The Firm is accountable for all personal information in its possession or control. This includes any personal information that the Firm received directly from clients who are individuals, or indirectly, through clients that are organizations (e.g., corporations, government entities, not-for-profit organizations).
The Firm has:
If you have any questions about the Firm’s privacy policies and practices, the Firm’s Privacy Officer can be reached by email at email@example.com, by phone at (902) 493-5442 and by letter at Norma Melancon, Office Administrator/HR, 100 Venture Run, Suite 200, Burnside, NS B3B 0H9.
The Firm collects personal information from clients and uses and discloses such information, only to provide the professional services that the client has requested. The types of information that may be collected for this engagement, and the purposes for which it is collected, are set out in under Principles 3 and 4 of this privacy statement.
The Firm may use personal information provided by a client to assist in determining whether additional professional services may be of benefit to that client.
From time to time, a client may be required to obtain the consent of a third party to provide personal information to the Firm in connection with the provision of professional services. The Firm’s engagement letter for that matter will set out the client’s responsibility to obtain any consent required under applicable privacy legislation, for collection, use and disclosure to the Firm of personal information. By signing the engagement letter, the Client is formally acknowledging this responsibility.
Such personal information could include:
With respect to audit services, the partners and staff involved in any particular engagement may need to obtain access to some or all of the types of personal information that are noted under principle 3 above, to obtain evidence to support the Firm’s opinion on the company’s financial statements. Such personal information will be a significant component of various transactions and events affecting the financial statements that will be subjected to confirmation, testing, analyses and such other procedures as the Firm considers necessary to perform an audit in accordance with generally accepted auditing standards.
Principle #5: The Firm uses or discloses personal information only for purposes for which it has consent, or as required by law. The Firm retains personal information only as long as necessary to fulfill those purposes.
As required by professional standards, rules of professional conduct and regulation, the Firm documents the work it performs in records, commonly called working paper files. Such files may include personal information obtained from a client.
Working paper files and other files containing, for example, copies of personal tax returns are retained for the time period required by law.
The personal information collected from a client during the course of a professional service engagement may be:
Individual clients are encouraged to contact the Firm’s engagement partner in charge of providing service to them to update their personal information.
Physical security (e.g., restricted access, locked rooms and filing cabinets) is maintained over personal information stored in hard copy form. Partners and employees are authorized to access personal information based on client assignment and quality control responsibilities.
Authentication is used to prevent unauthorized access to personal information stored electronically. Encryption is used to prevent unauthorized access to personal information received or sent over the Internet.
For files and other materials containing personal information entrusted to a third party service provider (e.g., a provider of paper based or electronic file storage), the Firm obtains appropriate assurance to affirm that the level of protection of personal information by the third party is equivalent to that of the Firm.
Individual clients of the Firm have the right to contact the engagement partner in charge of providing service to them and obtain access to their personal information. Similarly, authorized officers or employees of organizations that are clients of the Firm have the right to contact the engagement partner in charge of providing service to them and obtain access to personal information provided by that client. In certain situations, however, the Firm may not be able to give clients access to all their personal information. The Firm will explain the reasons why access may be denied and any recourse the client may have, except where prohibited by law.
The Firm has policies and procedures to receive, investigate, and respond to clients’ complaints and questions relating to privacy.