Privacy Policy
This Privacy Policy explains how 9543-0179 Québec inc. (“the Company”), operator of the platform known as Veoflo (“the Platform” or “the Service”), collects, uses, protects, and shares personal information in accordance with Québec Law 25 and applicable privacy laws.
By using the Veoflo platform, you agree to this Privacy Policy.
1. Identity of the Data Controller
Legal entity: 9543-0179 Québec inc.
Platform name: Veoflo (used only to identify the service)
General contact email: support@veoflo.com
Privacy Officer: [Name] – privacy@veoflo.com
2. Information We Collect
2.1 User Account Information
- First and last name
- Email address
- Phone number
- Profile photo (optional)
- Roles, permissions, and team assignments
- Hashed password + security tokens
2.2 CRM & Operational Data
- Contacts, clients, prospects, and related information
- Notes, tasks, projects, pipelines, statuses
- Form submissions
- Support tickets
- Documents and contracts (via BoldSign)
2.3 Ticketing Data
- Buyer names and contact information
- Ticket types and quantities purchased
- QR code scans and validation logs
- Purchase and access history
2.4 Technical Data
- IP address, browser, operating system
- Activity logs
- Sessions, MFA tokens
- Calendar sync data (Google / Outlook)
2.5 Financial Data
- Amounts paid, taxes, receipts
- Stripe or Square transaction IDs
- Accounting sync data with QuickBooks
We never store full credit card numbers.
3. Purposes of Data Collection
9543-0179 Québec inc. uses personal information to:
- provide CRM and ticketing features;
- manage user accounts, roles, and teams;
- process payments;
- send confirmations, tickets, and transactional messages;
- integrate Google/Outlook calendars;
- ensure security, prevent fraud and unauthorized access;
- comply with legal and tax obligations.
4. Sharing of Personal Information
4.1 With Event Organizers
When you purchase a ticket, certain information is shared with the Organizer:
- first and last name;
- email address;
- phone number (if provided);
- ticket types and quantities;
- information required for event access.
4.2 With Technology Providers
- Stripe / Square – secure payments
- Twilio – SMS
- Google Calendar / Outlook Calendar
- QuickBooks – accounting synchronization
- BoldSign – e-signatures
- Google Analytics / Meta Pixel (if enabled by an Organizer)
4.3 Legal Compliance
We may disclose information if required by law or necessary to protect rights and users.
5. Security Measures
- HTTPS/TLS encryption
- Bcrypt/Argon2 password hashing
- Multi-factor authentication
- Multi-tenant database isolation
- Audit logs retained for 7 years
- Secure backups
- Anomaly detection
- Granular role-based access control (RBAC)
6. Data Retention
- Active accounts: data retained as long as the account remains active
- Inactive accounts: 3 to 7 years depending on legal requirements
- Audit logs: 2555 days (7 years)
- Payment records: 7 years (tax law)
7. User Rights (Law 25)
- Right of access
- Right to rectification
- Right to portability
- Right to deletion (within legal constraints)
- Right to withdraw consent (if applicable)
- Right to be notified in the event of a breach
Contact: privacy@veoflo.com
8. Cookies
We use:
- session cookies;
- security cookies;
- analytics cookies (if enabled by an Organizer).
9. Privacy Incidents
- Initial assessment: within 24 hours
- Notice to affected individuals: as soon as possible
- Regulator notification: within 72 hours if high risk
- Full incident documentation
10. International Transfers
Some providers (Google, Microsoft, Twilio, Stripe, Square) may process data outside Québec. We ensure they implement contractual safeguards and industry-standard protections.
11. Policy Updates
9543-0179 Québec inc. may update this Policy at any time. Significant changes will be communicated before they take effect.
12. Contact Us
9543-0179 Québec inc. – operator of the Veoflo platform
Email: support@veoflo.com
Privacy Officer: privacy@veoflo.com