Privacy Policy

We recognize the trust you place in us when you share your personal information.  At Hawkings Epp Dumont LLP (HED), we are committed to maintaining the accuracy, confidentiality, and security of your personal information.

This Privacy Policy applies to the personal information of our current, former, and prospective clients.  In addition to this policy, we have also adopted an "Employee Privacy Policy".  If you are unsure of which policy applies to you, please contact our Privacy Officer for more information.

Privacy Policy

It is HED's policy to comply with the privacy legislation of Alberta.

This Privacy Policy has a limited scope and application.  Consequently, the rights and obligations contained in this Privacy Policy may not be available to all individuals or in all jurisdictions.  If you are unsure if or how this Privacy Policy applies to you, please contact our Privacy Officer for more information.

What Is Personal Information?

For the purpose of the Privacy Policy, personal information is any information about an identifiable individual, other than the person's business title or business contact information when used or disclosed for the purpose of business communications (for example, an individual's business card).

What Personal Information Do We Collect?

We collect and maintain different types of personal information in respect of our current, former and prospective clients.  The nature and extent of the personal information collected will depend on the nature of the service that we provide to you.   For example, where you have retained us to:

  • prepare your tax returns, we may collect the personal information required to complete such returns, including your social insurance number, date of birth, age, gender, martial status, source and amounts of income, deductions and taxes paid and payable, and information concerning your dependents, pensions, RRSP's, charitable contributions and medical deductions;
  • provide audit, review, notice to reader, bookkeeping, or consulting services we may collect the personal information required to perform such services, including the information contained in your accounting records, financial statements and transaction records, payroll and employee withholdings records, and corporate, partnership or similar records; and
  • provide estate planning, corporate restructuring or valuation services we may collect their personal information required to perform such services, including the personal information contained in your personal tax returns, corporate tax returns, accounting records, financial statements, transactions records, insurance records, wills, codicils and other testamentary documents and corporate, partnership or similar records.

In order to establish and mange your client relationship with us we may collect your:

  • contact information, such as your name, address, business or home telephone numbers
  • billing information, such as methods and preferences for billing and payment
  • business or other relationship information, such as information related to your agreements, preferences, advisors and decision-makers, and
  • feedback and any other information that you may voluntarily disclose to us.

Generally, we prefer to obtain your information directly from you; however, we may also collect your information from other sources if you have consented to have them provide the information to us.

From time to time, we may utilize the services of third parties.  As such, we may receive your personal information collected by those third parties.  Where this is the case, we will take reasonable steps to ensure that such third parties have represented to us that they have the right to disclose your personal information.

Why Do We Collect Personal Information?

We collect your personal information so that we can manage and further develop our business relationship with you.  As well, we want to provide you with the services that you have requested (for example, personal or corporate tax preparation, audit, review, notice to reader, bookkeeping or budgeting services, estate or tax planning, transactional and corporate restructuring advice, valuations or other consulting services).  In addition, we may collect personal information:

  • to be able to review the services that we provide so that we may understand your requirements and be able to work to improve our services;
  • to be able to advise you of our services or to provided information that we believe may be of interest to you (for example, we may send you our newsletters from time to time);
  • to be able to comply with your requests (for example, if you prefer to be contacted at a business or residential telephone number);
  • to allow us to communicate with you;
  • to protect against error, fraud, theft and damage to your goods and property that are in our possession (for example, your financial records); and
  • to comply with applicable legal or regulatory processes.

How Do We Use and Disclose Your Personal Information?

We may use or disclose your personal information for the purpose described in the Privacy Policy.  We may also use or disclose your information for any additional purposes for which we have obtained your consent.  Further, your personal information may be used and disclosed:

  • to comply with valid legal processes such as search warrants, subpoenas or court orders;
  • during emergency situations to protect the safety of a person or group, or to protect the rights and property of HED;
  • where the personal information is publicly available; or
  • with our employees, contractors, consultants and other parties who require such information to assist us with managing our relationship with you (for example, income tax lawyers).

We will not disclose your information to third parties to enable them to market their products or services to you without your consent.

In addition, personal information may be disclosed or transferred, under your consent, to another party during the course of a change in ownership of all or a part of HED (for example, sale of selected client files: merger with another chartered accounting firm; or joint venture arrangement with another chartered accounting firm).  This disclosure or transfer will only be done with a party that is bound by appropriate agreements and is required to use or disclose your personal information in a manner consistent with this Privacy Policy.

Your Consent Is Important To Us

Generally, your knowledge and consent are required for the collections, use and disclosure of your personal information.  Depending on the sensitivity of the personal information, your consent may be:

  • implied – consent that can reasonably be inferred from your action or inaction;
  • deemed (using an opt-out mechanism) – implied consent to collect, use, retain, and disclose personal information unless the individual explicitly denies permission.  For example, when you retain us to provide services, we will assume your consent to the collection, use and disclosure of your personal information for purposes related to the provision of such services; or
  • express – consent that is given orally, electronically or in writing.

Typically, we will seek your consent at the time that we collect your personal information (for example, through an engagement letter).  In certain circumstances, your consent may be obtained after collection but prior to our use or disclosure of your personal information.  If we plan to use or disclose your personal information for a purpose not previously identified (either in this Privacy Policy or separately), we will advise you of that purpose before such use or disclosure.

We assume, unless you advise us otherwise, that you have consented to the collection, use and disclosure of your personal information as explained in this Privacy Policy.

You may change or withdraw your consent at any time, subject to legal or contractual obligations and reasonable notice, by contacting our Privacy Officer using the contact information set out below.  All communications with respect to such withdrawal or variation of consent should be in writing and addressed to our Privacy Officer.  Withdrawal of consent may, however, affect our ability to continue to provide services to you.

We may collect, use or disclose your personal information without your knowledge or consent where we are permitted or required to do so by applicable law or regulatory requirements.

How Is My Personal Information Protected?

We endeavor to maintain physical, technical, and procedural safeguards that are appropriate to the sensitivity of the personal information in question.  These are designed to protect against loss and unauthorized access, copying, use, modification or disclosure.  HED follows these processes:

Hard copy client data (for example, paper records; computer media; etc. are received and stored within our offices in a way that protects them from unauthorized scrutiny.  While staff are accessing your data, personal information will be examined.  When not being accessed, your data will be stored in a discreet manner.  Client data is returned to the client at the completion of the engagement.

Client data received over the phone is stored within our voice mail systems until the intended staff member retrieves the information.  The data may contain personal information.  Staff members have their own unique voice mail number.  Once the voice mail message is received, it is deleted from the memory system.

Client data received via e-mail is stored on our server computers (see comments below) as well as on our stand-alone desktop and notebook computers.  This data may contain personal information.  All staff have their own e-mail address.  Messages are retrieved either directly from the e-mail or alternatively the message is printed and filed in the client's file.  These e-mail messages, once retrieved, are eventually deleted from the stand-alone desktop and notebook computers.

Our staff will access our working paper files.  When not being used they will be stored in a discreet manner within our paper filing system.  Certain files may be locked within the paper filing system to prevent unauthorized access.

Our computers files (for example, program files and client data files) are stored within our server computer system.  This system is password protected.  As well, our servers are physically segregated from the staff work area within their own room.  This server room is secured and access is limited to selected individuals.  Daily tape backups are performed on the server computers.  Tapes are stored in secure on-site storage compartments plus off-site.  Tape backups are password protected.

Our computer files (for example, program files and client data files) will also be stored on portable notebook and/or stand-alone desktop computers.  These computers are password protected.  Staff members have their own password.  Passwords are updated periodically.  Client data files will only be stored on these stand-alone computers while our staff are working on your file.  This is the typical situation when our staff work on location at the client's premises using our notebook computers.  Our staff are very careful to control these notebook computers while they are away from the office.  For example, the computers are not left in staff vehicles over night.  On overnight trips away from our offices, the computers will stay with the staff personal to whom they have been assigned (for example, in a hotel room).  Client data files previously stored on either desktop computers or notebook computers will be transferred to the server computer.  This will be done at the end of the day, in the case of desktop computers, or when the staff person returns to the office, in the case of notebook computers.  Once the transfer of client data is complete, the files are deleted from the desktop and/or notebook computers.

Notebook computers are stored in secure rooms when not in use (for example, overnight when staff are away from work).

HED consults with contract external network administrators who give us advice on security issues, in addition to their role as providers of expert services on an as needed basis.

Our offices (Edmonton, Lloydminster and Whitecourt) have security systems (for example, motion detectors; monitoring agencies).  All staff have their own unique passwords.  Each office has several access doors.  The public access "main entrance" doors are open during office hours (generally 8:30 AM to 5:00 PM).  These doors will be closed if the reception desk in each office is not occupied (for example, during lunch break).  Service and staff access doors are always locked, requiring combinations codes to gain access.

What If My Personal Information Changes?

We endeavor to ensure that the personal information retained by us remains accurate, complete and relevant for the purposes identified.  If your personal information changes please let us know so that we may update our records.  When requesting a change to your personal information, we may request specific information from you to enable us to confirm your identity and right to update or change the personal information that we hold.  In some circumstances, we may not agree with your request to change your personal information and will instead endeavor to append an alternative text to the record in question.

Can I Access My Personal Information?

You may ask to review your personal information held by us.  If you want to review your personal information, please contact our Privacy Officer.  Please note that any such communication must be in writing.

When requesting access to your personal information, we may request specific information from you to enable us to confirm your identity and right to access, as well as to search for and provide you with the personal information that we hold about you.  We may charge you a fee to access your personal information; however, we will advise you of any fee in advance.  If you require assistance in preparing your request, please contact our Privacy Officer. 

Your right to access the personal information that we hold about you is not absolute.  There are instances where applicable law or regulatory requirements allow or require us to refuse to provide some or all of the personal information that we hold about you.  In addition, the personal information may have been destroyed, erased or made anonymous in accordance with our record retention obligations and practices.

In the event that we cannot provide you with access to your personal information, we will endeavor to inform you of the reasons why, subject to any legal or regulatory restrictions.

Our Privacy Officer – Dianne Unrau, CPA, CA

We have designated a Privacy Officer to oversee our compliance with our privacy policies.  Should you have any questions about this policy, including any complaints, our Privacy Officer may be reached at:

Mail:     10476 Mayfield Road
            Edmonton, Alberta
            T5P 4P4
            Attention:  Dianne Unrau, CPA, CA

Email:   dunrau@hawkings.com

Phone: (780) 489-9606

Fax:     (780) 489-9689

Monitoring and Enforcement

We endeavor to monitor compliance with our privacy policies and procedures on a regular basis.  Should you have a concern, please contact our Privacy Officer.  If you are dissatisfied with our response, you may be entitled to make a written submission to the Alberta Privacy Commissioner:

Office of the Information and Privacy Commissioner
Suite 500
640 – 5th Avenue SW
Calgary, AB
T2P 3G4

Revisions and Interpretation

We may make changes to this Privacy Policy to reflect changes in our legal or regulatory obligations or in the manner in which we deal with your personal information.  We will post any revised version of this Privacy Policy on our website (www.hawkings.com) and we will encourage your to refer back to it on regular basis.  This Privacy Policy was last updated on August 18, 2005.

Any interpretation associated with this Privacy Policy will be made by our Privacy Officer.  This Privacy Policy includes examples but is not intended to be restricted in its application to such examples, therefore where the word "including" is used, it shall mean "including without limitation".  This Privacy Policy does not create or confer upon any individual or HED any rights or obligations outside of, or in addition to, any rights or obligations conferred or imposed by Canada's federal and provincial privacy laws, as applicable.

 

Hawkings Epp Dumont LLP