Privacy Policy

1. Data Protection at ClearDutyTrack

At ClearDutyTrack, protecting your personal data is fundamental to our business ethics and professional obligations as tax-free control service providers. This Privacy Policy outlines our comprehensive approach to data protection, detailing what information we collect, how we process it, and your rights under applicable data protection laws. As exemption advisory specialists, we understand the critical importance of data protection and implement the highest standards of data security and privacy.

Our privacy practices comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR) where applicable, and other relevant data protection regulations applicable to digital service providers.

2. Controller Information and Contact Details

The controller responsible for processing personal data in connection with our digital services is:

ClearDutyTrack
Bay Street
123 Commerce Avenue
Toronto, ON M5H 2Y2
Canada

Email: privacy@ClearDutyTrack.com
Phone: +1 (331) 482 540
Business Number (BN): 684930192

3. Categories of Personal Data We Process

  • Client identification and contact information (name, address, email, phone number)
  • Organizational and exemption information (company size, exemption status, compliance needs)
  • Exemption matter details and workflow-specific information
  • Documentation and correspondence records
  • Service engagement and billing details
  • Payment and billing information
  • Communication records and exemption correspondence

4. Purposes of Data Processing

  • Provision of tax-free control services and consultations
  • Client relationship management and service delivery
  • Exemption matter handling and workflow management
  • Client communication and support services
  • Billing and accounting purposes
  • Exemption updates and service information (with consent)
  • Quality assurance and service improvement

5. Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Performance of exemption service contracts (Art. 6(1)(b) GDPR)
  • Compliance with legal obligations (Art. 6(1)(c) GDPR)
  • Legitimate interests in providing exemption services (Art. 6(1)(f) GDPR)
  • Your explicit consent where required (Art. 6(1)(a) GDPR)

Additional requirements under Canadian law, including PIPEDA, are also observed.

6. Professional Confidentiality and Data Protection

As exemption professionals specializing in tax-free control optimization, we maintain strict confidentiality standards:

  • Exemption-client privilege protection for all exemption communications
  • Strict access controls and data segregation measures
  • Regular security audits and compliance assessments
  • Encrypted communication channels for sensitive information
  • Secure document management systems
  • Staff training on confidentiality and data protection

7. Technical and Organizational Security Measures

We implement state-of-the-art security measures to protect your data:

  • End-to-end encryption for data transmission
  • Multi-factor authentication systems
  • Regular security updates and penetration testing
  • Secure data centers in Canada
  • Comprehensive backup and disaster recovery plans
  • Physical security measures for office and IT infrastructure

8. Data Retention and Deletion

We retain personal data only as long as necessary for our services or as required by law:

  • Exemption case records: 7 years after case completion
  • Client documentation: Duration of engagement plus 5 years
  • Communication records: 3 years after last contact
  • Billing information: 10 years (legal requirement)

9. Your Data Protection Rights

Under PIPEDA and GDPR where applicable, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with supervisory authorities

10. International Data Transfers

For international data transfers, we help appropriate safeguards:

  • EU Standard Contractual Clauses
  • Canada-specific data transfer agreements
  • Data processing agreements with service providers
  • Regular assessment of transfer mechanisms

11. Updates to Privacy Policy

We regularly review and update this Privacy Policy to reflect changes in our practices and legal requirements. The current version is available on our website.

Material changes will be communicated directly to affected clients and through our website.

Last updated: January 2025