Privacy Policy


Out of The Box Chartered Professional Accountant Inc. (the “Organization”) values its relationship with its customers and is committed to protecting the privacy rights of its customers. We are, therefore, committed to maintaining the accuracy, confidentiality, and security of personal information. This privacy policy explains how we collect, use, disclose and safeguard the personal information you provide to us.

By providing personal information to us, you consent to our collection, use, and disclosure of your personal information in accordance with this privacy policy.


For the purposes of this privacy policy, “personal information” shall mean information that is, or can be, about or related to an identifiable individual (business or society as applicable).



As part of the Organization’s commitment to treat your personal information with respect, we follow these 10 fair information principles (the “Principles”) as set out in Generally Accepted Privacy Principles (GAPP) developed by the Chartered Professional Accountants of Canada and the American Institute of Certified Public Accountants.


Principle 1 – Management

Principle 2 – Notice

Principle 3 – Choice and Consent

Principle 4 – Collection

Principle 5 – Use, Retention and Disposal

Principle 6 – Access

Principle 7 – Disclosure to Third Parties

Principle 8 – Security for Privacy

Principle 9 – Quality

Principle 10 – Monitoring and Enforcement


Each of the Principles applies to the Organization’s practices as follows:


Principle 1 – Management

We will maintain and protect the personal information under our control. We have policies and procedures for ensuring the privacy and security of data, which are strictly enforced to protect the individuals from whom we may collect personal information. We have a Privacy Officer who is responsible for ensuring our compliance with the Principles and this privacy policy. If you have questions about this privacy policy or our use of your information, or if you need help changing your personal information, please contact the privacy officer by email at or contact us at:


Privacy Officer

Melanie Schroeder




We implemented policies and procedures that complement this Privacy Policy, which include communication and providing training to our employees on these policies and procedures.


Principle 2 – Notice

The Organization will identify to you the purposes for which it will collect or use personal information before or at the time the information is collected.


The Organization collects the personal information of customers for purposes of providing accounting, management, coaching and counselling services. In addition, the Organization also collects, uses and discloses your personal information:

  • Chartered Professional Accountants of BC, for the purposes of practice review.



If a new purpose is identified for the use of the information collected, the new purpose will be explained prior to its new use. Unless the new purpose is required by law, your consent is required before information can be used for that purpose. This consent will usually be obtained in writing; however, it may on occasion (depending on the circumstances) be obtained verbally, in person or by telephone.


Principle 3 – Choice and Consent

Except where required or permitted by law, your informed consent is required for the collection, use or disclosure of your personal information. Should we wish to make use of your personal information for a secondary purpose (such as a mailing list), your consent will be obtained and you may opt-out of this secondary use whenever you wish.


By providing personal information to us, you consent to the collection, use and disclosure of your personal information in accordance with this privacy policy.


You may withdraw your consent at any time; however, by doing so, the Organization may not be able to provide you with the goods and services that you requested.


Principle 4 – Collection

The personal information collected by us shall be limited to those details necessary for the purposes identified to you. We may collect this information from you [via the Internet, over the telephone, in person or from third-party sources, such as credit reporting agencies].


What Types of Personal Information May We Collect?

The type of personal information we may collect depends on, and is related to, the reason (or purpose) such personal information was provided to us.


The following is a description of the types of personal information that we may request:


  • Contact information, such as your name, mailing and/or email address, and telephone number

  • Credit card or other billing information

  • SIN/BN

  • Birthdate, Spouse’s or dependents’ birthdate

  • Spouse’s/Dependents’ names

  • Articles of incorporation

  • Corporation bylaws

  • Corporate minute book

  • Share registries

  • CRA account information and access

  • Board meeting minutes


The above list is not exhaustive but merely representative.  If you have concerns about any of the information requested, please feel free to contact us.


Principle 5 – Use, Retention, and Disposal

We will only use or disclose your personal information in accordance with the purposes for which it was originally collected unless you have otherwise consented, or when required or permitted by law. We will keep your personal information only for as long as is required to fulfill the purpose for which it was collected or as required by law.


We will use your personal information to:

  • Process business transactions

  • Addressing inquiries or complaints about goods and services

  • Purchase of goods and services

  • Chartered Professional Accountants of BC, practice review


Principle 6 – Access

Upon your written request, we shall inform you of: (i) the type of personal information we have collected; (ii) how we have used your personal information in the past, and how we may in the future; and (iii) whether or not we have disclosed your personal information to any third parties (and, if so, to whom). You may ask about the accuracy and completeness of your personal information, and you may request that it be changed, if appropriate.


Please note that before we are able to provide you with any information or correct any inaccuracies, we may ask you to confirm your identity and provide additional information to help us to respond to your request.


Please submit your request to:

Customer Service

Melanie Schroeder, Chartered Professional Accountant

Phone 604.449.7897


Principle 7 – Disclosure to Third Parties

Except as explained in this privacy policy, as required by law or regulation or as otherwise consented to by you, we do not disclose any personal information to third parties. The following are the limited instances where we may disclose your personal information to the following third parties for the following uses:

  • Chartered Professional Accountants of BC, practice review

  • Canada Revenue Agency, filing returns or responding to requests for information in the normal course of business


Principle 8 – Security for Privacy

The security of your personal information is a priority to the Organization. The Organization is responsible for protecting personal information under its control, including personal information that has been transferred to, or received from, a third party.


In the event that personal information is transferred to a third party, the Organization will take steps to ensure that such recipients safeguard the Personal Information and use the information only for authorized purposes. Some examples of such measures are as follows:


  • Physical security measures – any physical documents are kept in a locked filing cabinet, in a locked office.  The office building is secured with key card access after hours

  • Electronic security measures – computers and software are password-protected, with strong password measures

  • Organizational – employees have access only to the data they are required to, to complete their jobs. 

  • Contractual obligations – any third parties are researched and checked to determine their privacy standards meet or exceed the organization's privacy policies. Google Business Suite, Dropbox, Delivery Slip, QuickBooks Online are all examples of Cloud Software used in the Organization. 


Only employees with a business need to know, or whose duties reasonably so require, are granted access to personal information and shall be required to respect the privacy of that information.


Our Employees and Your Personal Information

In the course of daily operations, access to private, sensitive and confidential information is restricted to authorized employees who have a legitimate business purpose and reason for accessing it. As a condition of their employment, all employees of the Organization are required to follow this policy. Employees are informed about the importance of privacy and they are required to agree to a code of conduct that prohibits the disclosure of any personal information to unauthorized individuals or parties.


Unauthorized access to and/or disclosure of personal information by an employee of the Organization is strictly prohibited. All employees are expected to maintain the confidentiality of personal information at all times, and failing to do so will result in appropriate disciplinary measures, which may include dismissal.


Principle 9 – Quality

We shall make every reasonable effort to ensure your personal information is accurate, complete and up-to-date. You are responsible for advising the Organization of any inaccuracies or changes to your personal information. Any such inaccuracies or changes may be reported to Customer Service.


Principle 10 – Monitoring and Enforcement

If you have questions about this policy or our use of your information, or if you need help changing your personal information, please contact the privacy officer by email at

or contact us at:


Privacy Officer

Melanie Schroeder, Chartered Professional Accountant

Phone 778.952.8837


Websites Governed by this Privacy Policy

The website that is governed by the provisions and practices stated in this privacy policy is:


The Organization’s website may contain links to other third-party sites that are not governed by this privacy policy. Although we endeavour to only link to sites with high privacy standards, our privacy policy will no longer apply once you leave the Organization’s website. Additionally, we are not responsible for the privacy practices employed by other third-party websites. Therefore, we suggest that you examine the privacy statements of those sites to learn how your information may be collected, used, shared, and disclosed.


Updating this Privacy Policy

Any changes to our privacy policy and information handling practices will be acknowledged in this policy in a timely manner. We may add, modify or remove portions of this policy when we feel it is appropriate to do so. You may determine when this policy was last updated by referring to the date at the bottom of this page.




Last revised Sunday, March 14, 2021