Privacy Policy

1. Who We Are

The Industry Accountants ("we," "us," or "our") is a professional financial services firm providing tax filing, bookkeeping, payroll management, business consulting, audit assessment, and white label accounting services. We operate through our website and secure client portal.

This Privacy Policy applies to all information collected through our website, client portal, intake forms, and any related services.

2. Information We Collect

Information you provide directly

• Full name, email address, phone number, and mailing address
• Social Security Number (SSN) or Individual Taxpayer Identification Number (ITIN)
• Employer Identification Number (EIN) for business accounts
• Financial records including income, expenses, bank statements, and investment information
• Tax documents including W-2s, 1099s, prior year returns, and supporting schedules
• Payroll records including employee information and compensation data
• Business records including profit and loss statements and balance sheets
• Insurance policy information for audit assessment services
• Account credentials (email and password) for your client portal

Information collected automatically

• IP address and approximate location at time of login
• Browser type and operating system
• Pages visited and time spent on the portal
• Login timestamps and session activity (for security purposes)

Information we do not collect

• We do not collect payment card numbers directly. Payments are processed through secured third-party payment processors.
• We do not collect biometric data.
• We do not track your activity outside of our website and portal.

3. How We Use Your Information

We use the information we collect solely to provide the financial services you have requested. Specifically:

• To prepare and file your federal, state, and local tax returns
• To provide bookkeeping, payroll, and business consulting services
• To conduct insurance audit assessments and representation
• To communicate with you about your account status and services
• To verify your identity and prevent unauthorized access
• To comply with IRS requirements and applicable laws
• To maintain an audit trail of account activity for security purposes
• To improve the security and functionality of our platform

We will never use your information for marketing to third parties, selling data, or any purpose unrelated to your financial services.

4. How We Protect Your Information

We implement multiple layers of security to protect your data:

• Encryption in transit: All data transmitted between your device and our servers is encrypted using 256-bit TLS/SSL.
• Encryption at rest: Sensitive data including SSNs and financial records are encrypted using AES-256 encryption before being stored.
• Access controls: Each client account is isolated. Our Row Level Security system ensures you can only access your own data.
• Session management: Your portal session automatically expires after 20 minutes of inactivity.
• Login protection: Accounts are locked after 5 failed login attempts to prevent brute-force attacks.
• Audit logging: Every access to sensitive data is logged with a timestamp and IP address.
• Secure storage: Your uploaded documents are stored in a private, access-controlled vault.
• Infrastructure security: Our platform is hosted on enterprise-grade cloud infrastructure with 99.9% uptime SLAs and regular security audits.

5. SSN and Sensitive Financial Data

We understand that your Social Security Number is among the most sensitive pieces of personal information you can share. We treat it accordingly.

• Your SSN is encrypted immediately upon receipt using AES-256 encryption.
• SSNs are never stored or transmitted in plain text.
• Your SSN is displayed in masked format (***-**-XXXX) within the portal.
• Copying or printing your SSN from the portal is restricted by technical controls.
• Only the accountant assigned to your account has authorized access to decrypt your SSN, and only when actively working on your filing.
• Access to your SSN is logged every time it is accessed.

Your SSN is used exclusively to prepare and file your tax returns with the IRS and applicable state agencies. It is never shared with any commercial third party.

6. Who We Share Information With

We do not sell, trade, or rent your personal information to any third party.

We may share your information only in the following limited circumstances:

Government and regulatory agencies

We share your tax information with the IRS and applicable state and local tax agencies as required to complete your tax filings. This is the core purpose of our service and is done with your explicit consent when you engage us.

Service providers

We use a small number of trusted technology providers to operate our platform. These include our cloud infrastructure provider (Supabase) and our website hosting provider (Vercel). These providers are contractually prohibited from using your data for any purpose other than providing services to us.

Legal requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights or the safety of others.

Business transfer

In the event of a merger or acquisition, client data may be transferred to the successor entity, which would be bound by this Privacy Policy.

7. Data Retention

We retain your financial records and tax documents for a minimum of 7 years from the date of filing, consistent with IRS record-keeping requirements and standard professional practice for tax preparers.

Account credentials and portal access information are retained for the duration of your active relationship with us.

Audit logs are retained for 3 years to support security monitoring and compliance requirements.

If you request deletion of your account, we will delete your personal information from active systems within 30 days. Certain financial records may be retained longer as required by law.

8. Your Rights

You have the following rights with respect to your personal information:

• Access: You may request a copy of the personal information we hold about you.
• Correction: You may request that we correct inaccurate information.
• Deletion: You may request deletion of your personal information, subject to legal retention requirements.
• Portability: You may request a copy of your data in a portable format.
• Withdraw consent: You may withdraw consent for us to process your information at any time, though this may affect our ability to provide services.

To exercise any of these rights, contact us at the information provided in Section 13.

9. Cookies and Tracking

Our website uses minimal cookies necessary for the portal to function correctly. These include:

• Authentication cookies: Used to keep you securely signed in during your session.
• Security cookies: Used to prevent cross-site request forgery attacks.

We do not use advertising cookies, tracking pixels, or third-party analytics that collect personal data. We do not participate in cross-site tracking.

10. IRS and Legal Compliance

As a tax preparation firm, we are subject to specific legal requirements governing the handling of taxpayer information:

• IRC Section 7216: Governs the use and disclosure of tax return information. We do not use your tax return information for any purpose other than preparing your return without your explicit written consent.
• IRS Publication 4557: We maintain a written information security plan and implement technical and physical safeguards as required.
• FTC Safeguards Rule: As a financial institution subject to the Gramm-Leach-Bliley Act, we maintain a comprehensive information security program.

11. Children's Privacy

Our services are intended for adults 18 years of age and older. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected information from a minor, please contact us immediately and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will notify you by email and update the "Last Updated" date at the top of this page.

Your continued use of our services after any changes constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy, want to exercise your rights, or need to report a security concern, please contact us: