Apostrophe Accounting recognize that our clients are the heart of our business. Our commitment to our clients, partners, sub-contractors and others is to continuously respect and protect the privacy and confidentiality of personal and business information that is entrusted to us in the course of rendering services. As a member of the Certified Professional Accountants Ontario (CPA), we are governed by the Code of Professional Conduct of the CPA. These rules have governed our practice in the past, and will continue to guarantee the privacy and confidentiality of your personal information.
We will inform our clients of why and how we collect, use and disclose their personal information, obtain their consent where required, and only handle their personal information in a manner that a reasonable person would consider appropriate in the circumstances. Our firm shall make readily available to our clients and sub-contractors information about the policies and practices relating to the management of their information.
Scope of this Policy
This Personal Information Protection Policy applies to Apostrophe Accounting and its sub-contractors. This policy also applies to any service providers collecting, using or disclosing personal information on behalf of Apostrophe Accounting.
Personal Information –means information about an identifiable individual [E.g. name, birth date, home address and phone number, social insurance number, income, financial information]. Personal information does not include contact information (described below).
Business Information –means information about an identifiable business [E.g. business name, corporation number, business number, business income, financial information]. Business information is covered in this policy but not by PIPEDA.
Contact information – means information that would enable an individual to be contacted at a place of business and includes name, position name or title, business telephone number, business address, business email or business fax number. Contact information is not covered by this policy or PIPEDA.
Privacy Officer – means the individual designated responsible for ensuring that Apostrophe Accounting complies with this policy and PIPEDA.
Policy 1) Accountability
1.1 Apostrophe Accounting is accountable for personal information under its control that we receive from, for example, individual clients, partners and sub-contractors, as well as individuals’ personal information that we may receive indirectly, for example, through corporate and government clients.
1.2 Apostrophe Accounting is also responsible for personal information under our control that is disclosed to third parties for processing or other administrative functions.
Policy 2) Collecting Personal Information & Identifying Purposes
2.1 Unless the purposes for collecting personal information are palpable and the client voluntarily provides his or her personal information for those purposes, we will communicate the purposes for which personal information is being collected, either orally or in writing, before or at the time of collection.
2.2 Your personal information may be disclosed internally and with other affiliated companies in order to allow us to offer services or products that may be of interest to you. Personal information may also be shared internally for the purpose of determining compliance with applicable professional standards, our internal policies, or in the performance of quality reviews.
2.3 We collect and use personal and business client information that is necessary to fulfill the following purposes
Policy 3) Consent
3.1 We will obtain client consent to collect, use or disclose personal information (except where, as noted below, we are authorized to do so without consent). By providing us with your personal information for the purposes listed, you have implied consent to our collection and use of the information for those purposes.
3.2 Consent can be provided orally or in writing or it can be implied where the purpose for collecting using or disclosing the personal information would be considered obvious and the client voluntarily provides personal information for that purpose.
3.3 With respect to personal information that you provide for preparation of specific forms and for your taxation and other returns, you consent to our transmitting such personal information to the appropriate governmental regulatory authorities.
3.4 Clients have the right to withhold or withdraw their consent for Apostrophe Accounting to use their personal information. A client’s decision to withhold or withdraw their consent to certain uses of personal information may prohibit or adversely affect our ability to provide services or complete our professional engagement. If so, we will explain the situation to assist the client in making the decision Policy
4) Limiting Collection
4.1 We will limit the collection of personal information to that which is necessary for the purpose(s) which we will identify prior to or at the time of collection. All information will be collected by fair and lawful means.
Policy 5) Limiting Use and Disclosure of Personal Information
5.1 We will only use or disclose client personal and business information where necessary to fulfill the purposes identified at the time of collection
5.2 We will not use or disclose client personal and business information for any additional purpose unless we obtain consent to do so.
5.3 We will not sell client lists or personal information to other parties.
5.4 We may use or disclose personal or business information without consent in the following limited circumstances:
5.5 In the course of rendering our services, you may disclose to us personal information that you have collected regarding your sub-contractors, customers and other parties. We assure and commit to you that this information will be kept private and confidential and will not be released to any third party, other than as may be required by law, unless we first obtain consent.
Policy 6) Retaining Personal Information
6.1 We will retain client personal and business information for at least one year so that the client has a reasonable opportunity to request access to it.
6.2 Subject to policy 6.1, we will retain client personal information only as long as necessary to fulfill the identified purposes or a legal or business purpose.
Policy 7) Ensuring Accuracy of Personal Information
7.1 We will make reasonable efforts to ensure that client personal information is accurate, complete and up-todate as necessary to fulfill the purpose(s) for which it is to be used.
7.2 Clients may request correction to their personal information in order to ensure its accuracy and completeness. A request to correct personal information must be made in writing and provide sufficient detail to identify the personal information and the correction being sought.
Policy 8) Securing Personal Information
8.2 The following security measures will be followed to ensure that client personal information is appropriately protected:
8.3 We will use appropriate security measures when destroying client’s personal information such as shredding documents and deleting electronically stored information.
8.4 We will continually review and update our security policies and controls as technology changes to ensure ongoing personal information security.
Policy 9) Providing Clients Access to Personal Information
9.1 Clients have a right to access their personal information, subject to limited exceptions.
9.2 A request to access personal information or correct information as necessary must be made in writing and provide sufficient detail to identify the personal information being sought.
9.3 Upon request, we will also tell clients how we use their personal information and to whom it has been disclosed if applicable.
9.4 We will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfill the request.
9.5 A minimal fee may be charged for providing access to personal information. Where a fee may apply, we will inform the client of the cost and request further direction from the client on whether or not we should proceed with the request.
9.6 If a request is refused in full or in part, we will notify the client in writing, providing the reasons for refusal and the recourse available to the client.
9.7 We are committed to maintaining accurate information, and urge you to notify us promptly of any changes in your personal information.
Policy 10) Questions and Concerns: The Role of the Privacy Officer or Designated Individual
10.1 The Privacy Officer or designated individual is responsible for ensuring Apostrophe Accounting’ compliance with this policy and the Personal Information Protection Act.
10.2 Clients should direct any complaints, concerns or questions regarding Apostrophe Accounting’ compliance in writing to the designated individual. The designated individual will respond to questions relating to privacy and attempt to resolve all complaints. If necessary a complete investigation of your complaint will been undertaken and the findings will be reported to you in most cases within 30 days. If the designated individual is unable to resolve the concern, individuals may contact the Information and Privacy Commissioner of Ontario.
Protecting your privacy is as important to us as it is to you. If you have any questions or concerns about your privacy and our role protecting it, please contact the Apostrophe Accounting designated individual at firstname.lastname@example.org or at (289) 335-0399.