Privacy Policy
Our Commitment to Your Privacy
At SBSC Ventures, we understand that your financial and personal information is sensitive and confidential. Protecting your privacy is fundamental to our business and integral to maintaining the trust you place in us. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.
We are committed to maintaining the confidentiality, integrity, and security of all personal information entrusted to us by our clients, website visitors, and business partners.
We are committed to maintaining the confidentiality, integrity, and security of all personal information entrusted to us by our clients, website visitors, and business partners.
1. What Information We Collect
We collect only the personal information necessary to provide our bookkeeping, administrative, and business consulting services. The types of information we collect include:
Personal Identification Information
– Full name
– Date of birth
– Social Insurance Number (SIN)
– Contact information (address, phone number, email address)
– Business name and registration numbers
– Government-issued identification numbers
Financial Information
– Bank account information
– Credit card information
– Income and expense records
– Tax identification numbers
– Payroll information
– Financial statements
– Investment information
– Credit history (when relevant)
Business Information
– Business structure and ownership details
– Employee information (for payroll services)
– Vendor and customer information
– Business transactions and records
– Contracts and agreements
– Technical Information
– IP address
– Browser type and version
– Device information
– Website usage data (through cookies)
– Log files
– Information from Third Parties
We may receive information about you from:
– Canada Revenue Agency (CRA)
– Financial institutions
– Your accountant or other professional advisors
– Government agencies
– Credit bureaus (with your consent)
Personal Identification Information
– Full name
– Date of birth
– Social Insurance Number (SIN)
– Contact information (address, phone number, email address)
– Business name and registration numbers
– Government-issued identification numbers
Financial Information
– Bank account information
– Credit card information
– Income and expense records
– Tax identification numbers
– Payroll information
– Financial statements
– Investment information
– Credit history (when relevant)
Business Information
– Business structure and ownership details
– Employee information (for payroll services)
– Vendor and customer information
– Business transactions and records
– Contracts and agreements
– Technical Information
– IP address
– Browser type and version
– Device information
– Website usage data (through cookies)
– Log files
– Information from Third Parties
We may receive information about you from:
– Canada Revenue Agency (CRA)
– Financial institutions
– Your accountant or other professional advisors
– Government agencies
– Credit bureaus (with your consent)
2. How We Collect Information
We collect personal information through the following methods:
Directly from You:
– When you complete our client intake forms
– During consultations and meetings
– Through email, phone, or written correspondence
– When you provide documents, receipts, or records
– When you use our website or online services
– Through contract agreements
From Third Parties (with your consent):
– From your accountant, lawyer, or financial advisor
– From financial institutions
– From government agencies
– From your employees (for payroll services)
Automatically:
– Through cookies and similar technologies on our website
– Through server logs when you access our online services
Directly from You:
– When you complete our client intake forms
– During consultations and meetings
– Through email, phone, or written correspondence
– When you provide documents, receipts, or records
– When you use our website or online services
– Through contract agreements
From Third Parties (with your consent):
– From your accountant, lawyer, or financial advisor
– From financial institutions
– From government agencies
– From your employees (for payroll services)
Automatically:
– Through cookies and similar technologies on our website
– Through server logs when you access our online services
3. How We Use Your Information
We use your personal information only for the purposes for which it was collected, or for uses consistent with those purposes. Specifically, we use your information to:
Provide Services
– Process bookkeeping transactions
– Prepare financial statements
– Manage payroll and remittances
– File GST/HST returns
– Prepare for and support CRA audits
– Provide administrative and consulting services
– Communicate with your accountant or other advisors
– Maintain accurate financial records
Business Operations
– Establish and maintain client relationships
– Respond to your inquiries and requests
– Bill for services rendered
– Maintain business records
– Comply with legal and regulatory requirements
– Manage our business operations
Communication
– Send service-related updates and information
– Respond to your questions or concerns
– Provide information about our services (with consent)
– Send newsletters or promotional materials (with consent)
Website Functionality
– Improve website performance and user experience
– Analyze website traffic and usage patterns
– Troubleshoot technical issues
– Prevent fraud and enhance security
Legal Compliance
– Comply with applicable laws and regulations
– Respond to legal processes and government requests
– Establish, exercise, or defend legal claims
– Protect our rights, privacy, safety, or property
We will not use your personal information for purposes other than those described in this Policy without your express consent.
Provide Services
– Process bookkeeping transactions
– Prepare financial statements
– Manage payroll and remittances
– File GST/HST returns
– Prepare for and support CRA audits
– Provide administrative and consulting services
– Communicate with your accountant or other advisors
– Maintain accurate financial records
Business Operations
– Establish and maintain client relationships
– Respond to your inquiries and requests
– Bill for services rendered
– Maintain business records
– Comply with legal and regulatory requirements
– Manage our business operations
Communication
– Send service-related updates and information
– Respond to your questions or concerns
– Provide information about our services (with consent)
– Send newsletters or promotional materials (with consent)
Website Functionality
– Improve website performance and user experience
– Analyze website traffic and usage patterns
– Troubleshoot technical issues
– Prevent fraud and enhance security
Legal Compliance
– Comply with applicable laws and regulations
– Respond to legal processes and government requests
– Establish, exercise, or defend legal claims
– Protect our rights, privacy, safety, or property
We will not use your personal information for purposes other than those described in this Policy without your express consent.
4. Consent
We obtain your consent before collecting, using, or disclosing your personal information, except where permitted or required by law.
Express Consent
For sensitive information such as financial data, Social Insurance Numbers, and health information, we obtain your express written or verbal consent.
Implied Consent
For less sensitive information, such as business contact details, we may rely on implied consent based on your actions or the circumstances.
Withdrawing Consent
You may withdraw your consent at any time by contacting our Privacy Officer. Please note that withdrawing consent may limit our ability to provide certain services to you. We may continue to retain and use your information as required by law or for legitimate business purposes, such as completing services already underway or maintaining records for legal compliance.
When Consent is Not Required
We may collect, use, or disclose personal information without consent in limited circumstances, including:
– When required or authorized by law
– In emergency situations threatening life, health, or security
– When information is publicly available
– For debt collection purposes
– For investigating fraud or criminal activity
– When necessary for legal proceedings
Express Consent
For sensitive information such as financial data, Social Insurance Numbers, and health information, we obtain your express written or verbal consent.
Implied Consent
For less sensitive information, such as business contact details, we may rely on implied consent based on your actions or the circumstances.
Withdrawing Consent
You may withdraw your consent at any time by contacting our Privacy Officer. Please note that withdrawing consent may limit our ability to provide certain services to you. We may continue to retain and use your information as required by law or for legitimate business purposes, such as completing services already underway or maintaining records for legal compliance.
When Consent is Not Required
We may collect, use, or disclose personal information without consent in limited circumstances, including:
– When required or authorized by law
– In emergency situations threatening life, health, or security
– When information is publicly available
– For debt collection purposes
– For investigating fraud or criminal activity
– When necessary for legal proceedings
5. How We Share Your Information
We do not sell, rent, or trade your personal information to third parties. We only disclose your information in the following limited circumstances:
With Your Consent
– To your accountant for tax preparation
– To your financial advisor or lawyer
– To financial institutions for banking transactions
– To other professionals in our network when you request referrals
Service Providers
We may share information with trusted third-party service providers who assist us in operating our business, including:
– Accounting software providers (QuickBooks, Sage, Xero)
– Cloud storage services
– IT support and security services
– Payment processors
– Email and communication platforms
All service providers are contractually required to maintain the confidentiality and security of your information and may only use it for the purposes we specify.
Government Agencies
We may disclose information to government agencies when:
– Required by law (tax returns, remittances, etc.)
– Responding to legal orders, subpoenas, or court orders
– Complying with CRA audits or inquiries
– Reporting as required by employment or payroll legislation
Legal Obligations
We may disclose information when necessary to:
– Comply with applicable laws and regulations
– Respond to legal processes
– Protect our rights, property, or safety
– Protect the rights, property, or safety of our clients or others
– Detect, prevent, or investigate fraud or security issues
– Business Transfers
If SBSC Ventures is involved in a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
With Your Consent
– To your accountant for tax preparation
– To your financial advisor or lawyer
– To financial institutions for banking transactions
– To other professionals in our network when you request referrals
Service Providers
We may share information with trusted third-party service providers who assist us in operating our business, including:
– Accounting software providers (QuickBooks, Sage, Xero)
– Cloud storage services
– IT support and security services
– Payment processors
– Email and communication platforms
All service providers are contractually required to maintain the confidentiality and security of your information and may only use it for the purposes we specify.
Government Agencies
We may disclose information to government agencies when:
– Required by law (tax returns, remittances, etc.)
– Responding to legal orders, subpoenas, or court orders
– Complying with CRA audits or inquiries
– Reporting as required by employment or payroll legislation
Legal Obligations
We may disclose information when necessary to:
– Comply with applicable laws and regulations
– Respond to legal processes
– Protect our rights, property, or safety
– Protect the rights, property, or safety of our clients or others
– Detect, prevent, or investigate fraud or security issues
– Business Transfers
If SBSC Ventures is involved in a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy.
6. Data Security and Protection
We implement robust physical, technical, and administrative safeguards to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction.
Physical Security
– Secure office with restricted access
– Locked filing cabinets for physical documents
– Secure document disposal (shredding)
– Controlled access to work areas
Technical Security
– Encrypted data transmission (SSL/TLS)
– Encrypted data storage
– Secure, password-protected accounting software
– Multi-factor authentication where available
– Regular software updates and security patches
– Firewall and antivirus protection
– Regular data backups (encrypted and stored securely)
– Secure email communication for sensitive information
Administrative Security
– Staff training on privacy and security practices
– Confidentiality agreements with all employees and contractors
– Role-based access controls (staff access only to information necessary for their duties)
– Regular security audits and assessments
– Incident response procedures
– Clear data retention and disposal policies
Third-Party Security
All third-party service providers are carefully vetted and must maintain security standards consistent with this Policy. We require contractual commitments to protect your information.
While we implement industry-standard security measures, no method of transmission or storage is completely secure. We cannot guarantee absolute security, but are committed to protecting your information to the best of our ability.
Physical Security
– Secure office with restricted access
– Locked filing cabinets for physical documents
– Secure document disposal (shredding)
– Controlled access to work areas
Technical Security
– Encrypted data transmission (SSL/TLS)
– Encrypted data storage
– Secure, password-protected accounting software
– Multi-factor authentication where available
– Regular software updates and security patches
– Firewall and antivirus protection
– Regular data backups (encrypted and stored securely)
– Secure email communication for sensitive information
Administrative Security
– Staff training on privacy and security practices
– Confidentiality agreements with all employees and contractors
– Role-based access controls (staff access only to information necessary for their duties)
– Regular security audits and assessments
– Incident response procedures
– Clear data retention and disposal policies
Third-Party Security
All third-party service providers are carefully vetted and must maintain security standards consistent with this Policy. We require contractual commitments to protect your information.
While we implement industry-standard security measures, no method of transmission or storage is completely secure. We cannot guarantee absolute security, but are committed to protecting your information to the best of our ability.
7. Data Retention
We retain your personal information only as long as necessary to fulfill the purposes for which it was collected, or as required by law.
Active Client Records
Retained for the duration of our business relationship plus the periods specified below.
Financial and Tax Records
Retained for a minimum of seven (7) years from the end of the last tax year to which they relate, in accordance with Canada Revenue Agency requirements.
Payroll Records
Retained for a minimum of six (6) years after the year to which they relate, as required by CRA.
GST/HST Records
Retained for six (6) years from the date of filing the return to which they relate.
Corporate Records
Retained for a minimum of six (6) years after the corporation is dissolved.
Contracts and Agreements
Retained for the term of the agreement plus seven (7) years.
Correspondence and Communications
Retained based on relevance to financial records and legal requirements.
Website Data
Server logs and technical data are typically retained for 12-24 months.
Secure Disposal
When personal information is no longer required, we securely destroy, delete, or anonymize it in accordance with our data retention and disposal policies. Physical documents are shredded, and electronic data is permanently deleted or overwritten.
Active Client Records
Retained for the duration of our business relationship plus the periods specified below.
Financial and Tax Records
Retained for a minimum of seven (7) years from the end of the last tax year to which they relate, in accordance with Canada Revenue Agency requirements.
Payroll Records
Retained for a minimum of six (6) years after the year to which they relate, as required by CRA.
GST/HST Records
Retained for six (6) years from the date of filing the return to which they relate.
Corporate Records
Retained for a minimum of six (6) years after the corporation is dissolved.
Contracts and Agreements
Retained for the term of the agreement plus seven (7) years.
Correspondence and Communications
Retained based on relevance to financial records and legal requirements.
Website Data
Server logs and technical data are typically retained for 12-24 months.
Secure Disposal
When personal information is no longer required, we securely destroy, delete, or anonymize it in accordance with our data retention and disposal policies. Physical documents are shredded, and electronic data is permanently deleted or overwritten.
8. Your Privacy Rights
Under PIPEDA and applicable provincial privacy legislation, you have the following rights regarding your personal information:
Right to Access
You have the right to request access to the personal information we hold about you. We will provide you with:
– Confirmation of whether we have your information
– A copy of your personal information
– Information about how we use and disclose your information
– The sources from which we collected your information
We will respond to access requests within 30 days. In some cases, we may extend this timeline and will notify you of the extension and reasons.
Right to Correction
You have the right to request corrections to any inaccurate or incomplete personal information. If we agree with your request, we will correct the information and notify any third parties to whom we disclosed the information (where appropriate). If we do not agree, we will note your request in our records.
Right to Challenge Compliance
You have the right to challenge our compliance with this Privacy Policy and applicable privacy legislation. Please direct all concerns to our Privacy Officer.
Right to Withdraw Consent
You may withdraw your consent to our collection, use, or disclosure of your information at any time, subject to legal or contractual restrictions. Withdrawing consent may affect our ability to provide services to you.
Limitations on Rights
In some circumstances, we may not be able to provide access to all of your information. Examples include:
– Information that contains references to other individuals
– Information that is subject to solicitor-client privilege
– Information that could reasonably be expected to threaten life or security
– Information generated in the course of investigating a breach of agreement or law
– Information that is prohibitively costly to provide
If we deny your request, we will provide you with the reasons for the denial.
How to Exercise Your Rights
To exercise any of these rights, please contact our Privacy Officer using the contact information provided in Section 15.
When making a request, please provide:
– Your name and contact information
– Sufficient detail to identify the information you are requesting
– Proof of identity (to protect against unauthorized access)
There is no fee for access requests unless the request is repetitive, excessive, or requires significant resources to fulfill.
Right to Access
You have the right to request access to the personal information we hold about you. We will provide you with:
– Confirmation of whether we have your information
– A copy of your personal information
– Information about how we use and disclose your information
– The sources from which we collected your information
We will respond to access requests within 30 days. In some cases, we may extend this timeline and will notify you of the extension and reasons.
Right to Correction
You have the right to request corrections to any inaccurate or incomplete personal information. If we agree with your request, we will correct the information and notify any third parties to whom we disclosed the information (where appropriate). If we do not agree, we will note your request in our records.
Right to Challenge Compliance
You have the right to challenge our compliance with this Privacy Policy and applicable privacy legislation. Please direct all concerns to our Privacy Officer.
Right to Withdraw Consent
You may withdraw your consent to our collection, use, or disclosure of your information at any time, subject to legal or contractual restrictions. Withdrawing consent may affect our ability to provide services to you.
Limitations on Rights
In some circumstances, we may not be able to provide access to all of your information. Examples include:
– Information that contains references to other individuals
– Information that is subject to solicitor-client privilege
– Information that could reasonably be expected to threaten life or security
– Information generated in the course of investigating a breach of agreement or law
– Information that is prohibitively costly to provide
If we deny your request, we will provide you with the reasons for the denial.
How to Exercise Your Rights
To exercise any of these rights, please contact our Privacy Officer using the contact information provided in Section 15.
When making a request, please provide:
– Your name and contact information
– Sufficient detail to identify the information you are requesting
– Proof of identity (to protect against unauthorized access)
There is no fee for access requests unless the request is repetitive, excessive, or requires significant resources to fulfill.
9. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to enhance your browsing experience and analyze website usage.
What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve functionality.
Types of Cookies We Use
Essential Cookies
Necessary for the website to function properly. These cannot be disabled.
Performance Cookies
Collect information about how visitors use our website, such as which pages are visited most often. This helps us improve website performance.
Functionality Cookies
Remember your preferences and settings to provide a more personalized experience.
Analytics Cookies
Help us understand website traffic and user behaviour through tools like Google Analytics.
Managing Cookies
You can control cookies through your browser settings. Most browsers allow you to:
– View and delete cookies
– Block cookies from specific sites
– Block third-party cookies
– Block all cookies
Please note that disabling cookies may affect website functionality and your user experience.
Do Not Track Signals
Our website does not currently respond to “Do Not Track“ browser signals, as there is no industry standard for how to interpret these signals.
What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and improve functionality.
Types of Cookies We Use
Essential Cookies
Necessary for the website to function properly. These cannot be disabled.
Performance Cookies
Collect information about how visitors use our website, such as which pages are visited most often. This helps us improve website performance.
Functionality Cookies
Remember your preferences and settings to provide a more personalized experience.
Analytics Cookies
Help us understand website traffic and user behaviour through tools like Google Analytics.
Managing Cookies
You can control cookies through your browser settings. Most browsers allow you to:
– View and delete cookies
– Block cookies from specific sites
– Block third-party cookies
– Block all cookies
Please note that disabling cookies may affect website functionality and your user experience.
Do Not Track Signals
Our website does not currently respond to “Do Not Track“ browser signals, as there is no industry standard for how to interpret these signals.
10. Third-Party Links
Our website may contain links to third-party websites, including social media platforms, professional networks, and business partners. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party websites you visit.
11. Children’s Privacy
Our services are designed for business use and are not directed at individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected information from a minor, we will delete it promptly.
12. International Data Transfers
While SBSC Ventures operates in Canada, some of our service providers may store or process data outside of Canada, including in the United States. When we transfer your information internationally, we ensure that appropriate safeguards are in place to protect your information in accordance with Canadian privacy law.
Please be aware that data stored outside Canada may be subject to the laws of the jurisdiction in which it is stored, including lawful access by government authorities.
We will notify you if we transfer your information outside Canada and will obtain your consent where required by law.
Please be aware that data stored outside Canada may be subject to the laws of the jurisdiction in which it is stored, including lawful access by government authorities.
We will notify you if we transfer your information outside Canada and will obtain your consent where required by law.
13. Data Breach Notification
In the event of a data breach that poses a real risk of significant harm to individuals, we will:
– Notify affected individuals as soon as feasible
– Notify the Privacy Commissioner of Canada
– Take immediate steps to contain and remediate the breach
– Document the breach and our response
– Implement measures to prevent future breaches
Notifications will include:
– A description of the breach
– The types of information involved
– Steps we are taking to address the breach
– Steps you can take to protect yourself
– Contact information for further assistance
– Notify affected individuals as soon as feasible
– Notify the Privacy Commissioner of Canada
– Take immediate steps to contain and remediate the breach
– Document the breach and our response
– Implement measures to prevent future breaches
Notifications will include:
– A description of the breach
– The types of information involved
– Steps we are taking to address the breach
– Steps you can take to protect yourself
– Contact information for further assistance
14. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, services, or legal requirements. When we make changes, we will:
– Update the “Last Updated“ date at the top of this Policy
– Post the revised Policy on our website
– Notify clients of material changes by email or written notice
– Obtain consent for new uses of personal information where required
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
– Update the “Last Updated“ date at the top of this Policy
– Post the revised Policy on our website
– Notify clients of material changes by email or written notice
– Obtain consent for new uses of personal information where required
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
15. Questions, Concerns, and Complaints
We are committed to resolving any privacy concerns you may have.
Contact Our Privacy Officer
If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact:
Sheri Braaksma, CCP
Privacy Officer
SBSC Ventures
Email: sheri@sbsc-inc.ca
Our Complaint Process
– Submit Your Complaint:
– Contact our Privacy Officer in writing, providing details of your concern.
Investigation
We will investigate your complaint promptly and thoroughly.
Response
We will respond to your complaint within 30 days. If we need additional time, we will notify you of the delay and provide reasons.
Resolution
If your complaint is valid, we will take appropriate action to address the issue and prevent future occurrences.
Contact Our Privacy Officer
If you have questions, concerns, or complaints about this Privacy Policy or our privacy practices, please contact:
Sheri Braaksma, CCP
Privacy Officer
SBSC Ventures
Email: sheri@sbsc-inc.ca
Our Complaint Process
– Submit Your Complaint:
– Contact our Privacy Officer in writing, providing details of your concern.
Investigation
We will investigate your complaint promptly and thoroughly.
Response
We will respond to your complaint within 30 days. If we need additional time, we will notify you of the delay and provide reasons.
Resolution
If your complaint is valid, we will take appropriate action to address the issue and prevent future occurrences.
16. Consent to This Privacy Policy
By providing your personal information to SBSC Ventures, using our services, or accessing our website, you acknowledge that you have read, understood, and agree to this Privacy Policy.
If you do not agree with this Privacy Policy, please do not provide us with your personal information or use our services.
If you do not agree with this Privacy Policy, please do not provide us with your personal information or use our services.
17. Language
This Privacy Policy is available in English. If there is a discrepancy between the English version and any translation, the English version shall prevail.
Summary of Your Rights
For your convenience, here is a summary of your privacy rights:
– Right to be informed about how your information is collected, used, and disclosed
– Right to access your personal information
– Right to correct inaccurate or incomplete information
– Right to withdraw consent for the collection, use, or disclosure of your information
– Right to challenge our compliance with privacy laws
– Right to file a complaint with the Privacy Commissioner of Canada
– Right to be informed about how your information is collected, used, and disclosed
– Right to access your personal information
– Right to correct inaccurate or incomplete information
– Right to withdraw consent for the collection, use, or disclosure of your information
– Right to challenge our compliance with privacy laws
– Right to file a complaint with the Privacy Commissioner of Canada
Our Commitment
At SBSC Ventures, protecting your privacy is not just a legal obligation—it is fundamental to the trust-based relationships we build with our clients. We are committed to:
– Collecting only the information we need
– Using your information only for legitimate business purposes
– Keeping your information secure and confidential
– Being transparent about our practices
– Respecting your privacy rights
– Continuously improving our privacy practices
Thank you for trusting SBSC Ventures with your financial information. We take that responsibility seriously and work every day to earn and maintain your confidence.
– Collecting only the information we need
– Using your information only for legitimate business purposes
– Keeping your information secure and confidential
– Being transparent about our practices
– Respecting your privacy rights
– Continuously improving our privacy practices
Thank you for trusting SBSC Ventures with your financial information. We take that responsibility seriously and work every day to earn and maintain your confidence.