KMSS Privacy Policy
KMSS Privacy Policy
Purpose
KMSS respects the privacy of our clients and our team
members. Therefore, this document sets forth the policy
of KMSS on the collection, use and disclosure of personal
information. In order to comply with provincial
legislation (Alberta Personal Information Protection Act), KMSS has
developed policies and procedures to maintain the security,
confidentiality and privacy of personal
information.
Scope
KMSS policy will apply to information related to the following
individuals:
Definitions
“KMSS”
This refers to Kenway Mack Slusarchuk Stewart LLP Chartered
Accountants, Kenway Mack Slusarchuk Stewart Bow Valley LLP
Chartered Accountants, and KMSS Results Inc.
“Personal Information”
This refers to information about an identifiable individual, but
does not include the name, job title or business address and
business telephone number of an individual. Anything
that might appear on a business card, or can be found through
publicly available information such as the telephone book would not
be considered personal information.
“Consent”
This refers to voluntary agreement to the collection, use and
disclosure of personal information for specified
purposes. Consent may be either express or
implied. Express consent can be given orally or in
writing, it is unequivocal and does not require any inference on
the part of KMSS. Implied consent arises where consent
can reasonably be inferred from the action or inaction of the
individual.
“Individual”
This includes all persons who are employed by KMSS, contractors,
partners, clients and client organization personnel, and vendors
and vendor organization personnel.
Introduction to KMSS Policy
At KMSS an important part of our commitment to our clients, team
members, suppliers, and contractors, is the provision of high
quality service and respecting their right to privacy.
Keeping personal information secure and in strict confidence for
our clients, team members, suppliers, and contractors is a priority
of the firm.
1. Accountability
KMSS is accountable for all personal information in its
possession or control. KMSS has established and put
into effect policies and procedures aimed at properly protecting
personal information. The firm has and continues to
educate its partners and employees regarding its privacy policy and
their role and responsibilities in keeping personal information
private.
KMSS has designated a Privacy Officer who oversees privacy
issues at the firm. Ultimate accountability for
KMSS’s compliance rests with the firm’s
partners who delegate day-to-day accountability to the Privacy
Officer.
2. Purposes
KMSS will identify the purposes for which personal information
is collected at or before the time the information is
collected. Unless additional purposes are identified to
an individual, KMSS will collect personal information for the
following purposes:
-
To manage and develop KMSS’s business and
operations, including personnel and employment matters;
-
To provide professional services to our clients; and,
-
To meet legal and regulatory requirements.
3. Consent
KMSS assumes responsibility to obtain any consent required under
applicable privacy legislation, for collection, use and disclosure
of personal information.
Consent may be given either verbally, by written communication
or through implied consent.
An individual may withdraw consent at any time, subject to legal
or contractual restrictions, provided that reasonable notice of
withdrawal of consent is given to KMSS. On receipt of
notice of withdrawal of consent, KMSS will inform the individual of
the likely consequences of the withdrawal of consent, which may
include the inability of KMSS to provide certain services for which
that information is necessary.
4. Limits on Collection of
Personal Information
KMSS collects only that personal information required to perform
its professional services and operate its business, and such
information is collected by fair and lawful means.
5. Limits on Using, Disclosing and Retaining
Personal Information
KMSS uses or discloses personal information only for purposes
for which it has consent, or as required by law. The
firm retains personal information only as long as reasonably
necessary to fulfill those purposes.
As required by professional standards, rules of professional
conduct and regulation, the firm documents the work it performs in
records, commonly called working paper files. Such
files may include personal information obtained from a client.
Working paper files and other files containing, for example,
copies of personal tax returns are retained for the time period
required by law and regulation.
The personal information collected from a client during the
course of a professional service engagement may be:
-
Shared with the firm’s personnel participating in
such engagement;
-
Disclosed to partners and employees within the firm to the
extent required to assess compliance with applicable professional
standards and rules of professional conduct, and the
firm’s policies, including providing quality control
reviews of work performed;
-
Provided to members of the organization’s audit
committee and board of directors, and others in the company that
might not otherwise have access to the information, in the course
of communicating aspects of the results of our audit; and
-
Provided to external professional practice inspectors (e.g.
representatives of the Canadian Public Accountability Board, or a
provincial institute of chartered accountants), who by law,
professional regulation, or contract have the right of access to
the firm’s files for inspection purposes.
The firm will retain working papers and other files which may
contain personal information for as long as necessary to fulfill
the intended purposes and to comply with applicable laws and
regulations.
6. Accuracy
The firm endeavours to keep accurate, complete, and up-to-date,
personal information in its possession or control, to the extent
required to meet the purposes for which it was
collected.
Individual clients are encouraged to contact the firm to update
their personal information.
Employees and contractors should inform the firm of any updates
to their personal information.
7. Safeguarding Personal Information
The firm protects the privacy of personal information in its
possession or control by using security safeguards appropriate to
the sensitivity of the information.
Physical security (e.g. restricted access, locked rooms and
filing cabinets) is maintained over personal information stored in
hard copy form. Partners and employees are authorized
to access personal information based on client assignment and
quality control responsibilities.
Authentication is used to prevent unauthorized access to
personal information stored electronically. Encryption
is used to prevent unauthorized access to personal information
received or sent over the Internet.
For files and other materials containing personal information
entrusted to a third party service provider (e.g. a provider of
paper based or electronic file storage), the firm obtains
appropriate assurance to affirm that the level of protection of
personal information by the third party is equivalent to that of
the firm.
Confidentiality and security are not assured when information is
transmitted through e-mail or other wireless
communication. KMSS will not be responsible for any
loss or damage suffered as a result of a breach of security and/or
confidentiality when information is transmitted to KMSS by e-mail
or other wireless communication or when KMSS transmits information
by such means at the request of an individual.
8. Openness
KMSS is open about the policies and procedures it uses to
protect personal information. Information about our
privacy policies and procedures will be made available in writing
and electronically. Up-to-date information on the
firm’s privacy policy can be obtained from the
firm’s Privacy Officer.
9. Individual Access to Personal
Information
The firm responds on a timely basis to requests from individuals
about their personal information that the firm possesses or
controls.
Upon written request and authentication of identity, KMSS will
provide individuals with personal information under its control,
information about the ways in which that information is being used,
and a description of the individuals and organizations to whom that
information has been disclosed.
KMSS may charge a reasonable fee for providing information in
response to a privacy access request and will provide a written
estimate of any such fee upon receiving an access to information
request.
KMSS will make the information available within 30 days of the
written request.
Individual clients of the firm have the right to contact the
engagement partner in charge of providing service to them and
obtain access to their personal information. For example, client
information such as copies of financial statements and tax returns
will be provided upon request and authentication of identity.
Similarly, authorized officers or employees of organizations
that are clients of the firm have the right to contact the
engagement partner in charge of providing service to them and
obtain access to personal information provided by that
client.
A KMSS employee or contractor may obtain information or seek
access to his or her personnel file by contacting the KMSS Privacy
Officer.
10. Compliance
A copy of our privacy policy can be obtained from our website at
www.kmss.ca.
Any inquiries, complaints or questions regarding this Policy
should be directed in writing to our Privacy Officer by email at privacyofficer@kmss.ca or
by phone at (403) 233-7750 or by letter
to:
Kenway Mack Slusarchuk Stewart LLP Chartered Accountants
Attention: Privacy Officer
220, 333-11 Avenue S.W.
Calgary, Alberta T2R 1L9
| 
