top of page

Privacy Policy

Effective Date: July 23, 2025

SmartSum Solutions (“we”, “our”, or “us”) is committed to protecting your privacy and ensuring transparency about how your personal information is collected, used, and disclosed. This Privacy Policy outlines our practices in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) (Canada) and Alberta’s Personal Information Protection Act (PIPA).

1. Information We Collect

We collect personal information that is necessary to provide our bookkeeping and related financial services. This may include:

  •  Name, business name, and contact details (e.g., email, phone number, address)

  •  Financial documents (e.g., bank statements, credit card statements, receipts, invoices, expense reports)

  •  Canada Revenue Agency (CRA) account numbers (e.g., Business Number (BN), GST/HST account, Payroll account, Corporate Income Tax account)

  •  Login credentials for accounting software (only if expressly authorized by you and securely provided for service delivery)

  •  Communication history with our firm (e.g., emails, meeting notes)

  •  Personal information of your employees (e.g., names, SINs, payroll details) as required for payroll services

  •  Website usage data through cookies or analytics tools (non-identifiable information, e.g., IP address, browser type, pages visited)

2. How We Use Your Information

We collect and use your personal information for the following purposes, which a reasonable person would consider appropriate in the circumstances:

  •  To provide bookkeeping, payroll, and related financial services as requested by you (e.g., financial reporting, general business advisory).

  •  To prepare and file GST/HST, payroll remittances, and year-end documentation with the Canada Revenue Agency or other relevant authorities.

  •  To respond to your inquiries, communicate regarding your file, and provide client support.

  •  To improve our website, service delivery, and internal processes.

  •  To meet our legal, accounting, and regulatory obligations, including those related to anti-money laundering and tax compliance.

 

3. Consent

By providing your personal information, you consent to its collection, use, and disclosure in accordance with this policy and for the identified purposes.

For certain sensitive personal information, such as CRA account numbers, Social Insurance Numbers (SINs), and login credentials for financial or accounting systems, we will seek your express consent at the time of collection. Express consent may be obtained in writing (e.g., signed agreement, explicit digital consent) or verbally, where appropriate, and will clearly outline the specific purposes for which this sensitive information will be used.

You may withdraw your consent at any time, subject to legal and contractual restrictions, and reasonable notice. To withdraw consent, please contact us via email or phone using the contact information provided below. Please note that withdrawing consent may affect our ability to provide certain services.

4. Sharing of Information

We do not sell or rent your personal information. We may share your data with trusted third-party service providers who help us deliver our services. These may include, but are not limited to, secure cloud storage providers, encrypted communication platforms, online accounting software (e.g., QuickBooks Online, Xero), and payment processors. These parties are contractually obligated to maintain the confidentiality and security of your data and are only permitted to use the information for the purposes of providing services to us.

We may also disclose information if required by law (e.g., to comply with a court order or subpoena), to respond to lawful requests from public authorities (e.g., the Canada Revenue Agency), or if authorized by you for specific purposes.

5. Data Security

We are committed to protecting your personal information. We employ administrative, technical, and physical safeguards to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal, or destruction of your information. Our security measures include, but are not limited to:

  •  The use of secure, industry-standard file-sharing platforms.

  •  Encrypted communication tools.

  •  Multi-factor authentication (MFA) where available.

  •  Regular security updates and monitoring of our systems.

  •  Limiting access to personal data to authorized personnel only, who are bound by confidentiality obligations.

  •  Secure disposal methods for information no longer required.

6. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes for which it was collected, to provide our services, and to comply with legal and regulatory obligations. For example, tax and accounting records are generally retained for a minimum of six (6) years as required by the Canada Revenue Agency. Once personal information is no longer required for these purposes, it is securely destroyed or made anonymous.

7. Your Rights

You have the right to:

  •  Access your personal information: Request access to the personal information we hold about you.

  •  Request corrections: Ask for corrections to inaccurate or incomplete personal data.

  •  Withdraw your consent: Withdraw your consent to the collection, use, or disclosure of your personal information (subject to legal exceptions).

  •  Inquire about use/disclosure: Ask how your information has been used or disclosed.

  •  Complain: Lodge a complaint with the Office of the Information and Privacy Commissioner of Alberta (OIPC) or the Office of the Privacy Commissioner of Canada (OPC) if you believe your privacy rights have been violated.

To exercise any of these rights, please contact us using the information below.

8. Data Breach Notification

In the unlikely event of a security breach involving your personal information under our control, we will act swiftly and comply with all applicable legal requirements under PIPEDA and PIPA.

If it is reasonable to believe that the breach creates a real risk of significant harm to an individual, we will:

  •  Report the breach to the Office of the Privacy Commissioner of Canada (OPC) without unreasonable delay.

  •  Notify affected individuals without unreasonable delay, providing them with sufficient information to understand the breach and take steps to mitigate potential harm.

  •  Keep a record of all breaches of security safeguards, regardless of whether they pose a real risk of significant harm.

9. Website & Cookies

Our website may collect non-identifiable information through cookies or analytics tools (e.g., IP address, browser type, pages visited). This information is used to understand website usage patterns and improve user experience. You may disable cookies in your browser settings, though this may affect the functionality of some parts of our website.

10. Third-Party Links

Our website may contain links to third-party websites or services (e.g., payment processors, accounting software). We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The revised version will be posted on our website with a new effective date. We will review and update this Privacy Policy periodically to ensure it remains compliant with applicable laws and reflects our current practices. Your continued use of our services after any changes implies your acceptance of the revised policy.

12. Contact Us

If you have any questions, concerns, or requests regarding your personal information, this policy, or our privacy practices, please contact:

SmartSum Solutions

Privacy Contact: Mylene/Owner

Email: info@smartsumsolution.com

Website: www.smartsumsolutions.com

This Privacy Policy is governed by the laws of Alberta, Canada, and the federal laws of Canada applicable therein.

bottom of page