Principle 1 — Accountability
Grow CPA LLP is responsible for the personal information under our control and shall designate one or more persons who are accountable for Grow CPA LLP’s compliance with the following principles.
Principle 2 — Identifying Purposes for Collection of Personal Information
Grow CPA LLP shall identify the purposes for which personal information is collected at or before
the time the information is collected.
Principle 3 — Obtaining Consent for Collection, Use or Disclosure of Personal Information
The knowledge and consent of a client or employee are required for the collection, use or disclosure of personal information, except where inappropriate.
Principle 4 — Limiting Collection of Personal Information
Grow CPA LLP shall limit the collection of personal information to that which is necessary for the purposes identified by Grow CPA LLP. Grow CPA LLP shall collect personal information
by fair and lawful means.
Principle 5 — Limiting Use, Disclosure and Retention of Personal Information
Grow CPA LLP shall not use or disclose personal information for purposes other than those for which it was collected, except with the consent of the individual or as required by law.
Principle 6 — Accuracy of Personal Information
Personal information shall be as accurate, complete and up to date as is necessary for the purposes for which it is to be used.
Principle 7 — Security Safeguards
Grow CPA LLP shall protect personal information by security safeguards appropriate to the sensitivity of the information.
Principle 8 — Openness Concerning Policies and Procedures
Grow CPA LLP shall make readily available to clients and employees specific information about policies and procedures relating to the management of personal information.
Principle 9 — Client and Employee Access to Personal Information
Grow CPA LLP shall inform a client or employee of the existence, use and disclosure of his or her personal information upon request and shall give the individual access to that information. A client or employee shall be able to challenge the accuracy and completeness of the information and have it amended, as appropriate.
Principle 10 — Challenging Compliance
Scope and Application
of the following information by Grow CPA LLP:
an employee’s name, title or business address or telephone number
information that Grow CPA LLP collects, uses or discloses for journalistic, artistic or literary purposes and does not collect, use or disclose for any other purpose
other information about the individual that is publicly available and is specified by regulation pursuant to PIPEDA.
of PIPEDA, the regulations enacted thereunder, and any other applicable legislation or regulation.
collection: The act of gathering, acquiring, recording or obtaining personal information from any source, including third parties, by any means.
consent: Voluntary agreement for the collection, use and disclosure of personal information for defined purposes. Consent can be either express or implied and can be provided directly by the individual or by an authorized representative. Express consent can be given orally, electronically or in writing, but is always unequivocal and does not require any inference on the part of Grow CPA LLP. Implied consent is consent that can reasonably be inferred from an individual’s action or inaction.
client: An individual who purchases or otherwise acquires or uses any of Grow CPA LLP’s products
or services or otherwise provides personal information to Grow CPA LLP in the course of Grow CPA LLP’s commercial activities.
disclosure: Making personal information available to a third party.
employee: An employee of or independent contractor to Grow CPA LLP.
personal information: Information about an identifiable individual.
third party: An individual or organization outside of Grow CPA LLP.
use: The treatment, handling and management of personal information by and within Grow CPA LLP or by a third party with the knowledge and approval of Grow CPA LLP.
Please visit the Privacy Commissioner of Canada’s website at www.priv.gc.ca.