data between authorized systems (e.g., accounting, inventory, or operational tools)
  • ensure system synchronization and accuracy
  • monitor and troubleshoot system performance

These systems are designed to process data with minimal retention and without long-term storage of personal or customer data unless required for business or legal purposes.

 

3. LEGAL BASIS FOR PROCESSING

We collect and use personal information based on:

  • Your consent
  • The performance of a service or request you initiated
  • Our legitimate interests (e.g., fraud prevention, service improvement, system reliability)
  • Legal obligations

You may withdraw your consent at any time, subject to legal or contractual restrictions.

 

4. COMMUNICATION AND DISCLOSURE OF INFORMATION

Personal information may be communicated to:

  • Internal departments
  • Authorized distributors or retailers
  • Marketing, IT, and web service providers
  • Cloud infrastructure and integration service providers
  • Third parties when required by law

All third parties must agree to maintain confidentiality and comply with applicable privacy laws and contractual obligations.

We do not sell personal information.

 

5. TRANSFERS OUTSIDE QUÉBEC OR CANADA

Some of our service providers may store or process personal information outside Québec or Canada.

Before transferring such information, we conduct a Privacy Impact Assessment (PIA), as required by Bill 25, to ensure adequate protection.

Your information may therefore be subject to the laws of those jurisdictions.

 

6. COOKIES, TRACKING TECHNOLOGIES & PROFILING

We use:

  • Necessary operational cookies
  • Analytics cookies
  • Marketing and profiling tools (Meta Pixel, Google Ads, LinkedIn Insight Tag)

You may adjust your cookie preferences at any time through your browser or our consent tools.

 

7. AUTOMATED DECISION-MAKING

If automated systems are used to personalize content or advertising, you have the right to:

  • Request an explanation of the factors and parameters used
  • Request human intervention
  • Contest automated decisions

 

8. RETENTION AND DESTRUCTION OF PERSONAL INFORMATION

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations.

For systems and integration services:

  • API/system logs may be retained for a minimum of one (1) year for security, auditing, and troubleshooting
  • Temporary transaction or processing data (used for retrying or debugging) is retained for a maximum of 30 days, then securely deleted
  • Data used solely for processing is not retained longer than necessary

Once no longer required, data is securely destroyed or anonymized.

 

9. SECURITY MEASURES

We use industry-standard security measures, including:

  • Secure servers and encrypted communications (TLS/HTTPS)
  • Access restrictions and role-based permissions
  • Encryption and firewalls
  • Employee confidentiality agreements
  • Monitoring systems to detect unauthorized access
  • Secure handling of API credentials and integrations

While we implement strong safeguards, no system can guarantee absolute security.

 

10. YOUR RIGHTS UNDER BILL 25 AND PIPEDA

You have the following rights:

  • Access to your personal information
  • Correction of inaccurate information
  • Withdrawal of consent
  • Deletion of your information (where applicable)
  • Data portability (structured format)
  • Right to stop dissemination and de-indexation (Bill 25)
  • Right to be informed about automated decisions
  • Right to file a complaint with privacy regulators

Data Deletion Requests

You may request deletion of your personal information at any time by contacting our Privacy Officer.

Upon receiving a verified request:

  • We will delete or anonymize your personal information within a reasonable timeframe
  • We will also ensure deletion from systems under our control, subject to:
    • legal retention requirements
    • legitimate business purposes (e.g., accounting records)

For integration or system-processed data:

  • Data is generally not stored long-term
  • Any temporary stored data (e.g., retry/debug data) will be deleted within 30 days
  • Residual data in logs (if any) will be minimized and retained only as required for security and compliance purposes

We may request information to verify your identity before processing your request.

 

11. PRIVACY INCIDENTS AND BREACH NOTIFICATIONS

In the event of a privacy incident involving loss, unauthorized access, or disclosure, we will:

  • Take immediate steps to reduce risk
  • Notify affected individuals where required
  • Notify the Commission d’accès à l’information (CAI), where required
  • Maintain a record of all incidents in a mandatory incident register

 

12. HOW TO CONTACT THE PRIVACY OFFICER

If you have questions, comments, or concerns about how we handle personal information, or if you wish to exercise your rights, contact:

Les industries Royalty Inc.
7562, ch. de la Côte-de-Liesse
Saint-Laurent, Quebec, H4T 1E7
Email: info@grouperoyalty.com
Privacy Officer: Compliance Manager