Privacy Policy - the tax guy

Effective Date: 07/23/2024

Last Updated: 07/23/2024

The Tax Guy, Inc. is committed to protecting your personal information and complying with all applicable data privacy laws, including the Internal Revenue Code (IRC), the Gramm-Leach-Bliley Act (GLBA), the California Consumer Privacy Act (CCPA), and other federal or state regulations. This Privacy Policy outlines how we collect, use, retain, and protect your data.

1. Information We Collect

We collect personal and financial information necessary for the preparation of your tax returns and related services. This may include:

Identifiable information (e.g., name, address, phone number, Social Security Number, taxpayer identification number)
Financial information (e.g., income, deductions, expenses, investments)
Documents related to tax preparation (e.g., W-2s, 1099s, receipts, and other financial records)
Payment information (e.g., credit card or banking details)

2. How We Use Your Information

Your data will only be used for the following purposes:

Preparation and filing of your tax returns
Communication related to tax preparation and advisory services
Compliance with federal and state laws and regulations
Internal business purposes, such as recordkeeping and audits

We will never sell or share your information with third parties for marketing purposes.

3. Data Retention Policy

We retain your data only as long as necessary to fulfill our legal and business obligations. The retention periods are as follows:

Tax Returns and Supporting Documentation: Retained for 3 years from the date of filing or 2 years from the date of payment (whichever is later) in compliance with IRS guidelines.
Retained for 7 years for documents related to bad debts, worthless securities, or specific audit requirements.
Client Communication Records: Retained for 3 years unless related to ongoing tax services or legal requirements.
Employee and Vendor Data: Retained for 4 years after termination of employment or contractual relationship.
Litigation Holds: Retained indefinitely until the resolution of any ongoing disputes or audits.

Once the retention period expires, data will be securely deleted as described in the Data Deletion Policy below.

4. Data Deletion Policy

We will securely delete your data when the retention period ends, or if you submit a valid deletion request under applicable privacy laws (e.g., CCPA). Deletion procedures include:

Electronic Data: Permanently deleted using secure erasure methods compliant with NIST 800-88 or DoD 5220.22-M standards.
Physical Records: Destroyed via cross-cut shredders or certified document destruction services.
Backup Systems: Data will be removed from all active systems, as well as backup servers, upon expiration of retention periods.

5. Your Privacy Rights

Under applicable laws, you may have the right to:

Access the personal data we hold about you.
Request correction of inaccurate or incomplete data.
Request deletion of data, subject to exceptions under tax and legal compliance requirements.
Receive a copy of your data in a portable format.

To exercise these rights, please contact us at support@taxguyinc.com. Requests will be processed within the timeframes required by law.

6. Data Security Measures

We use industry-standard security measures to protect your data, including:

Encryption of electronic records (e.g., 256-bit AES)
Secure file storage and transmission systems
Access controls limited to authorized personnel
Regular security audits and employee training

7. Updates to This Policy

This policy will be reviewed and updated annually or as required by changes in the law. Updates will be communicated to you through email and on our website.

Engagement Letter Clause for Data Retention

Retention and Disposal of Client Records:

As part of our engagement, we will retain copies of tax returns and related documents for 3 years from the date of filing or 7 years in specific cases, as required by law. After this period, we will securely destroy your records in accordance with our Data Deletion Policy. Should you require copies of your records during this period, you may request them by contacting us at support@taxguyinc.com. Additional fees may apply for document retrieval and delivery.

Client Responsibility for Data Access:

You are responsible for providing accurate and complete information. Please notify us of any changes to your contact details to ensure proper communication regarding your retained records.

8. Google OAuth and Gmail API Usage

We use Google OAuth 2.0 and Gmail API to provide secure email communications. Specifically:

Gmail Send Scope: We use this to send you tax-related emails including invoices, draft reviews, document signing requests, verification codes, and service updates.
User Info Email Scope: We use this to identify your account and associate your tax documents with your profile.
We do not store your Google password. We only store encrypted OAuth refresh tokens necessary for sending emails. You can revoke access at any time through your Google Account settings at myaccount.google.com/permissions.

For any questions regarding this policy, please contact us at:

Email: support@taxguyinc.com
Phone: 415-235-5252
Address: 3906 160th st NW, Gig Harbor, WA 98332

8. Google OAuth and Gmail API

We use Google OAuth 2.0 to authenticate users and access Gmail API for the following purposes:

Gmail Send Scope: We use the Gmail API to send you important communications including:
- Tax preparation invoices and payment reminders
- Draft tax return reviews for your approval
- Document signing requests via DocuSeal
- Account verification codes for two-factor authentication
- Service updates and notifications related to your tax preparation
User Info Email Scope: We use your email address from Google to:
- Identify and authenticate your account
- Associate your tax documents with your account
- Ensure secure access to your tax information
Data Security: We do not store your Google password or OAuth tokens. We only store encrypted refresh tokens necessary to send you emails through the Gmail API. You can revoke access at any time through your Google Account settings at myaccount.google.com/permissions.
Third-Party Services: Our use of Google OAuth and Gmail API is subject to Google's Privacy Policy and Terms of Service. We only access the minimum necessary scopes to provide our tax preparation services.

9. Contact Information

For questions regarding this Privacy Policy or to exercise your privacy rights, please contact us: