Corporate Planning Associates’ (“CPA”)*  Privacy Policy informs of the way it ensures that privacy and the confidentiality of personal information are protected in accordance with legislative requirements.

CPA's Privacy Policy applies to protect the personal information, in its possession and control, of all its employees, clients and any other individual from which CPA may acquire personal information in the course of its business. 

CPA, its key personnel and its employees (where applicable) shall not collect, use or disclose personal information except in accordance with this Privacy Policy.

WHAT IS PERSONAL INFORMATION?

Personal information is any piece of information, either factual or subjective, about an identifiable individual. Personal infor-mation does not include the name, title, business address, or telephone number of an employee of an organization.

THE 10 PRINCIPLES OF PRIVACY

CPA's Privacy Policy consists of the following ten key principles:

1. Accountability

Each employee and representative of CPA (“CPA Personnel”) is responsible for the personal information under his or her control. All CPA Personnel shall be informed about the importance of privacy and shall receive information periodically to update them about CPA's Privacy Policy and related policies.  All CPA Personnel are required to sign a Confidentiality Agreement as a condition of employment.  This agreement is signed prior to the employee’s hiring by CPA and is re-signed in January of each subsequent year of employment.

In addition to establishing CPA's Privacy Policy, CPA has appointed a member of its senior management team, David Vicic, Senior Vice President, as CPA’s Chief Privacy Officer, although other individuals within CPA may have responsibility for the day to day collection and processing of personal information. In addition, other individuals within CPA may be delegated from time to time to act on behalf of its Chief Privacy Officer with respect to personal information. The Chief Privacy Officer is responsible for analyzing all personal information handling practices at CPA, and ensuring that its privacy policy is up-to-date and in force at all times.  The Chief Privacy Officer may be contacted by e-mail at privacy@cpafin.com, by telephone at (416) 364-7898, by facsimile transmission at (416) 364-7993, or by registered mail addressed to CPA at:

Chief Privacy Officer 
CPA Financial Services Inc.
Suite 1700
320 Bay Street
Toronto, Ontario M5H 4A6 

CPA is responsible for any personal information under its control, including personal information that CPA may transfer to a third party for processing. CPA will use contractual or other means to provide a comparable level of privacy protection when personal information is being processed by a third party on CPA’s behalf.

2. Identifying Purposes:  Why Information is Collected

Whenever CPA collects information about an individual, it will explain how it intends to use it, either at that time or earlier. CPA will limit the information it collects to what it needs for those purposes, and will use it only for those purposes.  CPA will obtain an individual’s consent if it wishes to use that individual’s information for any other purpose.

CPA asks an individual for information to establish a relationship and serve the individual. CPA obtains most of its information about an individual directly. 

CPA collects, uses, and discloses personal information for the following purposes:

• establishing and maintaining communications with the individual;
• dissemination of promotional material;
• providing and servicing financial and insurance products and services that it believes are right for the individual, over his/her lifetime;
• assisting in the individual’s financial planning and estate matters;
• understanding the individual’s needs, determining his/her eligibility, continuing to offer the individual the full range of products and services that CPA believes meets his/her changing needs and to service such products and services;
• meeting regulatory or contractual requirements relating to the products and services provided to the individual.

If CPA plans to use or disclose personal information which it has collected for a purpose not previously identified, CPA will identify and document this purpose. CPA will make a reasonable effort to specify such new purpose, either orally, in writing, by e-mail, or by electronic means, to the individual from whom the personal information was collected before such new use or disclosure. CPA will state the new purpose in such a manner that an individual can reasonably understand how the personal information will be used or disclosed.

3. Consent

CPA seeks and confirms the consent of any individual to use his or her personal information at the time of collection or in advance. CPA will endeavour to employ clear, understandable language when it obtains your consent.

Consent may be expressed in writing or implied, and in some cases, an individual may provide it verbally, electronically or through his or her authorized representative, such as a lawyer. Written consent includes completing and signing a form of consent. Implied consent may be found where an individual chooses to accept services from CPA after being made aware of its intentions to collect, use or disclose the individual’s personal information.

The way in which CPA will seek consent, including whether express or implied consent is sought, may vary depending on the sensitivity of the personal information and the reasonable expectation of the individual supplying it.  Typically, CPA will seek consent for the collection, use, and disclosure of personal information at the time it is collected. In certain circumstances, CPA may seek consent after the personal information has been collected but before it uses or discloses same (such as when it wishes to use personal information for a purpose not previously identified by it).

The choice to provide CPA with personal information is always up to the individual. Upon request, CPA will explain an individual’s options of refusing or withdrawing consent to the collection, use and release of his or her information, and CPA will record and respect the individual’s written choices. However, an individual’s decision to withhold particular details may limit CPA’s ability to offer its services.  This measure is necessary to protect the integrity of the services offered by CPA.  As an example, CPA Securities Inc. is prohibited from opening accounts for clients who do not consent to the disclosure and use of personal information to/by the self-regulatory organizations. Furthermore, any refusing or withdrawing of consent is always subject to any overriding legal requirements or commitments.

4. Limiting Collection

Information is not collected by CPA without a specific, limited requirement. CPA collects information by fair and lawful means.

5.  Limiting Use, Disclosure and Retention

The information CPA requests from an individual is used for the purposes defined. CPA will seek an individual’s consent before using the information for purposes beyond the scope of his or her original consent.

CPA will retain an individual’s information only for the time it is required for the purposes it describes. Once the personal information is no longer required, it will be destroyed, erased or made anonymous. 

6.  Accuracy

All decisions involving personal information should be based on accurate and timely information. CPA will rely on individuals to disclose all material information and to inform it of any relevant changes.

CPA will use its best efforts to ensure that personal information under its control is accurate, complete, and up-to-date as is necessary for the purposes for which it is used. The extent to which CPA will ensure that such personal information will be accurate, complete and up-to-date will be dependant upon the use such personal information will be put to, taking into account the interests of the individual.

7.  Safeguards: Protecting Individual Information

CPA will protect an individual’s information with appropriate safeguard and security measures against loss or theft, as well as against unauthorized access, disclosure, copying, use, or modification, regardless of the format in which the personal information is held.
CPA maintains personal information in a combination of paper and electronic files. Records concerning individuals' personal information may be stored in files kept -on site at head office or at an offsite, storage facility. 
-
Access to personal information will be authorized only for CPA Personnel who require access in the performance of their duties and to any person granted access by the individual through the consent process, and to those otherwise authorized by law.

When providing information to any person acting on CPA’s behalf, CPA will require such person to abide by CPA’s Privacy Policy. CPA will give them only the information necessary to perform the duties for which they are engaged, and will require that they not store, analyze or use that information for purposes other than to carry out those duties.

For regulatory purposes, self regulatory organizations including Market Regulation Services Inc., the Investment Dealers Association of Canada, the Mutual Fund Dealers Association of Canada, Bourse de Montreal Inc., and the Canadian Investor Protection Fund ("SROs") require access to personal information of current and former clients, employees, agents, directors, officers, partners and others that has been collected or used by CPA Securities Inc. SROs collect, use or disclose such personal information for regulatory purposes, including:

• surveillance of trading-related activity;
• sales, financial compliance, trade desk review and other regulatory audits;
• investigation of potential regulatory and statutory violations;
• regulatory databases;
• enforcement or disciplinary proceedings;
• reporting to securities regulators, and information-sharing with securities regulatory authorities, regulated marketplaces, other self-regulatory organizations and law enforcement agencies in any jurisdiction in connection with any of the foregoing.

8.  Openness: Keeping the Individual Informed

CPA has prepared this plain-language Privacy Policy to keep all individuals to which this policy applies informed. 

If an individual has any additional questions or concerns about privacy, CPA invites the individual to contact the Chief Privacy Officer by phone, fax, mail, or e-mail, and CPA will address the individual’s concerns to the best of its ability.

9.  Providing Individual Access

CPA will give an individual access to the information it retains about that individual within a reasonable time, with a written request, satisfactory identification and proof of entitlement. CPA will assist any individual which needs assistance in completing such request subject to the individual providing sufficient information to permit CPA to provide an account of the existence, use, and disclosure of personal information under its control. An individual also has the right to know:

• how CPA collected the personal information; 
• how CPA is using it; and
• to whom it may have been disclosed, except where such disclosure was to a governmental body. 

If an individual finds any errors in this information, he or she should contact the Chief Privacy Officer as soon as possible (by phone, fax, mail or e-mail), and CPA will make the appropriate corrections immediately, based on the receipt of satisfactory evidence.

In some cases CPA may not provide access to personal information within its possession or control. These exceptions will be limited to those permitted or required by law. This may occur when:

• providing access would be likely to reveal personal information about a third party or could pose a threat to the security of the third party, and the information cannot be segregated;
• disclosure would reveal confidential commercial information of CPA; 
• it would be too costly, in CPA’s determination, to retrieve it; 
• the personal information is protected by solicitor-client privilege; or
• the information has been collected during the investigation of a legal matter or cannot be disclosed for other legal reasons, such as a non-disclosure agreement. 

10.  Providing Recourse: Respecting and Responding to Individual Privacy Concerns

An individual may send a challenge concerning CPA’s compliance with any of the privacy principles to our Chief Privacy Officer. The Chief Privacy Officer may be contacted by e-mail at privacy@cpafin.com, by telephone at (416) 364-7898, by facsimile transmission at (416) 364-7993, or by registered mail addressed to CPA at:

Chief Privacy Officer 
CPA Financial Services Inc. 
Suite 1700
320 Bay Street
Toronto, Ontario M5H 4A6 

CPA will review, consider, and investigate all written privacy complaints which it receives. The challenge should include the individual’s name, company name, company address, and/or email address if the individual contacts CPA by e-mail, by facsimile transmission, or by registered mail. If CPA finds the complaint to be justified, CPA will take such action as is appropriate to comply with the Privacy Principles.

If the issue is still not resolved satisfactorily, CPA will provide information on other complaint procedures that may be available to the individual.

CONCLUSIONS

Any changes to CPA’s Privacy Policy and information handling practices shall be acknowledged in this Privacy Policy in a timely manner. CPA may add, modify or remove portions of this Policy when it determines it is appropriate to do so. An individual may determine when this Policy was last updated by referring to the modification date found on the version of the Policy.

* Corporate Planning Associates means Corporate Planning Associates and its affiliates including CPA Financial Services Inc. and CPA Securities Inc

Version Date:  February 2007