This privacy policy explains how CFO Science Inc. (“CFO Science”, “we”, “us”, “our”) collects, uses, and protects personal information when you visit this website or engage us for professional services. We are based in Toronto, Ontario, and operate under Canadian federal privacy law (PIPEDA) and applicable Ontario laws.
1. What this policy covers
This policy applies to:
- Information collected through this website, including contact forms, newsletter signups, and analytics.
- Information you provide when you enquire about, or engage us for, fractional CFO, controller, or bookkeeping services.
It does not cover third-party websites we link to, or the privacy practices of accounting software platforms (such as QuickBooks Online or Xero) that you choose to use directly with your own login.
2. What we collect
We collect personal information in three ways.
Information you give us directly. When you fill out a contact form, send us an email, sign up for our newsletter, or engage us as a client, you give us information such as your name, business name, email address, phone number, the nature of your enquiry, and any other details you choose to share.
Information collected automatically. When you visit the site, we collect limited technical information through analytics, including your approximate location (city or region), device type, browser, pages viewed, referring source, and time spent on the site. We use this to understand how the site is being used and to improve it. We do not use this information to identify you personally.
Information from client engagements. If you engage us as a client, we will receive financial and business information necessary to provide the services, including access to accounting platforms, bank statements, invoices, and similar records. This information is governed by our engagement letter and our professional obligations.
3. How we use your information
We use personal information to:
- Respond to enquiries and provide the services you have asked for.
- Send newsletters and updates to people who have signed up. You can unsubscribe at any time using the link in any newsletter email.
- Operate, secure, and improve the website.
- Meet our legal, regulatory, and professional obligations, including practice standards and record-retention rules.
We do not sell your personal information. We do not use it for advertising profiling.
4. Legal basis for collecting and using your information
Under PIPEDA, we rely on your consent to collect and use your personal information. Consent may be express (for example, ticking a newsletter signup box) or implied from the context (for example, sending us an enquiry through the contact form means you consent to us replying). You can withdraw your consent at any time, subject to legal and contractual requirements, by contacting us.
5. Cookies and analytics
The site uses cookies and similar technologies for two purposes:
- Strictly necessary cookies. Required for the site to function (for example, remembering form input across pages).
- Analytics cookies. Used to measure traffic and improve the site. We use a privacy-respecting analytics tool that collects only aggregated, non-identifying data where possible.
You can block or delete cookies through your browser settings. Blocking cookies may affect how the site works.
6. Who we share your information with
We share personal information only in limited circumstances:
- Service providers who help us run our business and the website, such as email providers, newsletter platforms, analytics providers, and hosting providers. These providers are contractually required to protect your information and use it only for the purposes we direct.
- Professional advisers such as our own legal, accounting, and insurance advisers, where reasonably necessary.
- Regulators and authorities where required by law, court order, or our professional obligations.
If we ever transfer the business or any part of it, personal information may be transferred as part of that transaction, subject to the protections in this policy.
7. Where your information is stored
Our service providers, including hosting, email, and analytics tools, may store data outside Canada, including in the United States or the European Union. When this happens, your information is subject to the laws of those jurisdictions and may be accessible to foreign authorities under their local laws. We choose providers who apply appropriate security and contractual protections.
8. How we protect your information
We use reasonable physical, technical, and organisational safeguards to protect personal information, including encrypted connections to the website, access controls on our internal systems, and confidentiality obligations on anyone working with us. No system is perfectly secure, and we cannot guarantee absolute security; if a breach were to occur affecting your information, we would notify you and the relevant regulators as required by law.
9. How long we keep your information
We keep personal information only as long as needed for the purpose it was collected, or as required by law or our professional obligations. Client engagement records are typically retained for seven years after the engagement ends, in line with Canadian tax recordkeeping rules. Contact-form enquiries that do not result in an engagement are deleted within a reasonable period. Newsletter records are kept until you unsubscribe.
10. Your rights
You have the right to:
- Ask what personal information we hold about you.
- Ask us to correct information that is inaccurate or incomplete.
- Withdraw your consent to our use of your information, subject to legal and contractual limits.
- Ask us to delete information we no longer need to keep.
- Complain to the Office of the Privacy Commissioner of Canada if you believe we have not handled your information properly. Their contact details are at priv.gc.ca.
To exercise any of these rights, contact us using the details below. We will respond within 30 days.
11. International visitors
The site is intended for visitors in Canada. If you access it from outside Canada, you do so on your own initiative and are responsible for compliance with local laws. Your information will be transferred to and processed in Canada, which may have different privacy laws than your home jurisdiction.
12. Children
The site and our services are not directed at children under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us and we will delete it.
13. Changes to this policy
We may update this policy from time to time. When we do, we will change the “last updated” date at the top. If the changes are significant, we will take reasonable steps to draw your attention to them, such as a notice on the website.
14. Contact us
CFO Science Inc.
Attn: Privacy
Toronto, Ontario, Canada
Email: privacy@cfoscience.ca
If you are not satisfied with how we have handled your personal information, you can contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.