How-to guide
Compliance and Data Privacy for Businesses
As Google announces that it will not remove third-party cookies in Chrome after years of uncertainty, it is more crucial than ever to understand and comply with data regulations. Discover everything you need to know to comply with data protection and privacy laws.
Compliance with Laws and Data Privacy
How Data Portability in 2024 is Transforming the Digital Landscape of Businesses
Discover how data portability, strengthened by Quebec’s Law 25 in 2024, becomes essential for businesses. Learn why this right is crucial and how marketers can effectively prepare to stay compliant and competitive.
A Comprehensive Guide to 0, 1st, 2nd and 3rd Party Data: What Marketers Need to Know
As a marketer, it’s essential to understand how to leverage the power of data. Data can be used to help inform decisions regarding marketing campaigns, target audiences, and more. To do this effectively, you need to understand the different types of data available, such as zero, first, second, and third-party.
The Impact of Law 25 on Consents (QC)
Learn everything about the criteria for obtaining valid consent and the measures to take to prepare for compliance.
How to Pivot Your Digital Marketing to Leverage Zero-Party and first-party data
It is time to shift the focus of your marketing strategies towards zero-party and first-party data.
GDPR: How to comply? (FR)
It is possible that some companies may not always be compliant with the GDPR. Discover how your business can quickly comply with this essential legislation for the protection of personal data.
Law 25: 10 Myths or Realities (QC)
This statement is FALSE.
If you wish to collect data for personalizing your communications, you simply need to mention the purpose at the time of collection or in the privacy policy. It seems perfectly normal, for example, to greet someone by their first name if it has been collected. This does not require special consent. The privacy policy must be adjusted to describe the use and processing of the data.
This statement is FALSE.
Consents collected through a subscription are still valid. Implicit consents defined by the Canadian Anti-Spam Law (CASL) are also valid when respected. This law also provides for the use of implicit consents. The uses must also be described in the privacy policy. The purpose of the new law is not to hinder customer relationships but to protect personal information.
This statement is partly TRUE.
If you want to continue using tracking software like Google Analytics and other visit markers that are not anonymous and in a non-commercial context.
Law 25 requires that any function allowing a technology to identify, locate, or profile a person from whom it has collected personal information must be disabled by default. The organization must inform the person and offer ways to activate these functions, if possible.
This statement is FALSE.
You must communicate changes to purposes and uses. Only changes to purposes that have an impact require consent. For example, you could not simply change the policy to accept a data transfer to a third party like Facebook without obtaining consent, unless it is anonymized. However, a simple review of an explanation to make it clearer does not need to be resubmitted.
This statement is FALSE.
Data must be classified according to type and consider the impact and risk related to them.
Having the list of names and phone numbers from a directory stolen (losing the directory) does not have the same importance as losing SINs and bank account numbers or even someone’s health information.
Assistance and Guidance for Compliance with Law 25
Act 25 compliance: MaLoi25 is an aid program subsidized by the Government of Québec
MaLoi25 is a program designed to support businesses in their compliance with Law 25. Developed and managed by In-Sec-M, the Canadian cybersecurity cluster, in partnership with the Ministère de l’Économie, de l’Innovation et de l’Énergie (MEIE), this program, subsidized by the Quebec government, offers practical assistance to SMEs and SMOs. It enables Quebec experts to assist them in their cyber resilience efforts and the implementation of Law 25.
Discover how your business can benefit from Dialog Insight.