Information & Data Security Policy
Our Commitment to Data Security
As a tax and accounting firm, we recognize our responsibility to protect sensitive personal, financial, and tax information entrusted to us by our clients. We maintain strict safeguards to ensure confidentiality, integrity, and security of all client data.
Information We Protect
We protect all nonpublic personal information, including but not limited to:
Tax returns and tax-related data
Social Security numbers, ITINs, and identification documents
Financial statements, bank and payroll information
-
Business records and entity details
-
Client communications and documents submitted electronically or physically
- Information We Collect
As we provide you with Accounting, Tax, and Consulting services – we collect various types of information including but not limited to the following:
Personal Information: Name, address, phone number, email address, Social Security number, and other identifying information
Financial Information: Bank account details, credit card information, income, expenses, investments, and other financial data
Tax Information: Tax returns, tax identification numbers, and related documentation
Business Information: Business name, EIN, financial statements, payroll information, and other business-related data
How We Use Your Information
We use your information to:
-
Provide and improve our services
-
Prepare and file tax returns
-
Perform accounting and auditing services
-
Conduct financial planning and consulting
-
Communicate with you about your account and our services
-
Comply with legal and regulatory requirements
Information Sharing and Disclosure
We do not sell, rent, or trade your personal or financial information. We may share your information with:
-
Authorized Employees and Contractors: Only those who need access to perform their job duties
-
Third-Party Service Providers: Who assist us in providing services, such as tax software providers, payment processors, and data storage providers, under strict confidentiality agreements
-
Legal and Regulatory Authorities: When required by law, regulation, or legal process
Data Security – General Measures
We take reasonable measures to protect your information from unauthorized access, use, or disclosure. These measures include:
-
Secure data storage and encryption
-
Access controls and authentication procedures
-
Regular security audits and updates
Safeguards We Use
In accordance with applicable laws and regulations, we maintain administrative, technical, and physical safeguards, including:
- 1) Administrative Safeguards
-
Written information security policies and procedures
-
Restricted employee access on a need-to-know basis
-
Mandatory confidentiality agreements for staff and contractors
-
Ongoing employee training on data security and privacy
2) Technical Safeguards
-
Secure servers and encrypted databases
-
SSL/TLS encryption for website and data transmissions
-
Secure client portals for document exchange
-
Multi-factor authentication where appropriate
-
Regular system monitoring, updates, and backups
3) Physical Safeguards
-
Controlled access to offices and file storage areas
-
Secure storage and disposal of physical records
-
Clean desk and device security practices
International Data Transfer
Your information, including personal data that we collect from you, may be transferred to, stored at and processed by us outside the country in which you reside, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. By accepting this Policy, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy
Use of Third-Party Service Providers
We may engage reputable third-party service providers (such as cloud hosting, document management, tax software, and payment processors). These providers are required to maintain appropriate data security controls and comply with applicable confidentiality obligations.
Data Retention and Disposal
Client records are retained in accordance with IRS regulations, professional standards, and applicable laws. When data is no longer required, it is securely destroyed or permanently deleted to prevent unauthorized access.
Incident Response and Breach Notification
In the event of a data security incident or unauthorized access:
-
We will promptly investigate and mitigate the incident
-
Affected clients will be notified in accordance with applicable federal and state laws
-
Required notifications will be made to regulatory authorities when applicable
Client Responsibilities
Clients are encouraged to:
-
Use strong passwords for portals and online services
-
Avoid transmitting sensitive data through unsecured email
-
Notify us immediately of any suspected compromise of their information
Client Rights and Choices
You have the right to:
-
Access, correct, or update your personal information
-
Request the deletion of your personal information, subject to legal and contractual obligations
-
Opt-out of certain communications from us
Regulatory Compliance
We comply with all applicable data protection and privacy laws, including:
-
IRS Publication 4557 (Safeguarding Taxpayer Data)
-
FTC Safeguards Rule
-
State data privacy and breach notification laws
Policy Updates
This policy may be updated periodically to reflect changes in regulations, technology, or business practices. Updates will be posted on our website with the revised effective date.
Cookies and Tracking Technologies
Our website may use cookies and similar tracking technologies to enhance your experience and analyze website usage. You can control cookies through your browser settings.
Contact Information
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
-
mail: tax@gurutaxpro.com
-
Phone: 512 234-3366
-
Address: 1640 Highland Falls Dr. Ste 302, Leander, TX, 78641