The Canada Revenue Agency (CRA), and the Government of Canada as a whole, are committed to respecting the personal privacy of people who visit federal Web sites. This section summarizes the Web site privacy policy and practices of the CRA.
The CRA does not automatically gather any personal information-such as your name, phone number, email address, or street address-when you visit our Web sites. This type of information is obtained only when you yourself submit it, such as when you file your electronic tax return online or conduct other online transactions with us.
Whenever you conduct online transactions with the CRA, we use 128-bit SSL encryption (secure socket layer) to encode your information and protect its confidentiality while it is in transit.
When we collect personal information from you during an online transaction, we explain why we are doing so and how you can exercise your right to access that information yourself. The explanation we provide often takes the form of a disclaimer page. You must click on the "I accept" button to signal your agreement before proceeding with your transaction.
Any information you provide is disclosed only to CRA officials and others who need it to process your transaction, according to any of the legislation governed by the CRA. We do not create individual profiles from the information that users provide. As well, we do not disclose the information to any party inside or outside the federal government unless authorized by law.
All personal information you provide is protected under the federal Privacy Act. When other legislation is applicable - such as the Income Tax Act, or the Excise Tax Act, - we respect the privacy provisions of those laws.
For operational reasons, the CRA generally uses session cookies during online transactions so that our server can track your browser's activity on our Web site and interact accordingly. (Please see Cookies.)
Information pages for online transactions include an explanation about our use of session cookies. You have the option of refusing to accept a cookie, in which case you will be unable to complete your transaction online and must choose another way to deal with us. You can contact us by phone, fax, or letter, or visit us in person.
In addition, we use session cookies to track how visitors use our Web sites because it helps us improve navigation and user satisfaction. You can turn off session cookies in your Web browser without affecting the performance of our site or restricting your access to the information it offers. However, as explained above, you will not be able to conduct online transactions with us if you turn off cookies in your browser.
The CRA epass services use persistent cookies during secure sessions in order to manage client preferences such as language, and to ensure the integrity of the system.
Software programs constantly monitor network traffic on CRA Web sites to identify unauthorized attempts to upload or change information or to otherwise cause damage. This software receives and records the Internet Protocol (IP) address of any computer that contacts our sites, as well as the date and time of the visit and the pages visited.
We do not attempt to link these IP addresses with the identity of individuals unless an IP address is identified in connection with an attempt to damage the site.
If you have any questions or comments about our privacy policy and practices, about how we administer the Privacy Act, or if you are not satisfied that we have adequately respected your privacy, you are encouraged to contact the Access to Information and Privacy Directorate at ATIPCPTG1@cra-arc.gc.ca. You can also contact the Office of the Privacy Commissioner of Canada by Internet or by calling 1-800-282-1376.