Les Marches Tau Policy on the Protection of Personal and Confidential information

1- Introduction

LES MARCHES TAU is committed to respecting your privacy and protecting your personal information. We encourage you to read our Privacy Policy (the “Policy”) before using our services and our client platform available at https://marchestau.com and all related subdomains.
When you use our services and our client platform, LES MARCHES TAU may collect, and you may provide, personal information[AM1.1][LP1.2]. The collection, use, and disclosure of your personal information are subject to the applicable legal framework for the protection of personal information.
- Act respecting the protection of personal information in the private sector (CQLR, c. P-39.1).
This Policy aims to explain to users of LES MARCHES TAU the following:
• How their personal information is collected, used, and disclosed;
• What their rights are regarding their personal information;
• Who is responsible for protecting the personal information collected, used, and disclosed by LES MARCHES TAU?

2. What is personal information?

2.1 Definition
Personal information is any information that relates to a natural person and allows them to be identified, directly or indirectly. Your personal information may include, but is not limited to, your first and last name, gender, address, telephone numbers, and email address.
2.2 Professional Information
However, in a business context, your name, as well as your professional contact information, namely your title, work address, professional telephone number, and email address, may be subject to exemptions under applicable laws.
3. Summary of our activities with regard to your personal information
When you use our services and platform, we collect your personal and confidential information in order to provide an online shopping and commerce service, as well as for our loyalty program(if subscribed to). The following types of information may be collected, used, and disclosed:
1. Technical and connection information: information about the device and browser used to access our site, including IP address, browser type and version, operating system, and certain technical identifiers generated during your browsing (e.g., session ID).
2. Website browsing and usage information: information about your visits to and use of the site, including pages viewed, length of visits, general origin (referring source), actions taken, and navigation paths.
This information may be collected through cookies and similar technologies, including audience measurement cookies (e.g., Google Analytics) when enabled.

3. Website preferences and functionality: information used to improve your experience and ensure the proper functioning of the site, including:
• Language preference (e.g., display language);
• Indicators related to the first visit or the display of certain messages;
• Navigation continuity elements (e.g., temporary retention of a state or browsing path).
4. Customer account, authentication, and security (if applicable): information you enter when you create an account or log in, as well as the information necessary for authentication and session management to allow you to access certain features, secure access, and keep your session active.
5. Communications: information contained in communications you send (e.g., by email or via a form), including the message content and the information necessary to process and follow up on your request.
6. Any other personal information you provide to us: any information you choose to voluntarily provide as part of your interaction with us.
In all cases, the collection, use, and, where applicable, disclosure of your personal and confidential information are subject to this Policy and applicable laws.

4. Consent
4.1 Your Personal Information
Subject to exceptions and requirements of applicable laws, we will not disclose your personal information to any other third parties without your consent.

By using our services or platforms, you consent to the collection, use, and disclosure of your personal and confidential information in accordance with this Policy.
You may withdraw your consent at any time, subject to certain legal or contractual restrictions.
In certain specific circumstances permitted by law, we may use or disclose personal information without notifying you or obtaining your consent. For example, we may use your personal information without your consent for compatible purposes [AM2.1][LP2.2], for purposes clearly for your benefit, or to prevent or detect fraud [LP3.1]. We use your personal information for the purposes explained at the time we collect it. In certain limited cases permitted by law, we may use it without seeking your consent again: (1) when the use is directly related to the original purpose, (2) when it is clearly in your interest, or (3) to protect our services and prevent/detect fraud. We do not use this information for marketing purposes under the guise of "compatible purposes" [LP4.1]. Similarly, we may disclose your personal information without your consent in the event of an emergency that threatens life, health, or safety, to prevent an act of violence, to our service providers, and for the purpose of completing a business transaction.
Before providing us with personal information about another person, you must obtain that person's consent to the collection, use, and disclosure of that personal information in accordance with this Policy.
4.2 Personal Information Concerning a Minor
Personal information concerning a minor under the age of 14 will not be collected from them without the consent of the holder of parental authority or guardian.

5. Limits on Our Collection, Use, and Disclosure of Your Personal Information
5.1 Collection
We limit the collection, use, and disclosure of your personal information to only those purposes we have indicated above or that are permitted by law. If you submit personal information on one of our platforms for publication, we will publish and use this information in accordance with the permissions you grant us.
5.2 Use
We use your personal information only to provide you with the requested services.
We may also use your collected personal information for the following purposes [LP5.1]:

• To respond to your requests for information.
 For example, when you request specific information about the services of LES MARCHES TAU, your personal information may be used to identify you and contact you to provide a personalized response to your request.
• To improve our service offerings.
Your personal information may be analyzed to understand your trends and preferences, thereby enabling the improvement of the services offered by LES MARCHES TAU.
 For example, if user segments express difficulty using certain site features, the personal information collected could be used to simplify the interface.
• To provide any other complementary services;
• If TAU MARKETS launches a new service that complements existing services, your personal information may be used to inform you about this new service and facilitate your access to it.
• For example, when you create an account on one of our platforms, we may use your email address to send you a message describing the benefits of a new service.
• To comply with legal requirements;
• In cases where a law or regulation requires the disclosure of personal information, such as requests from public health authorities, TAU MARKETS may be required to provide your information.
• To monitor the quality of customer service and prevent errors and fraud.
• Your personal information may be used to verify your identity during interactions with customer service to ensure the legitimacy of your actions and prevent any attempt at fraud.
• To send you surveys and communications.
• We may use your personal information to send you surveys and communications. 5.3 Disclosure of Personal Information
We may disclose your personal information to any of our employees, professional advisors, suppliers, or subcontractors to the extent reasonably necessary for the use of the services offered to you and for the purposes set out in this Policy.

Your personal information will not be disclosed to third parties except as provided in this Privacy Policy, unless required or permitted by law, or as ordered by a competent court.
5.4 International Data Transfers
The information we collect may be stored and transferred to all regions where LES MARCHES TAU or its subcontractors provide services, in order to allow us to use the information in accordance with this Policy.
The information we collect may be transferred to the following regions: all Canadian provinces, the United States of America, and certain countries of the European Union. [LP6.1] In such cases, security measures are in place, and we ensure that all our databases containing personal information are encrypted or anonymized: it is therefore unlikely that these foreign companies will be able to access our databases.
When your personal information is located outside of Quebec, it is subject to the laws of the jurisdiction where it is located, and the courts, law enforcement agencies, and national security agencies of that jurisdiction may access it. In all cases, these laws must offer at least equal or greater protection than Quebec law.
By submitting your personal information to us, you expressly consent to its disclosure outside of Quebec, as described in this section.
The personal information you publish on one of our platforms or submit for publication may be available worldwide via the internet. We cannot prevent the use, whether appropriate or inappropriate, of this information by third parties.

6. Accuracy of Your Personal Information
We take reasonable steps to ensure that your personal information is accurate and complete for the purposes for which it was collected.

7. Retention of Your Personal Information
We retain your personal and confidential information, directly or through subcontractors, only for as long as necessary for the purposes for which it was collected and to comply with applicable legal and regulatory requirements.
We require our subcontractors to adhere to confidentiality agreements and implement policies equivalent to this one. 

8 -Security Measures
8.1 Protection of Your Personal Information
We have implemented several physical, technological, and administrative security measures with respect to the personal information and confidential data we hold in order to protect it against unauthorized access, use, or disclosure, as well as loss or any other breach of its protection.
8.2 Access Management
Only those whose duties require it have access to personal or confidential information. Data access is logged and monitored.
8.3 Training and Awareness
Our employees and partners are trained and made aware of the importance of protecting your personal information.
8.4 Privacy Impact Assessment
LES MARCHES TAU conducts a Privacy Impact Assessment (PIA) for any project involving the acquisition, development, and redesign of an information system or the electronic delivery of services that involves the collection, use, disclosure, storage, or destruction of personal information. This assessment documents the serious and legitimate interest in using personal information.
When transfers are made outside Quebec, the impact of such a transfer will also be assessed.
8.5 Management of Incidents Involving Personal Information
If LES MARCHES TAU has reason to believe that a confidentiality incident involving personal information has occurred and that this incident presents a risk of serious harm, LES MARCHES TAU will promptly inform the Commission d’accès à l’information (Access to Information Commission) and any person whose personal information is affected by the incident. It may also notify any person or organization that could mitigate this risk, providing them only with the personal information necessary for this purpose, without the consent of the individual concerned. In all cases, a log will document the incident for reference purposes.
8.6 Destruction
LES MARCHES TAU ensures physical and technological security for the personal information it holds to prevent accidental destruction, loss, disclosure, and inappropriate destruction.
We retain your personal information only as long as necessary for the purposes for which it was collected. We must destroy or anonymize this information in accordance with the law and our retention schedule. When we destroy or anonymize your personal information, we take the necessary steps to ensure its confidentiality and ensure that no unauthorized person can access it during the destruction or anonymization process.

9. Cookies
We also use cookies and related technologies to collect personal information. This information allows us to analyze traffic and interactions on our platforms to improve the user experience and provide a personalized experience.

10. Your Rights Regarding Your Personal Information
Under certain circumstances and subject to applicable laws, you may, upon written request accompanied by proof of identity, access the personal information we have collected, used, or disclosed, and/or request that it be corrected, and/or withdraw your consent to its use or disclosure.
If required or permitted by law, you may have additional rights, including: (i) the right to control the dissemination of your personal information; (ii) the right to receive the computerized personal information collected from you in a structured, commonly used, and technologically advanced format and to have it transferred directly to another organization; (iii) the right to be informed and to submit comments regarding automated decision-making; and (iv) the right to request information about the processing of personal information.
Finally, you also have the right to file a complaint with a competent data protection authority, particularly in the region where you usually reside, where we are based, or where an alleged violation of the law on the protection of personal information has occurred, such as the Commission d'accès à l'information du Québec (Quebec Access to Information Commission). [AM7.1][LP7.2] To exercise any of these rights, please contact us as indicated in the section below entitled “Requests, Complaints and Questions”.

11 Requests, Complaints, and Questions

11.1 Commitment

We are committed to responding to your questions and concerns regarding this Policy and the protection of your personal information.

11.2 Contact Information
Any request or complaint concerning this Policy or the protection of personal information should be sent to the Privacy Officer at the address below:
Privacy Officer
LES MARCHÉS TAU
3216 St-Martin Blvd. West
Laval, Quebec H7T 1A1
Email: vieprivee@marchestau.com

12- Effective Date of the Policy

This Policy comes into effect on [May 7, 2026]. It supersedes all previous versions.

13 Changes to the Policy
LES MARCHÉS TAU reserves the right to modify this Policy at any time. Any changes will be published on the LES MARCHÉS TAU website. Subject to applicable laws, we will notify you of any changes to this Policy. Your continued use of MARCHÉS TAU (LES) services following the posting of changes to the Policy constitutes acceptance of those changes.