Horizon Secure · Law 25 Compliance
Privacy Policy
Last updated: May 21, 2026. Effective as of March 30, 2026.
This policy is established in accordance with Quebec's Law 25 (Act to modernize legislative provisions as regards the protection of personal information) and applicable Canadian legislation. It describes how we collect, use, retain and protect your personal information.
1. Company information and privacy officer
This policy applies to the Horizon Secure website, operated by:
Horizon Secure
Legal name registered with the REQ: Horizon Secure
1250 Av. de la Station, Shawinigan (Quebec) G9N 8K9
NEQ: 2281276966
Privacy Officer (RPRP)
Samuel Bellemare, Founder and CEO
Email: info@horizonsecure.ca
Phone: (819) 489-0828
The Privacy Officer is designated in accordance with Law 25. All requests relating to your personal information should be directed to them.
2. Personal information collected
Horizon Secure collects only the personal information necessary for the purposes declared below. No user account is created on this website.
| Data | Source | Required |
|---|---|---|
| First and last name | Contact form, discovery call booking, blog comment | Yes |
| Email address | All forms | Yes |
| Phone number | Discovery call booking (if phone call) | Depends on meeting format |
| Subject and message | Contact form | Yes |
| Date, time and meeting format | Discovery call booking | Yes |
| Training preferences (workshops, formats, periods, city) | Training pre-registration form | Varies by field |
| Comment content | Blog comment section | Yes |
| Navigation data (pseudonymized IP address, browser, pages visited) | Automatic (server logs) | Technical |
| Interaction data (clicks on the “Google review” and “share a photo” buttons) | Feedback form thank-you screen | No: solely to improve our forms |
| Feedback form data (satisfaction ratings, recommendation score, strengths, areas for improvement, comments, and, only if you consent, first name, profession, title or role, optional email) | Feedback form (/avis) | No: anonymous by default, unless express consent |
We do not collect sensitive information (health data, biometrics, ethnic origin, political opinions, detailed financial information). When your IP address is logged via a form submission, it is pseudonymized by cryptographic hashing before storage. It cannot be used to directly identify you.
3. Purposes of processing
Your information is used exclusively for the following purposes:
- ✓ Responding to your contact requests: Handling your consultation or information request. Basis: consent (form submission).
- ✓ Scheduling a discovery call: Creating an appointment at your request, including a confirmation email and a calendar invitation. Basis: pre-contractual measures.
- ✓ Preparing a quote or commercial proposal: Your contact information is used to prepare and send a proposal. Basis: pre-contractual measures.
- ✓ Managing training registrations and preferences: Collecting your preferences (workshops, formats, periods) to organize training sessions that match demand. Basis: consent.
- ✓ Publishing and moderating blog comments: Your name and comment are displayed publicly after moderation. Your email is not displayed and is used for internal management only. Basis: consent.
- ✓ Collecting and publishing testimonials: The feedback form (/avis) collects your feedback (satisfaction ratings, recommendation score, strengths, areas for improvement, comments) to help us improve our services. Without consent, you remain entirely anonymous. With your express consent (checkbox), your responses (comments, strengths), your first name and your profession may be published on our website as a testimonial to showcase our services. If you provide an optional email, it is used to subscribe you to the newsletter (with double confirmation) or to send you a photo-sharing link. Basis: consent. You may withdraw this consent at any time.
- ✓ Delivering the N.O.R.D.™ Quick Reference and follow-up communications: Your email address is used to send the requested document and, with your consent, to keep you informed of Horizon Secure updates. Our emails may contain technical indicators (tracking pixel) to measure open and click rates for improvement purposes. This data is aggregated. Compliant with Canada's Anti-Spam Legislation (CASL, C-28). Basis: express consent.
- ✓ Website security and operation: Server logs and anti-abuse mechanisms protect the site against technical threats. No behavioral or advertising tracking tools are deployed beyond the audience analytics tool described below (section 5). Basis: legitimate interest (security).
Your information is not used for profiling, resale, or behavioral analysis. Marketing communications are only sent with your express consent.
4. Consent and double confirmation
In accordance with Law 25, your consent must be explicit, freely given, informed, and specific to particular purposes. On this site:
- ✓ Submitting a form constitutes your consent to the collection of data necessary to process your request.
- ✓ Subscribing to our newsletter or receiving marketing communications requires express consent (checkbox), followed by double confirmation by email. You receive an email containing a confirmation link. Your subscription is only effective after clicking this link.
- ✓ You may withdraw your consent to marketing communications at any time via the unsubscribe link in each email.
6. Retention and destruction of data
Personal information is only retained for as long as necessary for the purpose for which it was collected.
| Category | Retention period |
|---|---|
| Contact request or booking with no commercial follow-up | 12 months after last exchange |
| Data related to a contract, mandate or training | 7 years (tax and legal obligations) |
| Newsletter or N.O.R.D.™ quick reference subscription | Until consent is withdrawn |
| Training preferences (pre-registration) | 24 months after last activity |
| Approved blog comments | Duration of article publication |
| Audience analytics data (aggregated) | 14 months (analytics standard) |
| Server logs | 90 days |
Upon expiry of the retention period, data will be securely deleted or anonymized.
8. Your rights
Quebec Law 25 grants you several rights regarding your personal information, including the right to access, rectification, erasure, portability and withdrawal of consent. You may exercise these rights at any time by contacting our Privacy Officer.
To exercise your rights: email us at info@horizonsecure.ca. We will respond within a maximum of 30 days.
9. Security measures and incidents
Horizon Secure implements technical and organizational security measures proportional to the sensitivity of the information processed:
- ✓ Encrypted HTTPS connection (TLS) across the entire site
- ✓ Hosting on secure servers in Canada
- ✓ Access to personal information restricted on a need-to-know basis
- ✓ Pseudonymization of IP addresses (cryptographic hashing)
- ✓ Anti-abuse protection on all forms
- ✓ Advanced HTTP security headers (CSP, HSTS, etc.)
Confidentiality incidents
Horizon Secure maintains a confidentiality incident register in accordance with Law 25. In the event of an incident presenting a serious risk of harm, we commit to notifying the Commission d'accès à l'information du Québec and affected individuals as promptly as possible.
10. Contact us
For any questions about this policy or to exercise your rights:
Samuel Bellemare, Privacy Officer, Horizon Secure
1250 Av. de la Station, Shawinigan (Quebec) G9N 8K9
Email: info@horizonsecure.ca
Phone: (819) 489-0828
This policy may be updated. The date of last revision is indicated at the top of the page. We encourage you to review it periodically.
See also our Terms of Service.