Confidentiality policy

Purpose of the policy

TRIASIMA is committed to protecting the confidential information of its clients, employees, and long-term consultants and to ensuring the confidentiality of personal information provided to TRIASIMA in the course of its activities.

In Canada, the federal law adopted in 2004, the Personal Information Protection and Electronic Documents Act (Canada) ("PIPEDA"), applies to any organization that collects, uses, or discloses personal information in the course of its activities. The provinces of Quebec, Alberta, and British Columbia have adopted their own specific privacy legislation. PIPEDA and the legislation of the three provincial laws apply to TRIASIMA in its relationships with its clients, employees, and long-term consultants.

In the United States, TRIASIMA is subject to Regulation S-P and the Federal Trade Commission Privacy of Consumer Financial Information, which require companies to adopt privacy policies and procedures and to provide consumers and clients who are natural persons with various notices concerning the measures the adviser will take to protect their non-public information. TRIASIMA is also required to comply with the privacy laws and regulations of each state in which it has clients.

Our records may contain both personal and confidential information that do not fall under the definition of personal information. In all circumstances, TRIASIMA will protect the confidentiality of any information with which it is entrusted with.  

This privacy policy (the "Policy") sets out our standards for collecting, using, disposing of, and storing the personal information of our clients, employees, and long-term consultants. This Policy also explains how we safeguard the personal information and the right of access to this information by our clients and employees. The related procedures specify these implementation modalities.

Collection and verification of information

For clients:

To serve its clients, TRIASIMA will collect the necessary personal information directly from them or from other sources such as credit agencies, financial institutions, public sources, among others, at the time of account opening or during the business relationship.

The purpose of collecting and verifying information is to:

(i) ensure that clients are protected by helping them determine their investment objectives, risk tolerance, and investment suitability, and

(ii) comply with legal and regulatory obligations to which TRIASIMA is subject, including verifying potential insider or control relationships, preventing money laundering, and meeting tax reporting requirements.

For employees and long-term consultants:

Personal information collected will be used for the employment/services contract between TRIASIMA and the employee or its consultants and for the application of the personal trading policy and procedures provided for in the Code of Ethics.

Limiting Use, disclosure, retention

Personal information collected from a client is retained as long as the client holds an account with TRIASIMA and for a certain period after the account is terminated, as provided by law or regulation. At the end of this period, personal information is securely and irreversibly destroyed, so that it is no longer possible to identify the natural person to whom the information relates.

Personal information collected from an employee or long-term consultant will be retained as long as that person works for TRIASIMA and for a period following the end of employment or contract as provided by law or regulations.

As a portfolio manager, TRIASIMA may, in certain cases, be required to make certain personal information of its clients, employees, or long-term consultants available to certain companies, agencies, and governmental, regulatory, and self-regulatory organizations. These entities are required to ensure the confidentiality of personal information provided by TRIASIMA. The communication of personal information must be done with the consent of the person concerned unless the law requires or permits it.

Accountability

The Privacy Officer ensures that TRIASIMA complies with and implements the principles and procedures set forth in this Policy and its related documents. He also ensures that the Policy remains compliant with laws and regulations.

All TRIASIMA employees and long-term consultants are bound by the Policy and established procedures of TRIASIMA to ensure that its clients’ personal information remains confidential.

Accuracy

TRIASIMA is committed to maintaining accurate records of its clients' personal information. From time to time, TRIASIMA will request updates to account and client documentation to ensure that personal information is complete and accurate.

Clients may at any time contact TRIASIMA to request the rectification of personal information they know to be incomplete or inaccurate.

Safeguarding client information

TRIASIMA has implemented and continues to maintain rigorous protective measures to ensure that personal information remains confidential and is protected against loss, theft, and unauthorized access or disclosure.

Protection methods include limited access to premises, technological measures such as off-site backups and archiving.

Request for access to information

Clients, employees, and long-term consultants have the right to request to see the information held about them and how TRIASIMA has used it, who it came from and to whom it may have been disclosed.

Questions regarding TRIASIMA's privacy policy and ensuring the confidentiality of personal information, as appropriate, collected from clients, employees, and long-term consultants can be directed to the following address:

by mail:

by email: 

Complaints and concerns

Any complaint regarding the privacy policy should be sent to the address indicated above.

TRIASIMA takes reasonable means to process the complaint or request for information within 30 days from its receipt.

Cross-border transfer of personal information

Canada

In order to provide its services, TRIASIMA may transfer personal information to individuals or entities, such as service providers (financial service intermediaries, securities custodians, data centers), persons authorized by the client, or provincial, federal, or national authorities, located in Québec or outside Québec.

TRIASIMA takes reasonable measures to ensure that the recipients of this information adopt privacy and security measures equivalent to those required by Canadian law.

TRIASIMA's service providers are carefully selected. TRIASIMA does not authorize them to use the information provided for purposes other than those for which TRIASIMA communicates them. Furthermore, TRIASIMA contractually ensures that its suppliers have protection and security measures at least equivalent to those required by Canadian law.

TRIASIMA maintains a list of service providers who may store certain information in data centers located outside of Québec. A copy of the current privacy policy within these entities can be provided upon the client's request.

TRIASIMA's privacy policy is included in the disclosure of relationships document, which is provided to all clients from whom it collects personal information.

Privacy breach

TRIASIMA has established procedures to protect the personal information entrusted to it and to prevent privacy breaches.

Any privacy breach must be reported promptly to the Privacy Officer. After consulting with the UDP and TRIASIMA's legal advisors, they will determine the appropriate course of action, which may also include the following security breach notices (as applicable):

• a report to the Privacy Commissioner of Canada or the relevant provincial authority (for Canadian clients);
• a report to the competent state regulatory authority and/or its attorney general (for US clients);
• a notice to affected individuals;
• a notice to other organizations.

U.S. requirements

In accordance with US regulations as discussed above, the Compliance Department will be responsible for ensuring that TRIASIMA distributes a privacy notice to each US client who is an individual, both initially and annually. This privacy notice must be provided with the ADV form. The Compliance Officer is also responsible for maintaining a record on the privacy policy, which must contain documentation demonstrating that the privacy notice has been distributed to US clients initially and annually.

Compliance

The Privacy Officer oversees the implementation of this Policy.

He ensures that the Policy and related procedures are periodically reviewed to ensure their compliance and effectiveness. In addition, the Privacy Officer will send a reminder of the policy and its related procedures to all employees and long-term consultants at least once a year or following any change, to ensure they have adequate knowledge.