Privacy Policy

Effective as of: November 6, 2015

TRUSTe online privacy certification

A note from Brian Masson, Wave's Information Security Officer

Hi! Great to see that you care about your privacy! We do, too.

That's why we worked with privacy consultants and international experts to make sure we've thought through how to best protect you. In an attempt to make this sort of document less painful, we’ve provided a simplified version, just like we did for our Terms of Use.

Below, on the left: That's the official stuff that you're agreeing to. On the right, you'll see how I'd explain it to my father (hey dad!) if he asked. You can use that as a guide to find and understand the info you want to know about.

I sincerely hope it helps you better understand this document, what you’re consenting to, and how we operate. Thanks for joining the Wave community!

At Wave Accounting Inc. ("Wave"), we value your trust and respect your privacy.

Wave strives to support small business owners like you by offering a fast and easy way to manage your money, while respecting your privacy expectations and protecting your Personal Information.

Wave is serious about protecting you and your data.

By "Personal Information", we mean information about an identifiable individual such as a person's name, email address, residential address, telephone number, and in some cases, more sensitive information such as but not limited to gender, demographic information, family status, investment particulars, consumption preferences, business expenditures, credit score, accounting data, social security or social insurance numbers, bank account information, and payment card information. If you or your employer use our payroll service, Personal Information may include employment status, names, addresses, bank account data, hours worked, hire date, marital status, rates of pay and taxes paid and payable about you, your employees, agents, contractors and representatives.

The long list of things we define as personal information — the things this policy is designed to protect.

To demonstrate our commitment to protecting your privacy, we have developed this Privacy Policy, which describes how we will collect, use, disclose, retain and protect Personal Information in order to provide you with our online accounting, payroll, payment and invoicing services and other small business–related services (collectively, the "Services") offered and maintained by us and our affiliates from time to time. This Privacy Policy applies to waveaccounting.com, waveapps.com, wavepayroll.com, and their subdomains, all of which are owned and operated by Wave Accounting Inc. Our Privacy Policy is based on applicable privacy legislation as well as 10 internationally recognized privacy principles.

This policy sets out the rules of what we do with your data, and we didn't just make it up. It's based on actual laws and international standards and principles.

Wave has received TRUSTe's Privacy Seal signifying that this privacy statement and our practices have been reviewed for compliance with the TRUSTe program viewable on the validation page available by clicking the TRUSTe seal. The TRUSTe program covers only information that is collected through the Wave Apps Site (waveapps.com, waveaccounting.com and wavepayroll.com), and does not cover information that may be collected through our mobile application, behind the log in on our sites, software downloaded from the Wave Apps Site, or from any third-party sites.

TRUSTe is an independent third party, whose goal is to drive trust between consumers and organizations. They've reviewed and approved our policy and practices, and they give us the thumbs up. You can contact me if you have any questions.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact TRUSTe at https://feedback-form.truste.com/watchdog/request

If you're not satisfied with our responses, you can contact TRUSTe to escalate the issue.

If you have questions or complaints regarding our Privacy Policy or practices, please contact us at:

Wave Accounting Inc.
235 Carlaw Ave., Suite 601
Toronto, ON M4M 2S1
(416) 521-9141
Attention: Privacy Officer


For the purposes of this Privacy Policy, the term "Site" means these websites (waveapps.com, waveaccounting.com and wavepayroll.com), all related webpages, and all related websites operated by affiliates or divisions of Wave, but does not include any third-party websites which are linked to or may link from this website whether or not such third-party websites are used in connection with the Services. "Wave Apps" means the Site and all mobile applications and other applications which provide access to the Services offered by Wave and its affiliates from time to time.

"Site" refers only to Wave-owned web properties and not any third-party sites. Wave Apps are our web, mobile and any other applications that provide access to our services.

Wave Privacy Policy


Wave has designated a Privacy Officer who is responsible for the creation, oversight and implementation of our Privacy Policy and procedures to protect Personal Information, for receiving your privacy-related questions, and for providing you with information about our privacy practices. Our Privacy Officer is also responsible for notifying you of any material changes to our privacy practices, by posting updated information on our Site.

You can contact our Privacy Officer:

Brian Masson
Information Security Officer
235 Carlaw Ave., Suite 601
Toronto, ON M4M 2S1
Phone: (416) 521-9141 extension 130
Attention: Privacy Officer

Accountability: That's me! I'll be the one making the changes, notifying you, and answering your questions.

Identifying Purposes

Wave collects, uses, and discloses Personal Information only for the purposes of providing you with our Services and for such other ancillary purposes consented to by you as a user of the Wave Apps.

We'll only use your info to provide the services we've defined in our Terms of Use or in other ways that you've explicitly consented to.

Personal Information

More specifically, Wave collects, uses and discloses information (which may include Personal Information) for the following purposes:

To provide you with our Services. For example, in order to allow us to retrieve banking information for use within the Wave Apps, we collect your or your business' online banking credentials (i.e. account number, username and password; see Storage of Online Banking Credentials, below, for details) if you choose to provide them.

To promote or offer you products, services and offers (including new and other Services which are offered by us, our sponsors and partners) that may be relevant to you and your business. When you are using our Services you may be provided with relevant savings opportunities and related links based on information related to your use of the Services. Wave will use your Personal Information for the purpose of tailoring savings opportunities to your interests. However, we will never share your Personal Information with companies offering the savings opportunities. We only provide these companies with non-identifiable, aggregate information (e.g. the number of times one of their savings opportunities was clicked).

To contact you for the purposes of product information, service updates, notifications relating to the Services, newsletters and tailored savings opportunity messages. Wave will never sell your contact details to a third party.

To monitor system usage, server and software performance, to improve system design, to create benchmarks and to conduct trending analyses.

To assist you with technical support issues. It is important to remember that most technical issues can be resolved without a Wave customer service representative viewing your Personal Information.

To comply with any laws, regulation, court orders, subpoenas or other legal process or investigation and to protect ourselves and other individuals from harm.

To assist in due diligence relating to any corporate action such as a financing,merger, amalgamation, sale or divestiture, provided that reasonable safeguards are taken to protect the confidentiality of Personal Information in our possession. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

We collect your information to better provide our services to you. These services include things like:

  • hooking up to your bank
  • promoting products and offers that may be relevant to your business (but only based on aggregate, non-identifiable data)
  • providing tech support
  • monitoring our systems
  • compliance with the law


Wave takes a consent-based approach to the collection, use and disclosure of Personal Information. We collect Personal Information directly from you and only obtain Personal Information from other organizations (e.g., your bank or other third-party service providers) when you provide us with the account numbers, passwords or other credentials required to retrieve the Personal Information and for the purpose of providing you with our Services. We use and disclose the Personal Information only as described in this policy and our Terms of Use.

We collect your personal information from you. If you want us to gather information from other sources (your bank), you'll need to provide credentials. We only use this data in ways we describe here and in our Terms of Use

At any time and without penalty, Wave users can withdraw their consent and close their Wave account by taking the following actions:

If you are a Payroll by Wave user, place your payroll account on hold. Open the "Your Profile" page within our application.

At the bottom of the "Your Profile" page, click the "Close this Account" button and then confirm by clicking "Yes, close my account."

You will be sent an email for confirmation that the account is being closed by the rightful account holder. Click the link in the email.

In the web page that opens, click "Yes, please close my account" to complete your account closure.

Once your account is closed, we will take the following actions:

For users of all Wave products except Payments and Payroll:

All Personal Information relating to your account will be deleted from our databases. However, anonymous transactional data (which does not personally identify you or any of your employees, agents, contractors and representatives) will be retained in our database.

You can close your account whenever you want by following the steps on the left — we'll miss you, but we won't hold it against you, and there's no penalty.

For users of Payroll by Wave:

In order to support our Payroll Guarantee, account information related to Payroll will be retained for a period of 7 years after the date of the most recent payroll you ran.

When you confirm the closure, we'll delete your personal information from our apps — except for payroll. We need to keep payroll information based on IRS/CRA rules.

For users of Payments by Wave:

In order to support our regulatory compliance, payments information will be retained for a period of 3 years after the date of your last processed payment.

If you’re a payments customer, even after you close your account we’ve got to keep some of your data for a few years.

At any time, Wave users can opt-out of most email communication from us by clicking on the unsubscribe link at the bottom of our emails, or via the "Email Preferences" section of the "Your Profile" page, accessible via the "Account" menu. Users of Wave's Payroll product wishing to opt-out of payroll emails must do so in the "Notifications" section of the payroll settings page. However, we may still contact you for administrative purposes (e.g. if we need to notify you of a change to our service, changes to our terms of use or privacy policy, there is a problem with your account or an anticipated service interruption, etc.).

Withdrawing your consent will not apply to actions Wave has already taken based on your prior consent.

You can opt-out of our emails on the email preferences page. This won't affect emails we've already sent you.

The only exception: We may still send you critical email messages even if you opt out from other messages. (But we won't abuse this.)

In order to use certain Services, such as Wave Payroll, you may be required to provide personal information relating to yourself and your employees, agents, contractors and representatives from time to time. You acknowledge, and represent to us that you only collect, use and disclose personal information in compliance with applicable privacy laws. You further represent and warrant to us that you have obtained all required consents (including, if you use Wave Payroll, consents relating to making deposits to and debits from your employees' bank accounts) from your employees, agents, contractors and representatives whose personal information will be disclosed to us or to our third-party service providers in connection with the Services. You further agree to indemnify and hold Wave, its affiliates, subsidiaries, partners, service providers, suppliers and contractors and each of their respective officers, directors, agents, and employees (collectively, the "Wave Parties"), harmless for any loss, cost, complaint, damage, claim or liability whatsoever arising from your collection, use and disclosure of personal information relating to your employees, agents, contractors and representatives.

To use some services, like payroll, you'll need to provide information about other people. Only do this if you're legally allowed to. If problems come up around your collection and use of this data, that's on you.

Limiting Collection

Wave limits the collection of Personal Information by collecting only the information required to fulfill the identified purposes. We will collect only the minimum amount of information required to facilitate the Services. However, we provide you with the option of sharing additional information (e.g. your name or address) to enhance your use of the Services. We will share your personal information with third parties only in the ways that are described in this privacy statement.

We only collect the personal information we need to provide our services. You can give us more info to improve your Wave experience, though.

Wave does not knowingly or intentionally collect Personal Information from visitors who are under the age of thirteen (13).

Sorry, but no kids allowed!

You may in connection with some but not all of our Services have the ability to allow others (Guest Collaborators) access to your account. If you choose to allow others access to your account, you will need to provide the individual's name and email address. We will automatically send your guest a one-time email inviting him or her to visit the Site. Wave stores this information for the sole purpose of sending this one-time email and tracking Site usage. The individual may contact us at privacy@waveapps.com to request that we remove this information from our database. A Guest Collaborator who accepts the collaboration invitation will be subject to and must agree to the same terms as a regular Wave customer. Note that by providing Guest Collaborators access to your account, you will also be providing the Guest Collaborator access to any Personal Information in your account. While the Guest Collaborator must agree to our terms of use, we take no responsibility for any collection, use or disclosure of your Personal Information by your Guest Collaborator. It is your responsibility to ensure that your Guest Collaborator complies with privacy standards that are no less stringent than our own.

Collaborator invitations require that you provide us with some information about your guest. If they decide that they don't want us to have that information, they can email me (privacy@waveapps.com) and we'll remove it. If they do want to be a collaborator, they need to play by the same rules you do (our Terms of Use).

You'll be providing them access to your information, so make sure they're safe with it: We aren't responsible if they misuse that info.

When you use certain Services, you have the option to share information with other accounts you have signed up for. You may choose from time to time to connect Wave with other third-party service providers in order to utilize these services in conjunction with the Wave Apps. Purposes may include saving copies of records, importing data from external sources, communications with third parties, and conducting payment and direct deposit functions, among others. In such instances, your account and password credentials and other required information in respect of such third-party service may be stored by Wave for the purpose of providing this service.

In order to connect with certain third-party services, you may have to provide us your credentials. In some cases we may need to store these in order to continue providing that connection.

Limiting Use, Disclosure and Retention

Wave will not use or disclose Personal Information for purposes other than the identified purposes of the Services or such other purposes which we identify from time to time.

We won't use, share, or store your information in ways you aren't made aware of.

We also ensure that only those employees responsible for the Services' operations have physical or technical access to Personal Information and only where such access is required to perform work authorized by their supervisors.

We'll make sure nobody at Wave can see your personal info unless they need it to do their job.

Wave will retain Personal Information only for the duration of your enrollment as a Wave user or to support the Wave Payroll Guarantee and other regulatory or legal requirements. Personal Information will be retained in access-secured databases. If you choose to withdraw from the Services, we will securely destroy your Personal Information in our possession and control within 45 days unless we are required to retain such Personal Information longer to fulfill our obligations to you or to third parties. However, we may retain non-personal information indefinitely.

We'll only keep your data while you're a Wave user. We'll keep it secure. We'll delete the data that can be tied back to you within 45 days of you closing your account. This doesn't include data that can't identify you.

Payroll data will be retained for a period of seven years from the date of employer's most recent payroll processing in order to comply with government regulations regarding retention of payroll data. Payroll data includes but is not limited to:

a. employer name, address, tax rates, exempt status and

b. employee name, address, bank account information, SSN or SIN, rate of pay, hire date, birth date, filing status, allowances, benefits and deductions and

c. gross pay, taxes, deductions and net pay for every payroll processed.

If you're a payroll user, we've got to keep your payroll data due to IRS/CRA requirements.

Payments data will be retained for a period of three years from the date of your most recent payment transaction in order to comply with regulatory requirements. Payments data includes, but is not limited to:

a. banking details and

b. personal information such as name, SSN/SIN, credit information and

c. business details such as legal name, type, tax ID and

d. transaction details such as amount, card type, expiry date and

e. transfer details such as amount, bankaccount.

If you’re a payments customer, even after you close your account we’ve got to keep some of your data for a few years.

We retain all Personal Information provided by you or your bank on secure servers, as do our third-party partners and service providers. This data will be subject to the laws of the relevant jurisdictions. Our third-party service providers, including financial institutions, have their own terms of use and privacy policies that will govern your relationship with these third parties. You are responsible for reviewing and agreeing to these terms of use and policies. If you do not agree with these terms of use or privacy policies you should not use the services offered by such third-party service providers.

We keep our data secure and so do our partners and providers. If you want to use any of our third-party service providers, you're responsible for reading their terms and privacy policies.

For example, you can connect a service called Shoeboxed to Wave. If you do that, you are entering into a separate agreement with Shoeboxed, and you will be subject to the terms they give you.

In the future we may collect information, including Personal Information, to enable you to access services provided by our third-party partners and service providers. You will be subject to the terms of use and privacy policies of these third-party service providers. You are responsible for reviewing and agreeing to these terms of use and policies. If you do not agree with these terms of use or privacy policies you should not use the services offered by such third-party service providers.

We might collect some information to enable the use of third-party providers. Again, if you want to give us that information and use those services, read their terms and policies and make sure you agree with them before use.

When Wave data is viewed in the Wave Apps mobile apps, some data is cached in the memory of the device. That data is deleted when the related application is closed and does not persist. If the application is put in the background without closing, the data may remain in the cache. We take no responsibility for any unauthorized viewing of this data by third parties.

When you use our mobile app(s), we store some data in memory on your mobile device. If you don't close the app when you're done, some of that information may still be in memory and could be viewed by others. We can't take responsibility for this, so be sure to close your apps when you're done.


Wave relies on you to ensure that the Personal Information you provide to us while using the Services is as accurate, complete and up-to-date as necessary for the purposes for which it is to be used. You are welcome to make changes, request deletion or corrections to Personal Information at any time by contacting us at the contact information listed below. We will respond to your request within a reasonable timeframe.

We also make every effort to ensure the accuracy of the information in our reports, displays, articles and support queries. However, you must verify all information created from your use of the Services and we recommend that you consult an accounting professional before completing any government or regulatory filing or otherwise relying upon the information, as the use of this information is at your own risk.

You are responsible for ensuring that the information you have provided is truthful, accurate, reliable and complete.

We will retain your information for as long as your account is active, or as needed to provide the Services to you. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

When you give us your personal information, we rely on you for accuracy. You can contact us to update or delete it. Whenever we use this information — for reports, display, filings, etc — we'll do our best to make sure it's accurate. Before using this information for anything official, we recommend you consult an accounting professional.


Wave implements industry best practices appropriate to the sensitivity of your Personal Information. We use administrative, technical, and physical safeguards to protect your Personal Information against loss, theft, and unauthorized access, use, disclosure, copying, modification, disposal, or destruction in accordance with applicable legal requirements and industry best practices.

For example, we implement encryption and security controls to protect against unauthorized access to Personal Information during electronic transmission, and we train our employees to follow privacy and security practices specific to the Services. We also undertake security assessments to ensure that we maintain strong security controls.

We ensure that any third party acting on our behalf in respect of your Personal Information maintains reasonable and appropriate safeguards. For example, these third parties classify customer account data as "super sensitive". This means that access to such data is strictly limited based on business need and this data cannot be transmitted without the use of approved encryption methods. These third parties also employ both an Intrusion Detection System and an Intrusion Prevention System, and run regular network vulnerability scans. Additional information about our third parties' privacy practices is available upon request.

We use industry best practices, both technical (like encryption) and physical (like secure, locked-up server facilities), to protect your data, its storage, transmission, and disposal. Any third parties acting on our behalf also do what's necessary to protect any data they receive. We'll give you more details if you request them.

Storage of Online Banking Credentials

You may choose to provide your online banking information, for the purpose of importing transactions into Wave and reducing your manual entry workload. To provide improved security and reliability, Wave employs a respected provider of global online banking solutions. This partner stores account and password information. Wave does not store these. This third party uses Triple DES encryption and secure storage protocols to protect Wave customer data.

If you want to connect your bank, you'll need to provide some credentials. To make sure this is safe, we're relying on a third party provider. They store account and password information securely, they encrypt it, and Wave never sees it.

Payment Card Information

To ensure the security of your and your customers’ credit card data, Wave does not store credit card numbers. Instead, we rely on tokenization - a process of substituting sensitive data with a unique identification code.

Card data is encrypted and exchanged directly from the browser to our payments processor, who then returns a token.

Wave makes use of these tokens to facilitate the payments process.

Wave protects you and your customers by not storing cardholder data. We replace this sensitive data with tokens that can be used in their place. If the data isn’t stored anywhere, we greatly reduce the chance of it being stolen.

No method of transmission over the internet or method of electronic storage is 100% secure. Therefore while we do protect your information, we cannot guarantee its absolute security. If you have questions about security on our Site, you can contact us at privacy@waveapps.com.

What we're saying here is that "perfect security" doesn't exist. That might sound scary, but anyone promising "100% secure" is probably lying and we don't want to do that. Wave makes use of a variety of security and monitoring tools, penetration testing, and resilient code frameworks to ensure we're as secure as possible. In addition to that, we'll stay transparent on security issues. If something ever does happen, we'll let you know.


Wave makes clear and transparent notice of its privacy practices publicly available via our Privacy Commitment and this policy. Our notices describe the collection, use, disclosure, and protection of Personal Information and provide the contact information of our privacy contact person.

Wave will advise you at the first reasonable opportunity upon discovering or being advised of an incident where your personal information is lost, stolen, accessed, used, disclosed, copied, modified or disposed of by unauthorized persons or in an unauthorized manner.

We're very clear about our stance on privacy and we'll let you know ASAP of any unauthorized incidents involving your data.

Individual Access

You own your data which you input using the Wave Apps and can download your own data via the Site at any time. Upon request, Wave will also provide you with a list of the entities (e.g. third-party service providers) to whom Wave has disclosed your Personal Information, and the countries in which our servers are located.

Your data is yours. You can download it from the site and if you ask we'll let you know which other places your data has gone.

Additional Features

The Wave Apps may offer publicly accessible blogs and community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. We take no responsibility for any information which you or your employees, agents, contractors and representatives post or publish on the Wave Apps and you agree to indemnify and hold the Wave Parties harmless for any loss, cost, complaint, damage, claim or liability whatsoever arising from any such post or publication.

The ability to comment on our blogs is managed by a third-party application that may require you to register to post a comment. We do not control the accounts registered with the third party. You will need to contact or login to the third-party application if you want personal information that was posted to the comments section removed. To learn how the third party uses your information, please review their privacy policy.

Our community forums and support services (support.waveapps.com) are managed by Wave, but hosted by a third party. For information on the use and retention of your information, please review their privacy policy. You may request removal of personal information from forum posts and comments by contacting us at privacy@waveapps.com.

With your consent we may post your testimonial along with your name. If you want your testimonial removed please contact us at privacy@waveapps.com.

You can log in to our site using single sign-on (SSO) services such as Google and Yahoo. These services will allow the third party to authenticate your identity and provide you the option to share certain personal information with us such as your name and email address to pre-populate our sign up form.

The blog portion of the Site includes Social Media Features, such as the Facebook Like button and Widgets, such as the Share button or interactive mini-programs that run on our site. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

Some of the functionality of the Services and the Wave Apps interoperate with, and are highly dependent upon, application programming interfaces (APIs) from third parties, such as Google and Yahoo!. We may collect Personal Information from these third party APIs to the extent you authorize us to do so, and our collection, use and disclosure of that Personal Information will be governed by this privacy policy. In addition, if you authorize us to do so, we may grant third parties access to some or all (depending on the permission you give) of your Personal Information to third parties through our own API for use in connection with their services. You have the ability to control what Personal Information you share with these third parties through our API, but please note that any Personal Information you share with third parties through our API will be governed by their privacy policies and we do not assume any responsibility for such third party's use of your Personal Information once shared through our API.

Our Site includes links to other websites whose privacy practices may differ from those of Wave. If you submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

The blogs and forums are open, and only moderated in a limited way. Anything you post there can be seen by others, and we're not responsible for the things people post.

If you give us consent, we might use one of your quotes for a testimonial — and if you want that removed, let us know.

If you use Google or Yahoo to sign in via SSO, those services will let us see your name and email.

Our blog has some social media features (Facebook Like, etc) which, if you use them, may collect your IP, set a cookie, etc. The companies providing these tools have their own rules and policies which apply to the use of these features.

People may use our interfaces to write programs to interact with Wave. Wave may write programs to interact with third-party interfaces. These can be used to collect and share data, but only if you authorize it. If you authorize the sharing of data, the use of that data will be governed by the rules and policies of the third party you're sharing it with.


If you choose to use our referral service to tell your accountant about our website, we will ask you for their name and email address. We will automatically send them a one-time email inviting him or her to visit the website. Wave does not store this information and uses it for the sole purpose of sending this one-time email.

If you refer someone, we'll send them a single email invite, but won't keep their information.

Cookies and Other Tracking Technologies

Third-Party Tracking Technologies & Cookies

As is true of most websites, we gather certain information automatically and store it in log files. This information may include, but is not limited to, internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.

We may combine this automatically collected log information with other information we collect about you. We do this to improve the Services we offer you, to improve marketing, analytics, and site functionality.

Technologies such as cookies, web beacons, tags and scripts are used by Wave, our advertising and analytics partners, and affiliates. These technologies are used in analyzing trends, administering the Site, tracking users' movements around the Site and to gather demographic information about our userbase as a whole.

We use cookies for session tracking to make it possible to navigate the secure environment inside our Site. When you log into Wave, your browser may ask you if you want it to remember you as a registered user of Wave. If you accept, the session ID becomes a persistent cookie, which expires after two weeks of non use. Users can control the use of cookies at the individual browser level. If you reject or refuse cookies, you will not be able to use Wave.

We use local storage objects (LSOs) such as HTML5 to store preferences. Third parties with whom we partner to provide certain features on our site or to display advertising based on your browsing activity use LSOs such as HTML5 to collect and store information.

Various browsers may offer their own management tools for removing HTML5 LSOs.

We track some basic information about your use of the site and we might combine this with other information we have to help improve the site and services.

We use cookies (the computer kind, not the tasty kind) and they may stay on your computer unless you clean them out. We use them to track things like your login session and some of our partners do the same. We don't link these cookies to any personal information.

Some of our partners use small/clear images (tracking pixels) and some scripts to help manage content. Similarly we might use these things for analytics (to help us better understand how people use our site).

If we or our partner change cookie behaviour, we'll let you know.

Behavioral Targeting/Re-Targeting

We partner with a third party to either display advertising on our Site or to manage our advertising on other sites. Our third-party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here. Please note this does not opt you out of being served ads. You will continue to receive generic ads.

Our ad partner uses a variety of web tools to collect non-personal information about your online activities, in order to display targeted ads. You can opt out of targeted ads, but you'll still see ads - if you want to do this, click the link over to the left.

Device Tokens

In order for Wave to communicate with you via the Wave Apps mobile applications which you may choose to install on your mobile device, we save a "device token" on your device. We use the device token to provide you with notifications relating to the Services. The device token identifies your mobile device to us but cannot be used to identify you. We store the token in encrypted format (256-bit encrypted) and retain it only as long as necessary to provide you with the Services.

To enable our servers to talk to our mobile apps, we save an identifier on your device. We use this for notifications and can uniquely identify your device, but not you. This token is encrypted while it is stored and only kept as long as necessary to offer you our services.

Agents/Service Providers

Wave uses third-party email services providers in order to provide certain services to Wave to help us run our operations, including, without limitation, for purposes of delivering emails to you. If required, we will disclose your personal information to these service providers to the extent required by us to receive these services. For instance: (i) for occasional messages from Wave, we will share only your email address and name (where applicable) with a service provider; and (ii) for the weekly summary of your account information (the "Your week in numbers" email), we will share your email address and name (where applicable) and send via our providers news about your account balances, year-to-date financial overview, overdue invoices and expenses and other select account details. For other service providers, we will provide such additional information as may be required for us to receive the services; however, these companies are authorized to use your personal information only as necessary to provide these services to us. To unsubscribe from either or both emails, please see the "Consent" section above.

We send our emails through third-party providers. For the occasional messages we send, we share your email and sometimes your name — otherwise they wouldn't know where to deliver the message! For our weekly email, we do the above but also include some of your account information to provide the summary you see. These email providers can only use your information for the purposes of sending these emails.

For other service providers, the same thing goes: We'll share what's necessary for the service to function, and only permit the info to be used for that service.

You can unsubscribe if you want: See the ‘Consent' section above.

Notification of Privacy Policy Changes

We may update this privacy policy to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on our website prior to the change becoming effective. We encourage you to periodically review our Privacy Policy for the latest information on our privacy practices.

If we change what we do, we'll update this policy to reflect that. If we make any serious changes, we'll notify you by email or a notice on the website before the changes are in effect. We recommend you read through this every once in a while for the latest information on how we deal with privacy.

Challenging Compliance

Wave's Privacy Officer is responsible for receiving your privacy-related questions. You may send us your privacy-related questions or challenge our compliance with our Privacy Commitment and Privacy Policy by submitting your concern to:

Brian Masson
Information Security Officer
235 Carlaw Ave., Suite 601
Toronto, ON M4M 2S1
Email: privacy@waveapps.com
Phone: (416) 521-9141 extension 130

We have someone dedicated to answering your privacy questions (me) and to respond to you if you think we're not doing the things we say we do.

My contact information is available over in the left column.