Privacy Policy

Cynthia Vincze Professional Corporation (the company) is committed to protecting personal information by following responsible information handling practices and abiding by our governing privacy laws. We collect and use your personal and business data for the sole purpose of better meeting your needs and to inform you about our services.

Please contact us if you have any questions about our information handling practices.


Updated March 5, 2023

The Federal Government’s Personal Information and Protection of Electronic Documents Act (PIPEDA) was passed into law in January, 2001 and regulates private sector collection, use and disclosure of personal information collected in the course of commercial activities as well as the collection, use and disclosure of employee personal information. This legislation became effective after January 1, 2004.

The company respects and upholds an individual’s right to privacy and to protection of his or her personal information. Should an individual (e.g., customer, employee) choose to provide personal information to us, we use stringent security safeguards to ensure their information is protected.

The company’s Privacy Policy incorporates the provisions of the Personal Information Protection and Electronic Documents Act (Statutes of Canada 2000, Chapter 5) and the ten key principles of the Canadian Standards Association Model Code for the Protection of Personal Information (CAN/CSA Q830-96).

This policy applies to customers, employees and other persons who provide personal information to the company directly or indirectly through verbal or written correspondence.


The company is both accountable for the personal information under their control. The company has appointed the Office Manager as the Privacy Officer. The Privacy Officer is responsible for the company’s compliance with this policy.

Purposes for Collection, Use and Disclosure

The company collects and uses personal information from customers solely for the following purposes:

  1. to enable communication;
  2. to provide products and services requested;
  3. to process payment for the products and services requested;
  4. to meet statutory and regulatory requirements.

The company collects and uses personal information from employees solely for the following purposes:

  1. to enable communication;
  2. to process payroll, income tax remittances and T4 slips;
  3. to comply with requests from group insurance provider;
  4. to identify and assist with internal/external training and professional development needs;
  5. to conduct disciplinary investigations where required; and
  6. to meet statutory and regulatory requirements.

The only circumstances under which personal information may be disclosed to third parties is for the fulfillment of any purposes identified above, or as required by law. We do not provide personal information to other third parties unless we are legally required to do so and we would not provide personal information to a third party without the individual’s express consent. Written consent will be filed in the customer’s correspondence file and, in those cases where consent is provided verbally, we will prepare an appropriate note for the customer’s file.

Where personal information is disclosed to third parties for the fulfillment of any purposes identified above, the company will make all reasonable efforts to ensure that the third party has appropriate security procedures in place for the protection of the personal information being transferred.


Unless we hear otherwise from the customer, their use of our products and services constitutes consent for the company to collect, use and disclose personal information for the purposes stated in this Policy. The customer may refuse or withdraw consent at any time, subject to legal and contractual restrictions and reasonable notice. The customer decides to provide (or not provide) the company with personal information; the choice is always the customer’s. However, it is important for the customer to note that their decision to withhold particular information may impact our ability to provide the product or service or communicate with them. The customer may refuse or withdraw their consent by contacting us. Our staff will explain the customer’s options and any consequences of refusing or withdrawing consent, and will record the customer’s choices.

Limiting Collection, Use, Disclosure and Retention

The company collects personal information only for the purposes identified above. The company does not use or disclose personal information for any purpose other than those for which it was collected, except with the customer’s consent or as required by law. We do not sell, lease, or trade information about our customers to other parties. Personal information is retained only as long as is necessary for the fulfillment of the purposes for which it was collected, or as required by law.


The company will make all reasonable efforts to ensure that personal information is as accurate, complete and current as required for the purposes for which it was collected. Customers and employees are encouraged to inform us if they find any inaccuracies in our information so that we can make the appropriate corrections promptly.


The company uses appropriate security safeguards to protect our customers’ personal information from risks such as loss, misuse, unauthorized access, disclosure or alteration. Safeguards include physical, administrative, and electronic security measures and are discussed in the company’s policies on Confidentiality and Security of Confidential Information.

All employees of the company are required to abide by the privacy standards we have established. They are also required to work within the principles of ethical behaviour as set out in staff guidelines and must follow applicable laws and regulations. In the course of daily operations, access to personal information is restricted to those employees whose job responsibilities require them to access it.


Any customer has the right to access their personal information under the control of the company. Upon request in writing to the Privacy Officer at the address listed below, the customer will be informed of the existence, use and disclosure of their personal information and will be given access to that information. In certain exceptional circumstances, the company may not be able to provide access to certain personal information it holds about a customer, for example, if doing so would reveal personal information about a third party. If access cannot be provided, the company will notify the customer, in writing, of the reasons for the refusal.

Revisions to this Privacy Policy

The development of the company’s policies and procedures for the protection of personal information is an ongoing process. Due to changes in technology and legal requirements, we may revise this policy from time to time. Please ensure that you refer to the current version of the company’s Privacy Policy. The current version will be posted on our website at

Addressing Your Questions or Concerns

If you have a question regarding this Policy, or a concern or complaint regarding the privacy practices of the company, please contact us.

For general questions regarding privacy regulations, we invite you to visit the Privacy Commissioner of Ontario’s web site at