Privacy Policy

Privacy Policy (Canada)

Version 1.0 – Effective November 2, 2021

Overview 

Our mission is to drive a dynamic accounting profession globally and, when you register with us, you gain access to a wide range of tools and services to stay ahead. To seamlessly deliver these resources and benefits, we at times need to share your information across our teams and offices – always with a focus on keeping your data secure.

This Privacy Policy describes the ways in which your Personal Data (as defined below) is collected and used by the Association of International Certified Professional Accountants (the Association), the Chartered Institute of Management Accountants (CIMA), and the American Institute of CPAs (AICPA) (collectively referred to herein as “we”, “us”, “our”). By providing your Personal Data to any of the above entities, you acknowledge and agree that your data may be shared between and/or processed by any of the three entities.

It is your responsibility to review and understand this Privacy Policy prior to providing your Personal Data to us. You also should review our Terms and Conditions. If you do not accept and agree to the Privacy Policy and/or Terms and Conditions, please refrain from providing your Personal Data to us, accessing our websites, and/or utilizing our products and services.

With our websites and services constantly evolving, our Privacy Policy and Terms and Conditions may also change from time to time. Whenever there are changes, the modified policies will be posted on our websites and will be effective at that time. Where required by applicable laws, we will obtain your consent, whether implied or express, and/or notify you directly of changes to our Privacy Policy. Each time these policies change, the version number displayed at the top of the page will also change. Consequently, each time you access or use our websites or otherwise engage with us, you accept and agree to the most current Privacy Policy and set of Terms and Conditions. It is your responsibility to be aware of any such changes.

Highlights

What Personal Data Do We Collect?

We collect personal information in order to provide our Services to you. This information includes your name, email address, mailing address, phone/fax numbers, date of birth, gender, payment information, education history, employment information, information related to your professional qualifications, designations and memberships and information about your use of our and third-party websites, products and services (“Personal Data”). You can read more at the “Collection of Personal Data” section below.

Why do we collect Personal Data and How is it Used?

We collect the Personal Data above to provide our products and services to you, enhance our products and services, process payments, provide access to restricted parts of our website, determine your eligibility for membership, credentials, designations and volunteer opportunities, communicate with you, respond to your requests, serve relevant advertisements to you on our sites and other third party sites, request your participation in surveys, focus groups, or other initiatives to assist us in developing our products and services, evaluate your performance on continued learning courses and assist you in tracking your progress, conduct examination scheduling, administration and registration, comply with applicable laws, provide anonymized usage data to third parties, and develop a user profile for you in order to better tailor our products, services, and offerings to you, and for such other purposes as would be required or permitted by applicable law. You can read more at the “Use of Information” section below.

How is Personal Data Shared or Disclosed?

We may share your Personal Data with our affiliates for the purposes specified above. We may also share Personal Data with our service providers in order to enable the fulfillment of domains ordered and any other products and services we may provide to you. These affiliates and service providers include entities in other countries as described at the “Transfer of Personal Data Internationally” section below.

We may also share your Personal Data (i) upon your request or authorization, (ii) as required or permitted by applicable law(s), (iii) to entities with an interest in your data, or (iv) for the purpose of facilitating and effecting business transactions. You can read more about the disclosure of your Personal Data at the “Sharing and Disclosure” section below.

What are the Risks?

While we take steps to protect your Personal Data from misuse, interference, loss and/or unauthorized access, we cannot guarantee its absolute security. Furthermore, your Personal Data may be processed in jurisdictions outside Canada, and accordingly, may be accessible to courts, law enforcement and national security authorities in those jurisdictions.

Notice 

Our websites contain links to other websites which are managed by third parties (including their use of cookies). As a user of links, it is your responsibility to understand those third parties’ privacy policies. Once you leave our websites using links, we have no control over information that is submitted to or collected by any third parties and are not responsible for other websites.

Collection of Personal Data

In order to provide our products, services and websites and for the other purposes set out in “Use of Information”below, we collect and process Personal Data from our members, students, customers, and other users of our websites, products and services. We may collect the following information from you depending on how you use our products and services: your name, email address, mailing address, phone/fax numbers, date of birth, gender, payment information, education history, employment information, information related to your professional qualifications, designations and memberships and information about your use of our and third-party websites, products and services (“Personal Data“). You are not required to provide us with all of the Personal Data listed above, and you may withdraw your consent for our collection and use of your Personal Data at any time, subject to any legal or contractual restrictions and reasonable notice. If you do not provide Personal Data or you withdraw your consent, we may not be able to effectively provide you with our products, services and information. In certain circumstances, you will need to provide us with specific categories of Personal Data (including name, email address and payment information) in order to enter into a contract with us and for us to perform that contract.

From time to time and as permitted by applicable law(s), we may collect Personal Data about you and update any existing Personal Data that we currently hold from other third-party sources, including publicly available data sources, publicly available social networking sites such as LinkedIn, your employer or university/school, National, Provincial or Territorial CPA regulators/governing bodies, our credential and designation examination providers, course providers or data brokers such as Acxiom.

See “Use of Information” section below for details regarding the ways that we use and process your personal data.

Use of Information

Your Personal Data may be used in the following ways:

  • To provide our products and services to you;
  • To enhance and improve our products and services, for example, by performing internal research, analyzing user trends and measuring demographics and interests;
  • To process payments from you (including, but not limited to, membership dues and subscriptions, registration fees, voluntary contributions, examination fees, credential and designation fees, or payments for any products or services that you choose to purchase from us);
  • To process payments to you (including, but not limited to, refunds or reimbursements);
  • Internal purposes, such as website and system administration or internal audits and reviews;
  • To provide access to restricted parts of our websites;
  • To determine eligibility for membership, credentials, designations and volunteer opportunities;
  • To communicate with you regarding your membership and products/services that may be of interest to you;
  • To respond to your requests and inquiries;
  • To serve relevant advertisements to you when you visit our sites or other third-party sites (including social media platforms);
  • To request your participation in surveys, focus groups, or other initiatives which help us to gather information used to develop and enhance our products and services;
  • To evaluate your performance on continued learning courses and assist you in the tracking of your progress;
  • For examination scheduling, administration and registration purposes;
  • To comply with our legal obligations, resolve disputes and enforce our contractual agreements;
  • To comply with our obligations to protect members of the public and the public interest, as necessary, including but not limited to: (i) the maintenance of a member and student directory, (ii) regulatory activities, and (iii) disciplinary actions;
  • To comply with applicable law(s) (for example, to comply with a search warrant, subpoena or court order) or to carry out professional ethics/conduct investigations
  • From time to time we may provide statistics about the usage levels of the Site and other related information to reputable third parties, but these statistics will not include information which will allow you to be identified;
  • We may use the Personal Data you provide to us and which we obtain from other sources to better understand your interests so we can try to predict what other products, services and information you might be most interested in. This practice is called “profiling”, which involves making automated decisions about you based on this information in order to better enable us to tailor our interactions with you to make them more relevant and interesting. You may object to such profiling at any time by contacting us (see Contact Information below); and
  • For such other purposes as would be required or permitted by applicable law.

Unless a longer retention period is required by applicable law, we will retain your information for as long as your account is active, as well as for an additional period afterwards to cover any outstanding issues or queries that may arise in relation to your account (for example, outstanding payments, complaints, investigations, or litigation). This period of retention is subject to our review and alteration.

Sharing and Disclosure

We may disclose your Personal Data to our affiliates, who may use it for the purposes as outlined above. Our affiliates are located in the United States of America.

We may also disclose your Personal Data to third parties from time to time under the following circumstances and in accordance with applicable laws:

  1. You request or authorize the disclosure of your personal details to a third party.
  2. The information is disclosed as permitted by applicable law(s) and/or in order to comply with applicable law(s) (for example, to comply with a search warrant, subpoena or court order).
  3. The information is disclosed to your employer, university or tuition provider in the event they have an interest in your data (e.g. they support your exam, tuition, or membership fees).
  4. The information is provided to our agents, vendors, service providers, or appointed representatives (e.g. legal counsel, accountants, and other professional advisors) who perform functions on our behalf. See below for additional details.
  5. The information is provided for the purposes of evaluating or completing a business transaction, such as a merger, acquisition, amalgamation, or asset sale. If your Personal Data is transferred for this reason, you will be provided notice as required by applicable laws.

It is likely that the identity and categories of such third parties will change during the life of your account but, depending on your use of the Site, it is anticipated that your Personal Data will be disclosed to the following categories of third-party service providers who perform functions on our behalf. We require that our third-party service providers only use your Personal Data as necessary to provide the requested services to us and each service provider is subject to a set of terms consistent with this Privacy Policy.

  • Hosting providers for the secure storage and transmission of your data
  • Learning technology and online event providers for the delivery and improvement of web events and learning programs and the tracking of your progress
  • Digital credential providers for the delivery of digital badges earned through your participation in learning programs
  • Examination providers for the scheduling and delivery of credential and designation examinations
  • Identity management providers for authentication purposes
  • Database software providers for the management and tracking of your data
  • Legal and compliance consultants, such as external counsel, external auditors, or tax consultants
  • Advertising partners, including social media providers, for the delivery of targeted advertisements
  • Marketing providers who send communications on our behalf regarding our products and services
  • Payment solution providers for the secure processing of payments you provide to us
  • Publishers and learning providers who develop products on our behalf
  • Technology providers who assist in the development and management of our web properties
  • Outbound call center providers, who may perform outreach on our behalf regarding our products and services
  • Fulfillment and postal vendors for the fulfillment of our products and services
  • Our volunteers or committee members who perform various functions on our behalf
  • Survey and research providers who perform studies on our behalf

Collection of Information Through Cookie Use

We may obtain information about your general internet usage by using a “cookie” file. A cookie is an element of data that a website can send to your browser, which may then be stored on your hard drive. If you do not agree, you can choose to not receive a cookie file by enabling your web browser to refuse cookies or to prompt you before you accept a cookie.

The following types of cookies may be used on our websites:

  1. Essential Cookies: These cookies are necessary for our websites to work properly. They are usually only set in response to actions you take such as logging in or completing online forms. You can set your browser to block or alert you about these cookies, but some parts of our sites will not function if these cookies are blocked.
  2. Functionality Cookies: These cookies enhance the functionality of our websites by storing your preferences (such as your preferred language or the region that you are in) and allow us to provide enhanced features on our sites such as videos. These cookies may be set by us or by third-party content that we have placed within our pages. If you do not allow these cookies, some of the features on our websites may not function properly and you may not receive a personalized experience when visiting our sites.
  3. Performance Cookies: These cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our sites. They help us to understand which pages are visited most frequently and how visitors interact with our sites. Any information collected by performance cookies is aggregated and therefore not identifiable. If you do not allow these cookies we will not receive data related to your visits to our sites.
  4. Third-Party Cookies: These cookies may be set through our site by our advertising partners, such as Google or Adobe. They may be used by these companies to enable them to build a profile of your interests and show relevant advertisements on other sites. These cookies are based on identifying your browser and internet device. If you do not allow these cookies, you will experience a decrease in the targeted advertisements that you see online.

If you opt in to use the “Remember me” feature on our websites, we will place a persistent cookie on your hard drive and you will not be required to log in for every session. By disabling cookies on your machine or clearing your browsing history you may deactivate the persistent cookie.

All major browsers allow you to block or delete cookies from your system. To learn more about your ability to manage your preferences related to cookies, please consult the privacy features within your browser.

Further information about cookies, including instructions on how to activate and deactivate such functions, see:

Communication Preferences

We strive to provide you with relevant and useful information related to our products, services and industry news. You can update your communication preferences at any time by visiting the preference center within your online account on our website(s). Additionally, you can contact us using the information listed at the bottom of this policy to make changes to your communication preferences. Any promotional emails that we send will include a link at the bottom of the email to unsubscribe.

If you have opted in to receive text messages from us, you can opt out at any time by responding with the word STOP. You will receive a confirmation text of your choice to opt out.

Transfer of Personal Data Internationally

By providing us with your Personal Data, you acknowledge and agree that we may from time to time transfer any of your Personal Data to any of our offices or to the offices of any of our affiliates, agents or appointed representatives located around the world. Where personal data is transferred outside of Canada, these transfers will be subject to an agreement to protect the information. Note that information that is transferred to an affiliate or third party service provider in a foreign jurisdiction may be accessible to foreign courts, law enforcement, and national security authorities of that jurisdiction. Please do not submit any Personal Data to us if you do not wish for your data to be transferred internationally.

Without limiting the above, we will take all reasonable steps to ensure that Personal Information regarding Quebec data subjects that is processed outside Quebec or entrusted to a person outside Quebec will not be used for any purpose other than for the purposes for which it was collected (or other purposes permitted/required by applicable law), or disclosed to third parties, without the consent of the relevant data subject(s).

Security, Retention and Other

You information will be stored in San Jose, California, United States of America, where it will be accessible to customer service and operations management on a need-to-know basis.

We use reasonable measures to safeguard and secure the Personal Data we collect. Any transmission of Personal Data is at your own risk. Technology, such as, but not limited to, Transport Layer Security (TLS) and Secured Socket Layer (SSL), is used to enhance security and reduce risk of loss. Our security practices, processes or technology do not guarantee absolute security of your information and you should take all normal personal precautions such as, but not limited to, not sharing passwords, closing browsers, and not using public networks (e.g., internet cafes, etc.).

We will retain Personal Data only as long as necessary to fulfill the purposes for which consent was obtained or as required or permitted by law. Thereafter, the Compliance Manager will destroy, erase or anonymize your Personal Information.

You may request to access, correct, rectify or update your Personal Data, or make a complaint. In most circumstances, you may do this manually through our website. You may also contact us at the address set out at “Contact Information” below.

Parents and Children

We do not knowingly collect Personal Data from children under the age of 16. Parents have the right to terminate the registration of a child under the age of 16 by contacting us using the information listed at the bottom of this policy.

Contact Information

You may send a written request to our Data Protection Officer using the contact details listed below if you have any questions or concerns about this policy, including, without limitation:

  • you have questions, concerns or complaints about this policy, or otherwise related to how we collect, use, protect or disclose your Personal Data;
  • you would like to access, correct, or update your Personal Data;
  • you would like to obtain written information about our policies and practices with respect to service providers or affiliates outside Canada or to ask questions about the collection, use, disclosure or storage of personal information by our service providers or affiliates outside Canada;
  • you wish to make a complaint; or
  • you wish to withdraw your consent to our collection, use, storage, or disclosure of your Personal Data (subject to legal or contractual restrictions and reasonable notice).

Jonathan Mabe, Data Protection Officer
Association of International Certified Professional Accountants
220 Leigh Farm Rd.
Durham, North Carolina 27707
SecurityandPrivacyOffice@aicpa-cima.com

You are encouraged to report any improvements, suggestions, or any suspected breaches of privacy or security to us by using the contact information listed below.

Association of International Certified Professional Accountants Contact Information:

Chartered Institute of Management Accountants
The Helicon
One South Place
London
EC2M 2RB
United Kingdom
P: +44 (0)20 8849 2251
Hours of Operation:
(9am – 5pm, UK time, M-F)
Email: cima.contact@cimaglobal.com
American Institute of CPAs
220 Leigh Farm Road
Durham, NC 27707
P: 1.888.777.7077
F: 1.800.362.5066
Hours of Operation: 
(9am – 6pm, ET, M-F)
Email: service@aicpa.org

Chartered Institute of Management Accountants
The Helicon
One South Place
London
EC2M 2RB
United Kingdom
P: +44 (0)20 8849 2251
Hours of Operation:
(9am – 5pm, UK time, M-F)
Email: cima.contact@cimaglobal.com

American Institute of CPAs
220 Leigh Farm Road
Durham, NC 27707
P: 1.888.777.7077
F: 1.800.362.5066
Hours of Operation:
(9am – 6pm, ET, M-F)
Email: service@aicpa.org