Use
We use personal information to provide services to our clients, to fulfill legal requirements and to operate, market and improve our business. Examples of why we use personal information are:
- Client services, such as conducting audits, preparing tax returns, providing management consulting and other advisory services to our clients and members of the BDO network
- Vendor management, such as managing the services that third parties deliver to us or to clients on our behalf
- Legal and regulatory compliance, such as conducting screening for conflicts, complying with anti-money laundering laws, conducting sanctions checks, and to maintain books and records that are required by law or that assist us in meeting our legal and regulatory obligations
- Relationship management, such as establishing, maintaining, and administering our relationship with you or your employer, and which may include client account opening, accounting, invoicing, risk analysis, conflict checking, and customizing the services we offer to you
- Business development, such as client pitches and offering you services that you may be interested in
- Recruitment, such as processing your application for employment or an internship or when we proactively recruit new partners or employees
- Communications, such as responding to your inquiries, sending you newsletters, updates, or other material, and managing your preferences
- Events management, such as reserving your place at our events, noting dietary restrictions or choices, and other event related purposes
- Feedback, such as client surveys, event feedback, and addressing concerns that you might have
- Security, such as monitoring who has had access to our premises, and protecting our client portal our website from misuse
- Website management, such as monitoring what visitors to our website, microsites and mobile apps find interesting and whether there are problems with features and functionality
- Improvement of our business, understanding what our clients and prospective clients find interesting, improving our website, improving how we use vendors to provide services to us or to our clients
Sharing
We may share personal information in order to perform services for our client, to fulfill legal requirements or to operate, market and improve our business. The following are examples of who we may share personal information with:
- BDO member firms, when it is necessary to provide cross-border services, to make referrals, to assess potential conflicts, or where other member firms provide services to us
- Service providers, who provide outsourced business services to us, who assist us in marketing and advertising or events, or who assist us in providing or managing our information technology and communications systems
- Screening service providers, who perform credit checks, sanctions screening, crime or anti-money laundering checks, and other background checks
- Clients, as part of work product, such as when we are retained to conduct an audit or investigation or prepare a report or advice, and your personal information is relevant to that work product
- Analytics providers and advertising networks, who support our analysis of the performance of our website, microsites and mobile apps and your interests, or who assist us in placing advertising on other sites,
- Emergency responders, emergency contacts, or public health authorities, when necessary to respond to an emergency, or address an urgent occupational health and safety issue or outbreak of communicable diseases
- Law enforcement bodies and regulators, when required under applicable laws, such as anti-money laundering reports, or where we are reporting a contravention of laws
- Other third parties, in the course of a commercial transaction involving the acquisition of or transfer of any part of our business
Consent and other legal bases
There may be several reasons why we might collect, use, share or otherwise handle your personal information. These include:
- With your explicit or implicit consent, such as when you provide the personal information as part of a request for services or a product, when you provide the personal information for a specific purpose or we ask you to consent to our use of your personal information for a purpose or for the purposes set out in this Privacy Statement
- With the consent of someone with authority to provide the information to us, such as your employer or a third party who you provided the information and who has the legal right to share it with us
- Where is necessary to fulfill our legal obligations, such as where we need to conduct client screening, anti-money laundering checks, or for other legal and compliance purposes where the law permits us to handle personal information with your consent
- For the purposes of responding to legal claims against us
- To conduct investigations where the law permits us to handle personal information without your consent
We may use your business contact information to contact you in your business, role, function, or occupation without your consent. If we send you commercial electronic messages, we will comply with Canada’s Anti-Spam Legislation, subject to any exceptions permitting us to send unsolicited commercial electronic messages. You may unsubscribe from our communications at any time.
Security
We use physical, technical, and organizational security measures that are consistent with standards in the accountancy and professional services industry. These security measures are designed to protect the confidentiality and integrity of personal information in our custody. We use contractual or other means to require our service providers to protect the confidentiality and integrity of personal information we entrust to them. Unfortunately, no system of security measures can guarantee the security and privacy of personal information. If you are sharing highly sensitive information electronically with BDO Canada, please speak with us about methods of secure file transfers.
Location and retention
Personal information is stored primarily in Canada. However, we may also use service providers or the assistance of BDO member firms in the United States and around the world, except where we are restricted by legal or contractual requirements. The laws of other jurisdictions may not be as protective as those in Canada and personal information held outside of Canada may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of these other countries in accordance with their laws.
We retain information for the purposes for as long as it is necessary to fulfill the purposes for which we collected it. We also retain personal information to meet obligations under applicable laws and regulatory requirements and to maintain records for possible litigation or investigations. Our retention period will vary depending on the nature of the information that is held. For example, we may retain information about you for as long as you are a client. We may retain matter specific information for as long as the applicable limitation period for claims, which may be 15 years or in some jurisdictions longer. In addition, copies of personal data stored in our electronic backups may be retained until they are destroyed in accordance with the ordinary lifecycle of our backups.
Children and minors
We do not knowingly collect personal information from children or other persons who are under 14 years of age except as part of a client engagement (e.g. the preparation of tax returns, estate planning, and other legitimate reasons). Our website and marketing materials are only for use by individuals who have reached the age of majority in their province or country of residence.
Cookies
Please see our Cookies Notice for information on how we use website cookies on our website www.bdo.ca. Please also see cookie notices or similar notices for any BDO Canada microsites or mobile apps that you may use.
Your rights
Canadian privacy laws provide you with certain rights. Please see “How to contact us” for the contact information of our Privacy Office in order to exercise these rights.
- Access rights – you have the right to ask us if we have collected information about you and to obtain access to that information. If you wish to exercise this right, please send a written request to our Privacy Officer. We will ask you for information to confirm your identity and may ask you to assist us in describing your relationship with us so that we can locate the relevant personal information. Please note that we may withhold disclosure of personal information in certain cases under applicable laws.
- Correction – you have the right to ask us to correct any incomplete or inaccurate personal information we hold about you. If we disagree with your correction request, we will insert a note in our files explaining the basis of our refusal to correct the information. We recommend that you raise any issue with incorrect, incomplete, or inaccurate personal information with the BDO personnel who are assisting you. However, you may also make a request to the Privacy Officer.
- Withdraw of consent – you have the right to ask us to cease collecting, using, or sharing our personal information in some cases. We will do so if we have no further purpose for handling your personal information. You can unsubscribe from any of our electronic marketing communications using the unsubscribe links provided. You may communicate other requests to withdraw consent from the BDO personnel who are assisting you or you may make a request to the Privacy Officer.
- Complaints – you have the right to make a complaint to our Privacy Officer about our compliance with this Privacy Statement or applicable privacy laws. We encourage you to raise your concern with the BDO personnel who are assisting you. However, if you make your complaint to the Privacy Office, we will investigate the matter and report to you about the investigation findings.
Changes
We may change this Privacy Statement from time to time. Please refer to the date at the top of this Privacy Statement for the last date. If there is an important change to our privacy practices, we will highlight the changes in this section.
How to contact us
To exercise your rights or to make a complaint, please contact:
Privacy Officer
BDO Canada LLP, National Office
500 – 20 Wellington Street East
Toronto, ON M5E 1C5, Canada
Tel/Tél.: 416 865 0111
or [email protected]