About us

The Digital Circle is your point of reference to help you find your way around the management and protection of personal information(PII)

The creation of the Digital Circle

Founded in Montreal in 2022, the Digital Circle is a group of experts who help organizations comply with the new provisions of Bill 25. This law requires organizations to be more transparent and accountable when it comes to protecting personal information.

This new reference point in the digital environment also allows Quebec businesses to implement strategies adapted to their needs to minimize the risks inherent in the management of personal information under their responsibility.

Cybercrime is a growing phenomenon that spares no organization.

Every cyber attack has the potential to severely impact a company’s operations. With Bill 25, these risks will increase considerably since, in the event of non-compliance, a company will also be exposed to severe administrative and penal sanctions, significant reputational damage in addition to being open to damage claims

In the event of a cyber attack, your organization could be exposed to highly-significant risk

Legal action

Customers, partners, shareholders or employees

Disruption of operations

Decreased production and undetermined delays

Compromise of sensitive data

Personal data, confidential data, trade secrets, intellectual property, etc.

Crisis unit

Specialized resources, emergency costs, computer network restoration, data recovery, etc.

Administrative or criminal fines for non-compliance

In case of non-compliance, Bill 25 imoposes severe fines

Damage to the organization's reputation

Loss of confidence from customers, shareholders and partners, public criticism


In order to minimize these important risks, cyber-security has become an essential challenge for organizations, since it provides them with a set of means to ensure confidentiality, integrity and accessibility of the data they depend on.


Bill 25

Act 64 (An Act to modernize legislative provisions respecting the protection of personal information), adopted in September 2021 as Bill 25, requires Quebec public or private organizations to ensure the protection of the personal information they hold or face some of the most severe administrative and penal sanctions in Canada.

Your organization must comply with the provisions of Bill 25

The Digital Circle gives you access to the professional resources you need to comply with Bill 25, which requires all organizations in Quebec to protect personal information.


SEPT 22, 2022

  • Obligation to report incidents of confidentiality
  • Incident response plan
  • Designate your Privacy Officer

SEPT 22, 2023

  • Adopt privacy governance rules
  • Adopt process for handling user complaints/requests
  • Publish its privacy policies and procedures on the company’s website;
  • Privacy Impact Assessment (PIA) for certain personal information processing;
  • Application of consent for collection of personal information
  • Application of the new destruction and anonymization obligations
  • Prior protection obligations regarding the sending of personal information outside Quebec
  • Administrative and criminal penalties

SEPT 22, 2024

  • Right to data portability

Legal services and
compliance with Act 64

Reputation management and crisis communication

Information Technology

Cyberinvestigations and penetration tests

Personal data management

Fraud prevention and
cybersecurity training