Privacy Policy

TACT CPA Professional Corporation Privacy Policy

This Privacy Policy was last modified on and is effective as of February 12, 2026.

Thank you for trusting us with your information. This Privacy Policy explains how, and why, TACT CPA Professional Corporation (“TACT CPA”) handles your personal information.

You agree to this Privacy Policy when you:

  • apply for or use any TACT CPA product or service offered in Canada
  • use our Canadian website and mobile app and
  • otherwise interact with us

This Privacy Policy will apply:

  • when you ask to begin a relationship with us
  • during the course of our relationship and
  • for a period of time after the end of our relationship

This Privacy Policy also governs personal information collected about TACT CPA’s website users and explains how we use and disclose personal information that we collect from users who visit our website and otherwise interact with us through www.tactcpa.ca (“website”). It also explains how we use cookies and similar technologies.

Changes to this Privacy Policy

TACT CPA Professional Corporation (“TACT CPA”) reserves the right to change this Privacy Policy (“Policy”) from time to time. We recommend that you review this Policy located on our website regularly so that you are aware of any changes. Your continued use of our website following the posting of any changes to this Policy constitutes your acceptance of these changes. The date on which this Policy was last modified appears at the top. You should review this Policy in conjunction with the Legal terms and conditions that govern your use of our website.

Personal information

The federal Personal Information Protection and Electronic Documents Act (“PIPEDA”), being the privacy law applicable to the private sector in Ontario, applies to the collection, use and disclosure of personal information in the course of commercial activities. In this Policy, “personal information” refers to information about an identifiable individual. It may also include other types of more technical information when you interact with us through our website, when this information can identify you as an individual. Personal information that is aggregated and cannot be associated with an identifiable individual is not considered to be personal information. This Policy explains the reasons why we collect your personal information, as well as how we handle that information.

Business contact information (e.g., business title, business email, business phone number) is not considered personal information under PIPEDA.

Purpose of this Policy

This Policy describes the personal information management practices of TACT CPA relating to its clients, prospects and other individual public and corporate stakeholders, and contacts, as applicable. The following is an outline of the 10 underlying principles in the federal Personal Information Protection and Electronic Documents Act (“PIPEDA”).

1. Accountability

TACT CPA is accountable for all personal information in its possession or control. This includes any personal information that we received directly from clients who are individuals or, indirectly, through corporate and government clients. Including when you use our website www.tactcpa.ca TACT CPA has established and put into effect policies and practices aimed at properly protecting personal information; has educated its employees regarding its privacy policy and their roles and responsibilities in keeping personal information private; and appointed a Privacy Officer to oversee privacy issues at TACT CPA. If you have any questions about TACT CPA’s privacy policies and practices, contact the Privacy Officer by email at info@tactcpa.ca

2. Identifying Purposes

TACT CPA collects most of our information about you directly from you, with your consent.

We collect personal information solely for purposes related to:

  • Accounting and bookkeeping services
  • Tax compliance and reporting
  • Compilation engagements (Notice to Reader)
  • Consulting and advisory services
  • Regulatory, legal, and tax obligations

Clients are informed of these purposes through engagement letters and/or client intake forms. The terms and conditions of every professional services engagement are documented in an Engagement Letter. These terms and conditions include a discussion about how we may collect, use and disclose client personal information. By signing the Engagement Letter, the client is providing their consent to the collection, use and disclosure of personal information described in the terms and conditions.

WHY WE COLLECT YOUR PERSONAL INFORMATION

Information We Collect From You

The information we may collect includes:

Contact information such as your:

  • full legal name
  • phone number
  • address
  • email address

Background information such as your:

  • date of birth
  • financial information
  • banking (payment) information
  • Social Insurance Number (SIN)
  •  Identification documents (Government-issued photo ID (passport, DL, PR card))
  • occupation and employer
  • in some cases, information about your spouse, family or household members and dependants

Information to help confirm your identity such as your:

  • mobile phone number
  • answers to security questions
  • device identifiers
  • device usage behaviour (such as keystroke patterns), IP address, third party verification or background details, and images

Information From Other Sources

We may collect information about you from sources outside of TACT CPA. These sources include:

  • public records, such as bankruptcy or criminal records
  • fraud prevention agencies and investigators and other organizations to detect or prevent fraud
  • background check databases and other registries we use to check the information you give us

For details on the type of information that we collect via our website and on how we use and share this information, please refer to the Website section of this Privacy Policy.

HOW WE USE YOUR PERSONAL INFORMATION

We use your information to help us deliver and manage our products and services, including when we:

  • verify your identity
  • communicate with you
  • comply with regulatory reporting obligations
  • prevent and detect fraud
  • provide the services

We use your information for the purpose of serving you and to administer our business, and we may use technology to analyze your information, including to:

  • verify your identity
  • evaluate and process your service requests, transactions and reports
  • provide you with ongoing service and information on the products and services you hold with us
  • train staff and confirm our discussions with you
  • develop and improve our services or identify new services that may be of interest and appropriate for you
  • understand your needs and give you personalized service
  • identify trends in how our products and services are used
  • help manage and assess our risks, operations and relationship with you
  • help us collect a debt or enforce an obligation you owe us

We may pool your information with other information for research and to create statistical reports. These reports will not identify you.

We use your information to communicate with you. We use it to improve and get feedback on our products and services and communications with you.

Legal compliance and security. We must use your information to comply with laws, regulations, and industry rules. We must also use it to prevent and investigate crime.

Complying with sanctions and financial crime laws. We must use your information to comply with:

  • financial crime laws
  • sanction laws
  • anti-money laundering laws

We must also use your information to check whether you are a politically exposed person (as defined by law). We may also use public information to see if you are a politically exposed person. For example, commercial databases, or credit reports.

Preventing fraud and other crimes. We use your information to prevent, detect or suppress:

  • criminal activity
  • fraud
  • security risks

We also use your information to:

  • assist us with any internal or external investigation into potentially illegal, fraudulent, or suspicious activity
  • manage, defend or settle any actual or potential loss
  • protect our assets and interests

In order to do these things, we may share your information with any person or organization, including any:

  • fraud prevention agency
  • regulatory or government body
  • the operator of any database or registry used to check information provided against existing information.

Other regulatory compliance. We will use your information to comply with all laws and regulations. We will also use it to comply with the rules, demands, and guidance from regulators. This includes self-regulatory organizations.

SERVICE PROVIDERS

We use service providers for many reasons. For example, they help us serve and communicate with you. They support our business operations, help us develop products, and make service enhancements. They help us to market our products and services. They help us to comply with the law. Service providers may only access and use your information to provide the services under their agreement with us.

Our service providers include those who support us with:

Technology, such as:

  • website hosting
  • data storage and analysis
  • e-signature tools
  • security and software
  • mobile apps
  • our internal systems
  • telephone and electronic communications
  • online advertising

Legal and Financial Compliance, such as:

  • accounting
  • tax filings
  • debt collection
  • legal claims
  • investigations

Risk Management, such as:

  • anti-fraud
  • identity authentication services

3. Consent

TACT CPA obtains express or implied consent before collecting, using, or disclosing personal information. You may withdraw consent at any time, subject to legal or contractual restrictions. Consent may be collected via digital intake forms, emails, or signed physical documents. We retain records of consent as part of our compliance program. We will not collect, use or disclose personal information without consent. Such personal information could include:

  • home and business addresses;
  • home and business telephone numbers;
  • personal identification numbers (e.g., social insurance number, credit card numbers);
  • financial information (e.g., credit ratings, payroll information, personal indebtedness);
  • personnel information; and
  • other personal information.

In general, by requesting TACT CPA products and services and/or submitting information to us in connection with using TACT CPA products and services, you are providing your consent to the collection, use and disclosure of personal information as set out in this Privacy Policy and in the TACT CPA contractual documents. Moreover, by visiting, interacting with and/or using our websites, you agree to benefit from, be bound by the terms and conditions of this Privacy Policy.

4. Limiting Collection

TACT CPA collects only that personal information required to perform its professional services and operate its business. Such information is collected by fair and lawful means.

5. Limited Use, Disclosure and Retention

Personal information is used only for the purposes for which it was collected. We may disclose your information to third parties to help us deliver the products and services you request and to manage our business and risks. We do not sell or rent client information. TACT CPA uses or discloses personal information only for purposes for which it has consent or as required by law. We will disclose your information to third parties to manage our legal and regulatory obligations, where the law requires us to do so. Personal information will be retained only as long as necessary for the fulfilment of the purposes for which it was collected and for which consent was received or to satisfy legal requirements. We may retain your information after the end of your relationship with us. For example, when we need your information:

  • for legal or regulatory purposes
  • to respond to issues that may arise at a later date
  • to support fraud prevention organizations and other risk assessments

As required by professional standards, rules of professional conduct and regulations, TACT CPA documents the work it performs. These documents are commonly called working paper files. Such files may include personal information obtained from a client. Working paper files and other files containing, for example, copies of personal or corporate tax returns, are retained for the time period required by law and regulation or indefinitely for active clients.

The personal information collected from a client during the course of a professional service engagement may be shared with:

  • TACT CPA’s personnel participating in such engagement;
  • employees within TACT CPA to the extent required to assess compliance with applicable professional standards, the rules of professional conduct and TACT CPA’s policies;
  • external professional practice inspectors (e.g. representatives of CPA Ontario), who, by law, professional regulations, or contract, have the right of access to TACT CPA’s files for inspection purposes;
  • accounting software providers as data processors and cloud storage providers

User data will be stored until the purpose the data was collected for has been achieved. You will be notified if your data is kept for longer than this period.

TACT CPA regularly and systematically destroys, erases or makes anonymous personal information no longer required to fulfill the identified collection purposes and no longer required by laws and regulations.

6. Accuracy

TACT CPA endeavours to keep accurate, complete and up-to date personal information in its possession or control, to the extent required to meet the purposes for which it was collected. To update their personal information, individual clients are encouraged to contact the partner in charge of providing services to them.

You can help by keeping us informed of any changes. For example, tell us if you move or change telephone numbers. If you find any errors in our information about you, let us know right away. We will make the corrections. We will also give the corrections to anyone we gave your information to and who relies on it. If we don't agree with your requested change, we will note your request in your file.

7. Safeguards

We will use reasonable security measures to protect your personal information against unauthorized access. TACT CPA has implemented security measures that contain administrative, technical and physical controls that are designed to safeguard your personal information. No method of transmission over the internet, or method of electronic storage, is 100% secure, however. We retain your information only for the time we need it. And we only use it for the purposes that we explain to you.

Access to personal information stored in hard-copy form is kept strictly confidential. Partners and employees are authorized to access personal information based on client assignment and quality control responsibilities.

Authentication is used to prevent unauthorized access to personal information stored electronically. Portals are used to enable the secure transfer of information to and from clients.

For files and other materials containing personal information entrusted to a third-party service provider (e.g., a provider of paper-based or electronic file storage), TACT CPA obtains appropriate assurance to affirm that the level of protection of personal information provided by the third-party is equivalent to that of the TACT CPA.

Some of the ways we use your information are to support our efforts to protect your security. For example, we may ask you to provide certain information to authenticate you. This helps to prevent unauthorized access to your information.

Data stored outside Canada may be subject to foreign laws. Your information, including Personal Data, is processed at the Company’s operating office and in any other places where the parties involved in the processing are located. It means that this information may be transferred to and maintained on computers located outside of Your province, country or other governmental jurisdiction where the data protection laws may differ from those from Your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer. The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

8. Openness

TACT CPA is open about the procedures it uses to manage personal information. Up-to-date information on the privacy policy can be obtained from the Privacy Officer by email at info@tactcpa.ca

9. Individual Access

Upon request, TACT CPA will provide written responses to clients about the personal information in its possessions or controls, within thirty (30) days of such request. TACT CPA’s response time may be extended by an additional thirty (30) days pursuant to subsection section 8(4) of PIPEDA.

If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data and to who we disclosed your personal data, or if you would like your data to be deleted or modified in any way, please contact our Privacy Officer here: at info@tactcpa.ca Requests must be made in writing.

In certain situations, however, TACT CPA may not be able to give clients access to all their personal information. We will explain the reasons why access must be denied and any recourse the client may have, except where prohibited by law.

10. Challenging Compliance

To challenge TACT CPA’s compliance with its Privacy Policy, clients are asked to provide an email message to the Privacy Officer at  info@tactcpa.ca TACT CPA’s Privacy Officer will ensure that a complete investigation of a client complaint is undertaken and will report the results of this investigation to the client, in most cases, within 30 days.

11. How to Opt-Out of Data Collection, Use or Disclosure

In addition to the method(s) described in the Individual Access section, we provide the following specific opt-out methods for the forms of collection, use, or disclosure of your personal data:

  • You can opt-out of the use of your personal data for marketing emails. You can opt-out by clicking "unsubscribe" on the bottom of any marketing email by using the built-in unsubscribe feature of your email provider (like Gmail or Outlook) or by clicking the unsubscribe link usually found at the bottom of the email.

12. Cookies and use of the Website

When you interact with us online or in our apps, we may collect, use and disclose your information to:

  • deliver our services
  • improve and personalize your experience

We, and third parties that we select, may use certain technologies and tracking tools on our website and apps to deliver our service, improve and personalize your experience and prevent fraud. As one example, we use cookies. Cookies are snippets of data stored by a web browser (for example, Edge, Chrome, Safari or Firefox web browsers). A cookie is a small file, stored on a user's hard drive by a website. Its purpose is to collect data relating to the user's browsing habits. You can choose to be notified each time a cookie is transmitted. You can also choose to disable cookies entirely in your internet browser, but this may decrease the quality of your user experience.

We may use functional and analytical cookies on our Site:

  • Functional cookies. Functional cookies are used to remember the selections you make on our site so that your selections are saved for your next visits;
  • Analytical cookies. Analytical cookies allow us to improve the design and functionality of our Site by collecting data on how you access our Site, for example data on the content you access, how long you stay on our Site, etc.

Data Collected Automatically (usage data):

When you visit and use our site  www.tactcpa.ca we may automatically collect and store the following information (if website analytics is enabled):

  • IP address;
  • general geographic information (city or region), derived from your IP address;
  • clicked links; and
  • content viewed.

The data we collect automatically is used for the following purposes:

  • Statistics; and
  • Analysis.

Data Collected in a Non-Automatic Way:

We may also collect the following data when you perform certain functions on our site: www.tactcpa.ca

  • First and last name;
  • Email address; and
  • Phone number.

The data we collect when the user performs certain functions may be used for the following purposes:

  • To provide and maintain our Services, including to monitor the usage of our Services.
  • Communication. To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
  • To provide You with news, special offers, and general information about other services and events which We may offer that are similar to those that you have already purchased or inquired about unless You have opted not to receive such information.
  • To manage Your requests: To attend and manage Your requests to Us.
  • For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service (needs analysis), products, services, marketing and your experience.

The data may be collected using the following methods:

  • Subscription; and
  • Contact Us.

We may use Google Analytics to better understand your use of our website. The tool collects information about user behaviour, which includes how many times a user visits our website, what pages they visit and where they were referred from.

Google may use the data collected for their own purposes, including to contextualize and personalize the ads on their own advertising networks.

To learn more about how Google uses data when you visit websites using Google Analytics, go to: How Google uses information from sites or apps that use our services – Privacy & Terms – Google

You may opt out of Google Analytics tracking: How Google Analytics works - Analytics Help

To do this, install the Google Analytics Opt-out Browser Add-on Download Page

You may opt out of ad serving on Google’s opt-out page.