Privacy & Client Data Policy

Client Data

Client Trust is vital to Frosty Squirrel’s success as any CPA firm. For this reason, we handle all client data with care.

Client Data comprises the following, but not limited to;

  • Emails & Communications
  • Scans of Documents
  • Personal and Business Information (SIN, BIN, Account Info)
  • Operational Information (Processes, Staff Information & Size, Marketing)
  • Financial Information (Margins, Revenue, Vendor Information, Costing, Budgets)
  • Board of Director Information (Names, Meetings, Decisions, Strategic Plans)

Where we send & store your data

As Frosty Squirrel is a fully remote firm, your data resides on cloud servers. Large companies that are not likely to be breached secure these servers. However, email is a common method of data transfer between clients and Frosty Squirrel, as well as internally.

For security purposes, no details will be provided about the internal processes of Frosty Squirrel CPA on the website.

Breaches

In the digital age, a data breach can occur and some claim it will be inevitable. As Frosty Squirrel expands, this becomes a higher risk.

In the event of a data breach, all data & processes will be locked down and the extent of the breach determined. If your client data is compromised, we will inform you after assessing the breach and implementing countermeasures. Further actions taken will depend on the severity of the breach.

Outsourcing & Offshoring

Frosty Squirrel CPA does not offshore any engaged services. All services are performed by staff of Frosty Squirrel CPA or subcontractors in Canada, with any exceptions noted below.

Frosty Squirrel will hire subcontractors for specific tasks after discussion with the client. For complexity within an engagement, such as complex tax structures, the subcontracts could fall outside of Canada for their specific expertise.

Any contractors that are hired as an internal staff member will conform to all workplace policies, including data security and access limitations.

As a fully remote firm, staff and contractors will travel for business or pleasure, including other countries. The policy of Frosty Squirrel is that employees and contractors must be residents of Canada for tax purposes. Frosty Squirrel will require staff members to complete a course in IT security for travel/remote work to secure all remote work.

Website

Our website address is: https://www.frostysquirrel.ca if you receive requests from other websites for your accounting information, please ensure that the request is coming from the frostysquirrel.ca domain or a subdomain (mail.frostysquirrel.ca, assessment.frostysquirrel.ca, frosty.frostysquirrel.ca).

Please be cautious of spoofing or phishing (“fishing”). Which is when the name appears to be legitimate, but looking at the details of the email shows it is from an email not associated with frostysquirrel.ca.

Cookies

If you leave a comment or send a message on our site, you may opt-in to saving your name, email address and website in cookies. These are so that you do not have to fill in your details again when you leave another comment. These cookies can last up to one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in (currently not available), we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies are removed.

Embedded content from other websites

Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These can include, but not limited to, things such as videos, booking links, and contact forms.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and logged in to that website. You would have accepted these conditions when logging into that website.

Frosty Squirrel makes a conscious effort to ensure any embedded items are from reputable sources, but cannot be responsible for another company’s breaches in security.

Who we share your data with

We do not sell your data in any manner. Embedded content from other websites is the only way we share data. This includes the CRM we currently use for marketing purposes.

This is only applicable to the website data, client data is handled differently and is documented above.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Get Started
Get Started