Privacy policy of Saint Joseph’s Oratory of Mount Royal and its applications
1. Preamble
The Corporation of Saint Joseph’s Oratory of Mount Royal, hereinafter referred to as “the Oratory”, is committed to protecting personal information collected in the course of its activities, in accordance with Bill 64, An Act to modernize legislative provisions respecting the protection of personal information, R.L.R.Q., 2021, c 25, hereinafter referred to as “the Act”.
The management of personal information is of the utmost importance to the Oratory. Personal information is defined as “any information relating to a natural person that enables that person to be identified, directly or indirectly.
Information may be collected directly using one or more of the following methods:
The Oratory undertakes to implement all means at its disposal to ensure the security, protection and confidentiality of personal information in its possession, for as long as it is held.
2. Collection of personal information
2.1 What information do we collect?
The Oratory collects personal identification, technical, numerical and financial information. The information collected may include: first and last names, home address, e-mail address, home or cell phone number, as well as data required for transactions such as bank card number, credit card number, account or folio number, and so on.
2.2 Special cases at the Oratoire
The Oratory may, in certain circumstances, be in possession of information relating to an individual’s health, for example, during an exchange between an individual and a member of the Oratory’s staff to request a prayer intention or to have a mass sung for a third party.
This information is not collected on a systematic basis. It is, however, subject to this policy and enjoys the same protection as identification, technical, digital and financial information.
2.3 How do we collect information?
Information may be collected directly using one or more of the following methods:
- By using a form on the Oratory’s website to offer a prayer intention, register for an activity or newsletter, or inquire about a service;
- By making a purchase on the Online Boutique (including lighting a lantern);
- By accepting the use of cookies on the Oratory’s website;
- By sending an e-mail to the Oratory or a member of its staff;
- By making a phone call or initiating a discussion with a current Oratory employee;
- Participating in masses, concerts, conferences or any other event filmed and webcast.
2.4 Online information collection (cookies)
The Oratory has established a Consent Policy for the conditions of use of cookies, which we invite you to consult.
The Oratory has established a Consent Policy for the conditions of use of cookies, which we invite you to consult.
Official partners may collect information solely within the scope of their mandates with the Oratory when Internet users browse one of the Oratory’s official websites. These partners include, but are not limited to:
| Likuid, | Google Business | Lightspeed |
| Rouge on Blue, | Stripe | Logilys |
| Google Console | Rapidenet | IQWARE, |
| Google Ads, | Order Cup, | Surveymonkey |
| Google Analytics, | Postes Canada |
Information may be transmitted when activating hyperlinks leading to websites external to those of the Oratory or when accessing social networks on which the Oratory produces and shares content, in particular: Facebook, Instagram, social network X, LinkedIn and Youtube.
The Oratory does not exercise exclusive control over its third-party suppliers. You can find out more about their practices by consulting their specific privacy policies. The Oratory is not responsible for the personal information practices and policies of these third-party suppliers.
3. Use of personal information
Personal information may be collected for the following non-exclusive purposes:
- To offer spiritual accompaniment services (e.g.: celebration of mass, transmission of prayer intentions) to anyone interested in the Oratory’s mission and activities;
- Inform and communicate with the public (e.g., newsletter);
- Promote and publicize activities;
- Draw up a statistical portrait of individuals or their interactions with the Oratory;
- Enable a user to register for an activity, complete a transaction for commercial purposes on the online store, make a philanthropic donation or reserve a hotel service.
4. Disclosure of personal information
L’Oratoire s’engage à utiliser l’information confidentielle et les renseignements personnels collectés uniquement pour la réalisation de ses activités religieuses, culturelles ou marchandes (ex. : achat d’objets religieux, réservation de salle, etc.) dans le but d’atteindre ses objectifs.
L’Oratoire ne partage pas l’information ou les renseignements personnels avec un individu, un groupe ou une personne morale.
5. Protection of files and information
5.1 Who has access to information?
Anyone employed by the Oratory whose duties and functions require access to documents containing personal information, in particular: the Rector and Vice-Rectors, the Pastoral and Liturgy Office, the Welcome and Pilgrimage Office, the Communications Office, Philanthropic Development, the Administrative and Personnel Services Department, the Material Resources Department, the Museum, the Commercial Services Department and the Archives.
5.2 Security measures
Personal information (analog or electronic) is accessible only to employees designated by the Oratory as part of their duties.
Employees who have access to personal information sign a confidentiality agreement that binds them to respect the policies, procedures and regulations in effect at the Oratory.
A register is in place to record the personal information of each Oratory department. The register indicates the type of information collected, where it is kept, the personnel authorized to access it, the security measures in place and the improvements made to secure the information.
Paper files, computerized files, video recordings and audio recordings are kept in secure premises specific to each department. Only information required for the smooth running of the department’s activities is kept in these premises. These premises are locked, and access to the keys is controlled by Material Resources. An employee can only receive an access key at the request of the department concerned. Employee offices are equipped with doors, and cupboards and filing cabinets are locked.
5.3 Our computer security measures
The Oratory uses software equipped with computer mechanisms that restrict access to employees of a department who are officially authorized to access it. Information can only be consulted by logging in to a password-protected session. All workstations are equipped with a password unique to the employee.
Lastly, in accordance with the Act, the Oratory carries out a Privacy Impact Assessment (PIA) before introducing a change to its electronic data collection system.
6. Destruction
When confidential information is collected as part of a one-time activity (e.g., prayer requests, mass purchases, etc.), it is immediately destroyed once the service has been performed.
Depending on the purpose for which they are collected, documents containing confidential information are kept for a set period of time to meet administrative, legal or financial requirements. The retention period is determined by the Oratory’s document and archive retention schedule.
At the end of the period allotted for their administrative, legal or financial use, the documents are transferred to the Oratory’s archives. Where appropriate, they may be kept for a specific period of time before being destroyed in accordance with the procedures in force at the Oratory’s archives, or sent for permanent preservation. Destruction is carried out under the supervision of the archivist.
7. Consultation and transmission of information
7.1 Rights of Oratory customers
In accordance with the Act respecting the protection of personal information in the private sector (P.39-1, §2, a.18), any person concerned has the right to request access to personal information that the Oratory holds about him or her, to have his or her personal information rectified or updated, and to file a complaint with the person responsible for access to and protection of personal information. A copy of this personal information will be transmitted to the extent that the information it contains does not affect the rights and freedoms of others.
A period of thirty (30) days is allowed for processing an access request. A reasonable fee may be charged for the transmission, reproduction or forwarding of a document. Requests should be addressed to the person responsible for access to information and protection of personal information:
