Teed Saunders Doyle respects the privacy of our clients and our team members. Therefore, this document sets forth the policy of Teed Saunders Doyle on the collection, use and disclosure of personal information. In order to comply with federal and provincial legislation Teed Saunders Doyle has developed policies and procedures to maintain the security, confidentiality and privacy of personal information.
This policy will apply to information related to the following individuals:
• All Teed Saunders Doyle team members (salary, hourly) and Partners
• Contract and Agency personnel
• Client personnel
• Vendor personnel
“Teed Saunders Doyle”
This refers to Teed Saunders Doyle & Co, Chartered Professional Accountants, and is sometimes referred to in this policy as “the firm”.
This refers to information about an identifiable individual, but does not include the name, job title or business address and business telephone number of an individual. Anything that might appear on a business card, or can be found through publicly available information such as the telephone book would not be considered personal information.
This refers to voluntary agreement to the collection, use and disclosure of personal information for specified purposes. Consent may be either express or implied. Express consent can be given orally or in writing, is unequivocal, and does not require any inference on the part of Teed Saunders Doyle. Implied consent arises where consent can reasonably be inferred from the action or inaction of the individual.
This includes all persons who are employed by Teed Saunders Doyle, contractors, partners, clients and client organization personnel, and vendors and vendor organization personnel.
At Teed Saunders Doyle an important part of our commitment to our clients, team members, suppliers, and contractors, is the provision of high quality service and respect for their right to privacy. Keeping personal information secure and in strict confidence for our clients, team members, suppliers, and contractors is a priority of the firm.
Teed Saunders Doyle has designated a Privacy Officer who oversees privacy issues at the firm. Ultimate accountability for Teed Saunders Doyle’s compliance rests with the firm’s partners who delegate day-to-day accountability to the Privacy Officer.
Teed Saunders Doyle will identify the purposes for which personal information is collected at or before the time the information is collected. Unless additional purposes are identified to an individual, Teed Saunders Doyle will collect personal information for the following purposes:
- To manage and develop Teed Saunders Doyle’s business and operations, including personnel and employment matters;
- To provide professional services to our clients; and
- To meet legal and regulatory requirements.
Teed Saunders Doyle assumes responsibility to obtain any consent required under applicable privacy legislation, for collection, use and disclosure of personal information.
Consent may be given either verbally, by written communication, or through implied consent. An individual may withdraw consent at any time, subject to legal or contractual restrictions, provided that reasonable notice of withdrawal of consent is given to Teed Saunders Doyle. On receipt of notice of withdrawal of consent, Teed Saunders Doyle will inform the individual of the likely consequences of the withdrawal of consent, which may include the inability of Teed Saunders Doyle to provide certain services for which that information is necessary.
4. Limits on Collection of Personal Information
Teed Saunders Doyle collects only that personal information required to perform its professional services and operate its business, and such information is collected by fair and lawful means.
5. Limits on Using, Disclosing and Retaining Personal Information
Teed Saunders Doyle uses or discloses personal information only for purposes for which it has consent, or as required by law. The firm retains personal information only as long as reasonably necessary to fulfill those purposes.
As required by professional standards, rules of professional conduct and regulation, the firm documents the work it performs in records, commonly called working paper files. Such files may include personal information obtained from a client.
Working paper files and other files containing, for example, copies of personal tax returns are retained for the time period required by law and regulation.
The personal information collected from a client during the course of a professional service engagement may be:
- Shared with the firm’s personnel participating in such engagement;
- Disclosed to partners and employees within the firm to the extent required to assess compliance with applicable professional standards and rules of professional conduct, and the firm’s policies, including providing quality control reviews of work performed;
- Provided to members of the organization’s audit committee and board of directors, and others in the company that might not otherwise have access to the information, in the course of communicating aspects of the results of our audit; and
- Provided to external professional practice inspectors (e.g. CPA NB), who by law, professional regulation, or contract have the right of access to the firm’s files for inspection purposes.
The firm will retain working papers and other files which may contain personal information for as long as necessary to fulfill the intended purposes and to comply with applicable laws and regulations.
The firm endeavours to keep accurate, complete, and up-to-date, personal information in its possession or control, to the extent required to meet the purposes for which it was collected.
Individual clients are encouraged to contact the firm to update their personal information.
Employees and contractors should inform the firm of any updates to their personal information.
7. Safeguarding Personal Information
The firm protects the privacy of personal information in its possession or control by using security safeguards appropriate to the sensitivity of the information.
Physical security (e.g. restricted access, locked rooms and filing cabinets) is maintained over personal information stored in hard copy form. Partners and employees are authorized to access personal information based on client assignment and quality control responsibilities.
Authentication is used to prevent unauthorized access to personal information stored electronically.
If any information is entrusted to a third party service provider, the firm obtains appropriate assurance to affirm that the level of protection of personal information is at least equivalent to that of the firm.
Confidentiality and security are not assured when information is transmitted through e-mail or other wireless communication. Teed Saunders Doyle will not be responsible for any loss or damage suffered as a result of a breach of security and/or confidentiality when information is transmitted to Teed Saunders Doyle by e-mail or other wireless communication or when Teed Saunders Doyle transmits information by such means at the request of an individual.
9. Individual Access to Personal Information
The firm responds on a timely basis to requests from individuals about their personal information that the firm possesses or controls.
Upon written request and authentication of identity, Teed Saunders Doyle will provide individuals with personal information under its control, information about the ways in which that information is being used, and a description of the individuals and organizations to whom that information has been disclosed.
Teed Saunders Doyle may charge a reasonable fee for providing information in response to a privacy access request and will provide a written estimate of any such fee upon receiving an access to information request.
Teed Saunders Doyle will make the information available within 30 days of the written request.
Individual clients of the firm have the right to contact the engagement partner in charge of providing service to them and obtain access to their personal information. For example, client information such as copies of financial statements and tax returns will be provided upon request and authentication of identity.
Similarly, authorized officers or employees of organizations that are clients of the firm have the right to contact the engagement partner in charge of providing service to them and obtain access to personal information provided by that client.
A Teed Saunders Doyle employee or contractor may obtain information or seek access to his or her personnel file by contacting the Teed Saunders Doyle Privacy Officer.
Any inquiries, complaints or questions regarding this Policy should be directed in writing to our Privacy Officer by email at firstname.lastname@example.org or by phone at (506) 458-8727 or by letter to:
Teed Saunders Doyle & Co
Chartered Professional Accountants
Attention: Privacy Officer
565 Priestman Street
Fredericton, NB E3B 5X8