Quebec's Law 25

What is Law 25?

Law 25, effective September 22, 2021, imposes new obligations on private and public organizations to protect personal information.

Kimoby is fully compliant with the requirements of Bill 25. Below is more information on these requirements.

How does Kimoby comply with Law 25?

Here is a list of the responsibilities and obligations that Kimoby must adhere to:

  • Designate a person responsible for the protection of personal information.

    Data Protection Officer: Ismaël Meskin.
    You can contact the person responsible at to the attention of Kimoby Legal.
  • Establish policies and practices encompassing the governance of personal information and publish detailed information about them in simple and clear terms on the company's website or, if it does not have a site, by any other appropriate means.

    This is present in our privacy policy:

  • Respect the right to cease publication, reindexation, or deindexation (or the right to be forgotten).

    Please note that we do not publish any personal information directly on the web, and as so we are not obliged to accept the right to be forgotten, but we do have a point in our privacy policy.
    Point #12:

  • Incident response plan and staff directive.

    We have a robust procedure in place in the event of incidents or information breaches.

We are also certified by the Canadian government for "Baseline Cyber Security Controls for Small and Medium Organizations".