Privacy Policy

Privacy Regulations and Standards Policy

At Lawrence Tomlin CPA PC, we are committed to maintaining the highest standards of privacy and data security for our clients and team members. This policy outlines the regulations and standards we adhere to in managing personal and sensitive information.

1. Regulatory Framework
   
   • We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), ensuring that personal data is collected, used, and disclosed responsibly.
   • We adhere to Canada’s Anti-Spam Legislation (CASL) when engaging in electronic communications to ensure proper consent and data handling practices.
2. CRA Confidentiality Guidelines
   
   • In handling taxpayer and corporate data, we follow the strict confidentiality guidelines mandated by the Canada Revenue Agency (CRA).
   • All client information is safeguarded in accordance with CRA standards to prevent unauthorized access or disclosure.
3. CPA Professional Standards
   
   • Our practice is committed to the highest professional ethics as outlined by the CPA Code of Professional Conduct and CPA Ontario guidelines.
   • We ensure that all team members receive regular training on data protection and confidentiality to maintain compliance with professional standards.
4. Data Collection, Use, and Disclosure
   
   • Collection: We collect only the information necessary to provide our accounting and tax services, including data required for CRA reporting and regulatory compliance.
   • Use: Information is used exclusively for client service delivery, compliance with legal obligations, and internal operations.
   • Disclosure: No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
5. Zoom SMS Text Messaging Service Compliance
   
   • For our internal communications using Zoom’s SMS service, we comply with Zoom’s data processing agreements and privacy requirements.
   • All team member contact information is handled in strict confidence, and data transmitted via SMS is secured according to industry standards.
6. Security Safeguards and Breach Notification
   
   • We implement robust physical, administrative, and technological safeguards to protect all sensitive and confidential data.
   • In the unlikely event of a data breach, we will notify affected parties and regulatory bodies promptly, as required by PIPEDA breach notification obligations.
7. Employee Training and Compliance
   
   • Our team undergoes regular training on privacy practices and data security protocols to ensure full compliance with all applicable laws and standards.
   • Compliance audits and internal reviews are conducted periodically to identify and mitigate any risks.
8. Client Rights and Contact Information
   
   • Clients have the right to access, correct, or request deletion of their personal information, subject to legal and professional requirements.
   • For inquiries or concerns regarding our privacy practices, clients and team members may contact our Privacy Officer at:
     
     • Email: larry@tomlin.ca
     • Phone: 416-483-4940
9. Policy Updates and Amendments
   
   • We continuously review and update this policy to reflect any changes in regulatory requirements or industry best practices.
   • Clients and team members will be informed of significant changes to our privacy practices through our website and direct communications.

By adhering to this policy, Lawrence Tomlin CPA PC demonstrates our commitment to protecting the privacy and integrity of the information entrusted to us. Our approach ensures compliance not only with PIPEDA but also with the additional mandates and standards set forth by the CRA, CPA professional guidelines, CASL, and Zoom’s data processing requirements.