Privacy Policy
This Privacy Policy describes how Artomai Inc. (operating as "WorkSimpli") collects, uses, discloses, and protects personal information in connection with the WorkSimpli platform. WorkSimpli provides invoicing, payroll, vendor bill management, and HR services to Canadian small businesses. These activities require us to collect and process certain personal information.
This policy is structured around the ten fair information principles established under Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and published by the Office of the Privacy Commissioner of Canada.
1. Accountability
Artomai Inc., operating as WorkSimpli, is responsible for all personal information in its custody or under its control, including information transferred to third-party service providers acting on its behalf.
The Privacy Officer is accountable for compliance with this policy and with PIPEDA. All inquiries, access requests, and complaints should be directed to the Privacy Officer at the email address above.
2. Information We Collect and Purposes of Collection
We collect only the personal information necessary for the purposes identified below.
2.1 Account and Identity Information
Collected: Full name, email address, phone number, business name, business address.
Purpose: To create and administer your WorkSimpli account, to communicate with you regarding your account, and to perform our obligations under your subscription agreement.
2.2 Billing and Payment Information
Collected: Credit or debit card details (collected and stored by Stripe; WorkSimpli does not retain full card numbers), billing address, subscription plan selection.
Purpose: To process subscription payments, issue receipts, and manage billing. Legal basis: contractual necessity.
2.3 Employee and Payroll Information
Collected: Employee names, addresses, dates of birth, Social Insurance Numbers (SINs), bank account details for direct deposit, salary and wage information, tax form data (T4, T4A), deduction details (CPP, EI, income tax), employment start and end dates.
Purpose: To calculate and process payroll, to prepare and file tax information returns (T4, T4A) with the Canada Revenue Agency, and to comply with federal and provincial employment and tax legislation. Legal basis: regulatory requirement under the Income Tax Act (Canada), s. 230.
2.4 Bank Transaction Data (via Plaid)
Collected: Bank account balances, transaction history, and account identifiers, retrieved through Plaid's secure API when you elect to connect a bank account.
Purpose: To enable bank feed reconciliation and automated bookkeeping. Legal basis: explicit consent (you must affirmatively connect your bank account through Plaid's authorization flow).
Cross-border disclosure: Plaid Inc. may process your banking data on servers located in the United States. When you connect your bank account, your data may transit through or be temporarily stored on U.S. infrastructure. Plaid's own privacy policy governs their handling of your data. You are encouraged to review it at https://plaid.com/legal.
2.5 Business Financial Records
Collected: Invoices, vendor bills, expense records, journal entries, general ledger transactions, financial reports.
Purpose: To provide the core bookkeeping and accounting functionality of WorkSimpli and to maintain records that satisfy CRA requirements. Legal basis: contractual necessity and regulatory compliance.
2.6 Usage and Technical Data
Collected: IP addresses, browser type, device information, pages visited within the application, feature usage patterns, error logs.
Purpose: To maintain application security, diagnose technical issues, and improve the Service. This data is not sold or used for third-party advertising.
3. Consent
We obtain consent before or at the time of collecting personal information, except where collection without consent is permitted or required by law (for example, CRA reporting obligations).
At account creation: You must accept this Privacy Policy and our Terms of Service before creating an account. The consent checkbox is mandatory; account creation cannot proceed without it.
Before bank account connection: Prior to opening Plaid Link, a WorkSimpli consent screen explains that: (i) WorkSimpli uses Plaid to retrieve your bank transactions; (ii) Plaid may process data on servers outside Canada; and (iii) your login credentials are never stored in WorkSimpli. You must click "Understand, continue" to proceed.
When adding employee payroll data: When an employee's SIN is entered, a disclosure explains that the SIN is collected for payroll tax reporting as required by the CRA, that it is encrypted at rest, and that it is used solely for T4/T4A preparation.
Withdrawal of consent: You may withdraw consent at any time for any collection, use, or disclosure that is not required by law. For example, you may disconnect your bank feed at any time through your account settings; Plaid access tokens are deleted immediately upon disconnection. Withdrawal of consent for information essential to the Service (such as billing information) may result in our inability to continue providing the Service to you.
Consent cannot be withdrawn for data subject to mandatory legal retention (for example, payroll records that must be retained for six years under the Income Tax Act).
4. Third-Party Data Sharing
We share personal information with third parties only as described below. We do not sell personal information. We do not share personal information for third-party advertising purposes.
| Service Provider | Information Shared | Purpose | Data Location |
|---|---|---|---|
| Plaid Inc. | Bank account credentials (transmitted directly to Plaid, never stored by WorkSimpli), account identifiers, transaction data | Bank feed connection and reconciliation | Canada and United States |
| Stripe Inc. | Payment card details (collected directly by Stripe via embedded form), billing address, subscription status | Subscription payment processing | Canada and United States |
| Canada Revenue Agency | T4 and T4A information returns, employer payroll data as required by law | Mandatory tax filing | Canada |
| DigitalOcean Inc. | All application data resides on DigitalOcean infrastructure | Cloud hosting | Canada (Toronto, TOR1 region) |
Each third-party provider is contractually required to protect the personal information shared with them and to use it only for the purposes described above.
If disclosure of personal information is required by law, regulation, or court order, we will comply. We will notify you of such disclosure unless prohibited by law from doing so.
5. Data Residency
WorkSimpli data is hosted on Canadian infrastructure in DigitalOcean's Toronto (TOR1) data centre. The production database, backups, and application servers are all located in Canada.
Exceptions:
Plaid may process bank transaction data on servers in the United States. This is disclosed to you before you connect your bank account (see Section 3).
Stripe may process payment information on servers in the United States. Stripe is certified under applicable data protection frameworks.
6. Data Retention
Personal information is retained only as long as necessary to fulfill the purposes for which it was collected, or as required by law.
| Data Category | Retention Period | Legal Basis |
|---|---|---|
| Payroll records (pay stubs, deductions, T4/T4A data) | 6 years after the tax year | CRA employer record-keeping, Income Tax Act s. 230 |
| Journal entries and general ledger transactions | 6 years after the fiscal year | CRA business record-keeping |
| Bank transaction data (from Plaid) | Current fiscal year + 1 year | Reconciliation and audit trail |
| Plaid access tokens | Until bank connection is disconnected | Functional necessity; deleted immediately on disconnect |
| Employee personal information (name, address, phone) | Duration of employment + 6 years | CRA employer record-keeping |
| Social Insurance Numbers | Duration of employment + 6 years | CRA T4/T4A filing requirement |
| Account and billing data | Duration of subscription + 60 days | Contractual necessity |
| Non-regulatory personal information | Duration of subscription + 60 days | No regulatory hold |
Post-cancellation: Data remains accessible until the end of the billing period, followed by a seven-day read-only grace period. After the grace period, the account is suspended for 60 days. At the end of 60 days, non-regulatory data is permanently deleted. Regulatory data (payroll, general ledger, tax records) is moved to encrypted cold storage for the remainder of the applicable retention period and then deleted.
7. Accuracy
We take reasonable steps to ensure that personal information in our possession is accurate, complete, and current for the purposes for which it is used. Payroll calculations, tax filings, and financial reports depend on accurate data.
You may review and update your personal information at any time through your WorkSimpli account settings. If you identify an error in payroll or tax data that has already been filed, contact us and we will work with you to issue corrections.
8. Safeguards
Personal information is protected by security safeguards appropriate to the sensitivity of the information. Given that the Service processes Social Insurance Numbers, bank data, and payroll records, our measures include:
Encryption in transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher. HTTP connections are automatically redirected to HTTPS.
Encryption at rest: The production database is hosted on encrypted storage. Plaid access tokens receive an additional layer of application-level encryption (AES-256) before storage. Database backups are GPG-encrypted before upload.
Access controls: The production database is not exposed to the public internet. Administrative access requires connection through a private network and key-based SSH authentication. Multi-factor authentication is required for all infrastructure accounts.
Vulnerability management: Automated vulnerability scans are performed weekly on application containers. Critical vulnerabilities are patched within seven days of identification.
Endpoint security: All team devices use full-disk encryption and run real-time antivirus protection with automatic security updates enabled.
9. Individual Access
Under PIPEDA, you have the following rights with respect to your personal information:
Access: You may request a copy of the personal information we hold about you. We will respond within 30 days of receiving your request.
Correction: If your personal information is inaccurate or incomplete, you may request correction. Most information can also be updated directly in your account settings.
Deletion: You may request deletion of your personal information. We will comply except where we are legally required to retain the data (for example, payroll records within the six-year CRA retention window). Where deletion is not possible, we will explain the reason and provide the scheduled deletion date.
Withdrawal of consent: You may withdraw consent for any collection, use, or disclosure that is not required by law (see Section 3).
To exercise any of these rights, contact the Privacy Officer at hello@artomai.com. Identity verification may be required before processing your request.
10. Openness
This policy is publicly available at /privacy. We will notify active account holders by email of any material changes. The "Last Updated" date at the top of this page reflects the most recent revision.
A copy of this policy in an alternative format is available on request from the Privacy Officer.
11. Challenging Compliance
If you believe we are not complying with this policy or with PIPEDA, you may file a complaint with the Privacy Officer at hello@artomai.com. We will investigate and respond within 30 days.
If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada:
Office of the Privacy Commissioner of Canada
30 Victoria Street
Gatineau, Quebec K1A 1H3
Toll-free: 1-800-282-1376
Website: https://www.priv.gc.ca
12. Cookies and Analytics
WorkSimpli uses essential cookies required for application functionality (session management, authentication). We do not use third-party advertising cookies or tracking pixels. We do not participate in cross-site tracking.
If analytics tools are introduced in future, this policy will be updated accordingly and active account holders will be notified.
13. Children's Privacy
WorkSimpli is a business application not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that personal information has been collected from a child, it will be deleted promptly.
14. Amendments
We may amend this Privacy Policy from time to time. Material changes will be communicated to active account holders by email at least 30 days before the changes take effect. Non-material changes (such as formatting corrections or clarifications that do not alter your rights) may be made without prior notice.
The current version of this policy is published at /privacy.