Privacy Policy
All of the listed entities and trademarks below are subject to the terms of the OnPoint Professional Services LLP Privacy Policy and will be referred to collectively as “OnPoint CPA”.
OnPoint CPA
OnPoint Chartered Professional Accountants
OnPoint CPA collects, uses, and discloses personal information in the possession, or under the control, of its clients to the extent required to fulfill its professional responsibilities and operate its business. OnPoint CPA is committed to maintaining the privacy of personal information provided by its clients and protecting all personal information in its possession or control. This Privacy Policy sets out the principles and procedures that OnPoint CPA follows in meeting its privacy commitments to its clients and complying with the requirements of federal and provincial privacy legislation.
OnPoint CPA is accountable for personal information in its possession or control.
OnPoint CPA is accountable for all personal information in its possession or control. This includes any personal information that OnPoint CPA received directly from clients who are individuals, or indirectly, through clients that are organizations (e.g., corporations, government entities, not-for-profit organizations).
OnPoint CPA has:
established and put into effect policies and procedures aimed at properly protecting personal information;
educated its partners and team members regarding its privacy policy and their role and responsibilities in keeping personal information private;
and appointed its Chief Privacy Officer (CPO) to oversee privacy issues at OnPoint CPA.
If you have any questions about OnPoint CPA’s privacy policies and practices, OnPoint CPA’s Chief Privacy Officer can be reached by email at info@onpointcpa.ca, by phone at (604)-751-5778.
OnPoint CPA identifies the purposes for which it collects personal information from clients before it is collected.
OnPoint CPA collects personal information from clients and uses and discloses such information, only to provide the professional services that the client has requested. The types of information that may be collected for this engagement, and the purposes for which it is collected, are set out below.
OnPoint CPA obtains a client’s consent before collecting personal information from that client.
The engagement letter sets out your responsibility to obtain any consent required under applicable privacy legislation, for collection, use and disclosure to us of personal information. By signing the engagement letter, you are formally acknowledging this responsibility.
Such personal information could include:
home addresses
home telephone numbers
personal identification numbers (e.g., social insurance numbers, credit card numbers)
financial information (credit ratings, payroll information, personal indebtedness)
personnel information (e.g., employment history, references to criminal records)
information linked to the type of client, for example: information in medical records (with respect to organizations such as hospitals or medical practices)information related to race, religion, sexual preference, receipt of welfare or subsidized housing (with respect to various types of not-for-profit and government entities)
vendor information (with respect to transactions, contacts and mutual efforts)
financial activity information
OnPoint CPA collects only that personal information required to perform its professional services and operate its business, and such information is collected by fair and lawful means.
The partners and team members involved in this engagement need access to some or all types of personal information, noted above, to fulfill their engagements with clients.
OnPoint CPA uses or discloses personal information only for purposes for which it has consent, or as required by law. OnPoint CPA retains personal information only as long as deemed necessary to fulfill those purposes.
As required by professional standards, rules of professional conduct and regulation, OnPoint CPA documents the work it performs in records, commonly called working paper files. Such files may include personal information obtained from a client.
Working paper files and other files containing, for example, copies of personal tax returns are retained for the time period required by law and regulation, or to the extent such information may be valuable at a future date.
The personal information collected from a client during the course of a professional service engagement may be:
shared with OnPoint CPA’s personnel participating in such engagement;
disclosed to partners and team members within OnPoint CPA to the extent required to assess compliance with applicable professional standards and rules of professional conduct, and OnPoint CPA’s policies, including providing quality control reviews of work performed;
provided to members of the organization’s board of directors, and others in the company that might not otherwise have access to the information, in the course of communicating aspects of the results of our work; and;
provided to external professional practice inspectors (e.g., representatives of a provincial institute of chartered professional accountants), who by law, professional regulation, or contract have the right of access to OnPoint CPA’s files for inspection purposes.
OnPoint CPA regularly and systematically destroys, erases, or makes anonymous personal information no longer required to fulfill the identified collection purposes, and no longer required by laws and regulations.
OnPoint CPA endeavors to keep accurate, complete, and up-to-date, personal information in its possession or control, to the extent required to meet the purposes for which it was collected.
Individual clients are encouraged to contact OnPoint CPA’s engagement partner in charge of providing service to them to update their personal information.
OnPoint CPA protects the privacy of personal information in its possession or control by using security safeguards appropriate to the sensitivity of the information.
Partners and team members are authorized to access personal information based on client assignment and quality control responsibilities.
Authentication is used to prevent unauthorized access to personal information stored electronically. Encryption is used to prevent unauthorized access to personal information received or sent over the Internet.
For files and other materials containing personal information entrusted to a third-party service provider, OnPoint CPA obtains appropriate assurance to affirm that the level of protection of personal information by the third party is equivalent to that of OnPoint CPA.
OnPoint CPA is open about the procedures it uses to manage personal information.
Up-to-date information on OnPoint CPA’s privacy policy can be obtained from OnPoint CPA’s Chief Privacy Officer.
OnPoint CPA responds on a timely basis to requests from clients about their personal information which OnPoint CPA possesses or controls.
Individual clients of OnPoint CPA have the right to contact the engagement partner in charge of providing service to them and obtain access to their personal information. Similarly, authorized officers or team members of organizations that are clients of OnPoint CPA have the right to contact the engagement partner in charge of providing service to them and obtain access to personal information provided by that client. In certain situations, however, OnPoint CPA may not be able to give clients access to all their personal information. OnPoint CPA will explain the reasons why access must be denied and any recourse the client may have, except where prohibited by law.
Clients may challenge OnPoint CPA’s compliance with its Privacy Policy.
OnPoint CPA has policies and procedures to receive, investigate, and respond to clients’ complaints and questions relating to privacy. To challenge OnPoint CPA’s compliance with its Privacy Policy, clients are asked to provide an email message or letter to OnPoint CPA ’s Chief Privacy Officer who will ensure that a complete investigation of a client complaint is undertaken and will report the results of this investigation to the client, in most cases, within 30 days.