Protection of Personal Information

At Groupe Del Vasto, the protection of personal information is taken very seriously. We do everything we can to protect it and to comply with the requirements of Law 25 relating to the protection of personal information. Notably:

  1. We have put in place the mechanisms currently provided for by law
    1. We have designated a person responsible for the protection of personal information
      1. We have processes in place to quickly and efficiently respond to any request for information or any incident reported to the prp@vastauto.com email address. An email to this address will immediately alert our person in charge, as well as members of our incident management team.
    2. We have implemented a personal information protection incident management plan that meets the requirements of Law 25.
  2. We are currently working to ensure our compliance with the requirements of the law which will be in force either in September 2023 or in September 2024
    1. The implementation of a policy relating to the protection of personal information
    2. Identification of the information we store in order to:
      1. Determine the need to store.
      2. Assess whether the information is necessary and then, where possible, delete any that is not.
      3. Review methods, procedures and security to minimize the risk of unauthorized access
    3. Review of current agreements with our various service providers to ensure that these providers are also in compliance with the law.
    4. The ability to provide or delete personal information at the request of the concerned person when possible, and when other laws and requirements allow it.
  3. We regularly review our policies and practices regarding information collection and storage, cyber security and access to our premises.

For questions regarding personal information:

Patrick Laframboise
Vice President Innovation and IT
Person responsible for the protection of personal information
prp@vastauto.com