Privacy Policy

Last update: February 2026

At Breakfast Club of Canada, we take the protection of personal information very seriously.

This Policy explains how we collect, use, disclose, store and protect your personal information when you browse our website and interact with us. It also details how you can exercise your privacy rights.

What is personal information?

Personal information means any information that may directly or indirectly identify you.

Why do we collect personal information?

In the course of our activities, we may collect personal information when you

  • make a donation
  • take part in a fundraising campaign or one of our events
  • subscribe to our newsletter
  • browse our website
  • apply for a job
  • conclude a transaction on one of our platforms

What personal information do we collect and why?

The Club collects the following personal information:

What do we collect? Why?
Identification information
First name
Last name
Contact		 To keep you informed about our relevant activities.
To communicate with you about events, activities and surveys.
Donation information
Billing address
Bank account information
Payment information
Contribution history 		To process donations.
To issue tax receipts.
To establish a donation history.
To confirm the possibility of renewing donations.
With your consent, to contact you about Club activities and opportunities for additional donations.
To acknowledge your donation.
To comply with local, provincial and federal regulatory reporting requirements.
Information about your application
CV
Cover letter
Application form
Education, work experience
Employment status
Information discussed during a reference-checking telephone conversation, e.g. about your work performance 		To evaluate your application and contact you as part of the process.
Usage information
IP address
Information about your browser
Visit duration
Viewed pages 		To follow a user’s browsing through the various sections of a website.
You can manage your cookie preferences using the banner that appears on the site or by clicking on “Cookies Policy” at the bottom of the web page.
We use personal information only for the purposes described above. Before using it for any other purpose, and unless authorized by law, we will ask for your permission.

How do we obtain your consent?

You can express your consent by a concrete gesture (checking a box, for example). Sometimes, we may infer your consent from your behaviour. For example, if you choose to provide us with your personal information after having read this Policy, we will assume that you agree that we can use and disclose it in the manner described in this Policy.

In other circumstances, for example, if we wish to use your personal information for purposes that would exceed your reasonable expectations, we will seek your express consent.

To whom do we share your personal information?

We may share information about you to the following categories of third parties:

Category What they do for us
Payment service provider They process financial transactions for donations and donors.
IT service provider They manage the Club’s computer systems and technological infrastructures, and securely house the information of the persons concerned.
Communication service provider They manage communications with donors, for example, by sending newsletters or information emails.
Tax and government institutions They collect tax information needed for donors’ tax returns, grant special tax status, etc.
Fundraising partners They cooperate with the Club to organize fundraising campaigns.
Marketing service provider They help promote the Club and attract new donors.

Where do we keep your personal information?

We usually keep your personal information in Canada. However, some of our service providers use servers located elsewhere, including in the United States. As a result, your personal information may be stored or processed outside of Quebec or your province of residence in the following situations:

  • Cloud and hosting services: Some of our internal systems (e.g., web hosting, backups, CRM) are provided by companies whose servers may be located outside Canada.
  • Donation processing and online transactions: Our payment processors or donation platforms may process financial information in other jurisdictions.
  • Sending communications (newsletters, campaigns, confirmations): Email distribution or marketing automation providers located outside Canada may process your contact information.
  • Specialized technical support: In certain cases, an international service provider may access data when performing diagnostics or maintenance services.

In such cases, your personal information is also subject to the laws of that province or other location. Before we disclose your personal information, we take appropriate measures to protect it. We also sign a contract that includes appropriate security measures for the information communicated.

When we transfer your personal information outside Quebec or Canada, we:

  1. Conduct a Privacy Impact Assessment (PIA), as required by law;
  2. Ensure that the service provider implements appropriate security measures;
  3. Enter into a contract governing the protection and confidentiality of your data;
  4. Limit access to personal information to what is strictly necessary.

How long do we keep your personal information?

We retain your personal information for as long as necessary to fulfill the purposes described in this Policy. Even if you no longer have a relationship with us, we may need to keep your personal information for a period of time to meet our retention obligations. While we retain it, we continue to protect your personal information and ensure its confidentiality.

When we no longer need the information, we destroy it permanently and securely.

How do we protect your personal information?

Personal information in our possession is protected by various physical, technological and organizational measures against unauthorized access, loss, theft, disclosure or modification. Your personal information will be protected by reasonable security safeguards appropriate to the sensitivity of the information in our files.

We are committed to taking appropriate precautions to protect your personal information from loss, fraud or unwanted use.

We restrict access to your personal information. Only those employees who need to process your personal information to perform their duties have access to it. These people only have access to the information they need to perform their duties.

We have established roles and responsibilities for our employees throughout the life cycle of your personal information, from collection to destruction. These roles and responsibilities are described in our Privacy Governance Framework. We regularly review and update them.

We implement robust security measures. We have put in place several types of measures to protect your personal information against loss, theft and unauthorized access, use or disclosure. These include

  • physical measures, such as locked premises;
  • technological measures, such as firewalls and payment card industry security standards;
  • organizational measures, such as the adoption of an information security policy.

We destroy your personal information once we have fulfilled our obligations. For more information, see How long do we keep your personal information?

What rights do you have regarding your personal information?

Withdraw your consent

You may ask to withdraw your consent to the use, disclosure and retention of your personal information.

How this request is handled depends on the situation and the purpose for which it is made. Depending on the case

  • you will be able to withdraw your consent, but we will no longer be able to offer you a service that depends on it
  • you cannot withdraw your consent because the processing of your personal information is necessary or mandatory (for example, we need to retain certain financial information for tax purposes).

In all cases, we may be required to keep certain personal information to comply with our legal obligations.

Accessing and correcting your personal information

You may request access to and copies of the personal information we hold about you.

We have developed procedures to ensure that the personal information in our possession is accurate and current for the purposes for which it was originally collected. However, when your personal information in our possession needs to be updated, we rely on you to inform us.

If any of your personal information is inaccurate, incomplete or ambiguous, or if its collection, communication or retention is not authorized by law, you may request that it be corrected.

To exercise your rights, please write to our Privacy Officer at privacy@breakfastclubcanada.org who will respond within 30 days.

We may verify your identity. We also reserve the right to charge a reasonable fee to cover the cost of providing the requested information, but will let you know of the approximate cost in advance

When does this Policy not apply?

Our website may contain links to third-party websites over which we have no control. When you leave our website, you are subject to the provisions of that third party’s privacy policy.

How can you contact us?

If you have any questions, comments or complaints about this Policy, please contact our Privacy Officer:

Privacy Officer
Breakfast Club of Canada
135-G De Mortagne Blvd
Boucherville, Quebec J4B 6G4
privacy@breakfastclubcanada.org

Will we update this Policy?

From time to time, we may need to update this Policy. If we make material changes, we will let you know by posting a prominent notice of the update on our website and by any other means likely to reach you. If this Policy changes, the updated version, as posted online, will apply to you.