Your Privacy is Important to Us!

FirmWorks and its subsidiaries and affiliates, including CPA Practice Advisor, (“FirmWorks”, “CPAPA,” “we”, or “us”) is committed to developing long-lasting customer relationships based on value, trust, and goodwill.

This External Privacy Notice (“Privacy Policy”) explains how we collect, use, and share your personal information.

Personal information is any data that can be used to identify you, as an individual, or your household.

This Notice also explains our privacy-related business obligations to you, as well as your rights relative to the personal information that we hold.

 

At a Glance

If you’d rather not dive into the details, here is what we think you should know:

  • Your personal information is, where appropriate, shared within the greater FirmWorks organization.
  • We afford you a number of legal rights that can assist you in controlling how your personal information is collected, processed, and stored by us.
  • The means by which you can explore and exercise these rights is set out later in this Privacy Notice.
  • We do send direct marketing if we’re allowed to. We do this to encourage you to buy our products and services by sending you offers and ideas that we feel may be beneficial to you. If you want us to stop, you can unsubscribe using the link at the bottom of each marketing email.
  • We may also use your information to display relevant online advertising and marketing relating to our products and services.
  • FirmWorks markets products and services intended for accounting and tax professionals. We do not provide any content intended for minors (those under the age of 18), and we do not knowingly collect personal data from children.

 

Who We Are

When we say ‘we’ or ‘us’ in this Privacy Notice, we are referring to FirmWorks and its subsidiaries and affiliates, including CPA Practice Advisor.

Our corporate office address is:

FirmWorks LLC
300 Innovation Way
Suite 2340 Nashua, NH 03063

Main: (888) 417-4448

 

Our Privacy Obligations

FirmWorks markets products and services to individuals and organizations located in the United States. Accordingly, we are obligated to comply with various U.S. state privacy laws, including, among others, the California Consumer Protection Act (as amended, the “CCPA”).

We do not knowingly market products or services to individuals or organizations located outside of the United States and, in particular, to those located in the European Economic Area (“European Union”).

As such, FirmWorks, is not subject to the European Union’s General Data Protection Regulation (“GDPR”). Where it makes sense from a legal or practical standpoint, however, we may look to GDPR as high-level guidance with respect to complying with applicable U.S. state privacy laws or regulations (i.e., your rights as a data subject, and our privacy-related business obligations to you).

Please note that if you purchase or use FirmWorks products or services through another firm, your overall rights may be impacted by the specific privacy policies and/or processes of that firm.

 

Personal Information We Collect About You

FirmWorks may request or collect information from you through:

  • Online forms;
  • Information that you provide when ordering our products and services;
  • Our service providers or software vendors;
  • Affiliated organizations, such as marketing partners;
  • Web cookies, and similar technologies;
  • When you submit payment for our products and services; and
  • Instances where you are invited to volunteer such information.

Some information that we collect is personal information. This is information that could be used to identify you as an individual, or as part of a specific household.

Some examples of personal information that we may collect include:

  • Your name;
  • E-mail address;
  • Mailing address;
  • Telephone and fax numbers;
  • Company URL;
  • Credit card information;
  • Other billing information; and
  • CCTV images, if you visit our offices.

In our online forms, we clearly identify data that is required from you to fulfill a request for information or action on our part (normally marked with a red asterisk *). All other fields are typically optional.

Note: FirmWorks may also collect information about how users access our products and services using a tracking ID unique to each user through the use of cookies. You can review our detailed Cookie Policy here.

 

Our Lawful Bases for Processing your Information

Although we are not subject to GDPR, when we process your personal information, we do consider the lawful bases set out in the GDPR as best practice. The lawful bases we consider include:

  • Consent: You have given us explicit permission to process your personal information. When consent is used as the lawful basis for processing your personal information, you may withdraw your consent at any time.
  • Contractual Obligation: We process your personal information in order to provide you with one or more of our products and services.
  • Legal Obligation: We are required to process your personal information by law.
  • Vital Interests of the Data Subject: The processing of your personal information is necessary to protect you or someone else’s life.*
  • Public Interest: The processing of your personal information is necessary to the greater public interest.*
  • Legitimate interest: We process your personal information to conduct our business. This may include improving products and services, provided that we do not infringe upon your other rights or interests.

* Vital Interest of the Data Subject and Public Interest are unlikely scenarios, but are included for the sake of completeness.

The most common Lawful Bases for the processing of your personal data will generally be ConsentContractual Obligation, and Legitimate Interest.

 

How Do We Use Your Personal Information?

We may use your information in the following ways:

  • To provide our products and services – We need to use your personal information to make our products and services available to you. This may include financial or payment information that you provide to pay for products and services that you purchase from us.
  • Analytics and profiling – We use your personal information for statistical analysis, and to help us understand more about our customers. This includes understanding the products and services that you buy, which helps us to serve you better and to find ways to improve our products and services. These profiles also help us to send you information and offers that are more likely to be relevant to you and your needs.
  • Contacting You – We use your personal information to contact you. This may be in relation to a service update, an issue you have raised with us, to conduct market research, or to ask for your feedback.
  • Marketing and advertising – We may use your personal information to provide relevant marketing communications (such as marketing emails, or online advertising), that relate to our products and services.

 

Cookies

We use cookies to provide you with the best experience on our web sites, and to allow us and relevant third parties to tailor the ads that you see on other web sites. You can review our detailed Cookie Policy here.

 

Who Might We Share Your Personal Information With?

We may share your personal information internally, across various departments of FirmWorks, so that we can provide you with high-quality, personalized, and tailored service (including relevant marketing).

There are also a number of third parties with whom we may share your personal information under the lawful basis of Legitimate Interest. This is information that is used to operate and improve our business, and to provide you with a quality product and service experience.

Such third parties may include:

  • Companies that provide insights and analytics services so that we can offer the right products, send the relevant marketing campaigns, and understand our business and customers better;
  • Companies that provide customer payment solutions, such as the major payment card brands (i.e., Visa, Mastercard, American Express, and Discover), intermediate payment processing companies, and related financial institutions, such as banks and lenders;
  • Our agents, advisors, or others involved in managing accounts and services for you and your business, or collecting what you or your business might owe FirmWorks;
  • Credit reporting agencies, when you apply to establish an account with us;
  • Third-party vendors who help us manage, maintain, and secure our cloud infrastructure and information networks;
  • Our professional advisors, such as lawyers and consultants;
  • Security and fraud prevention companies, to ensure the safety and security of our customers, colleagues, and business operations;
  • Companies that enable us to collect your reviews and comments, both online and offline; and
  • Companies that help us with our community and social goals.

Note: If you use services provided by another company to interact with us (such as a virtual assistant or a social media platform), please be aware that your data is also subject to the privacy policies of those companies.

 

Opting Out of the Sale or Sharing of your Personal Information

To opt out of the selling or sharing of your personal information, contact the FirmWorks Privacy Office by phone, email, or postal mail as described at the bottom of this Notice.

 

Keeping You Informed about our Products and Services

We would like to tell you about the great offers, ideas, products, and services that we think you might be interested in. Where we have consent, or it is in our legitimate interest to do so, we may do this through the mail, by email, text message, phone, through online advertising, or other electronic means.

We won’t send you marketing messages if you tell us not to, but if we provide a product or service to you, we will still need to send you occasional service-related messages.

In the interest of continual improvement, we may also send you surveys about the products and services that we are providing to you, including customer support surveys.

Any email communication from FirmWorks that you can opt out of will contain a link to do so.

Please note that much of our marketing is performed as part of organized campaigns that are established well in advance. As such, it can take anywhere from several days to several weeks for your marketing preferences to catch up with our systems. We appreciate your patience as we allow things to get caught up.

 

Your Rights

You have a number of rights, which, under certain circumstances, you may be able to exercise in relation to the personal information that we process about you.

These rights include:

  • The right to access a copy of the personal information we hold about you;
  • The right to correction of inaccurate personal information we hold about you;
  • The right to restrict our use of your personal information;
  • The right to have your personal information deleted from our systems (also known as the “Right to Erasure” or “Right to be Forgotten”);
  • The right of data portability;
  • The right to object to our use of your personal information; and
  • The right to opt out of the sale or sharing of your personal information.

Some important details about these rights:

  • Where we rely on consent as the legal basis on which we process your personal information, you may withdraw that consent at any time.
  • The “Right to be Forgotten” is not an absolute right, and must be considered in light of our relevant business obligations, legal requirements, as well as the rights and freedoms of other data subjects .
  • We will need to positively verify your identity before we can fulfill your privacy rights requests. This helps us to protect you and others against fraudulent requests.
  • We will not discriminate against you (whether you are a customer, visitor, or employee) in the exercise of your privacy rights under this Privacy Notice.
  • We welcome your inquiries, comments, concerns, and requests to assert your privacy rights.

If you wish to exercise any of these rights, please contact the FirmWorks Privacy Office via one of the methods detailed in the “Contact Us” section below.

 

Automated Decision Making and Profiling

We use automated decision making, including profiling, in certain circumstances, such as when it is in our legitimate interests to do so, or where we have a right to do so because it is necessary for us to enter into, and perform, a contract with you.

We use profiling to enable us to give you the best service, including specific marketing which we believe you will be interested in.

You have the right not to be subject to any decision based solely upon automated processing, including profiling, which has legal effects upon you, or affects you in any other material way.

If you believe that you have been unfairly impacted by automated decision making on the part of FirmWorks, you may request clarification and/or a review of that decision by contacting the FirmWorks Privacy Office using the details in the “Contact Us” section below.

 

How Long Do We Keep Your Personal Information?

We will keep your personal information for the purposes set out in this Privacy Notice, and in accordance with the law and relevant regulations. We will only retain your personal information for as long as necessary for the stated purpose(s).

For information on how long we retain your business data (data that we host on your behalf), please see the FirmWorks General Terms and Conditions.

 

Security

We take protecting your personal information seriously, and we continuously assess and monitor our security systems and practices.

Some of the controls that we have in place are:

  • Limiting physical access to our buildings and user access to our systems to only those that we believe are entitled to be there;
  • Using technology controls for our information systems, such as firewalls, user verification, strong data encryption, and separation of roles, systems, and data;
  • Proactively monitoring our business systems and technology infrastructure using a “detect and respond” information security function;
  • Following industry best practices to operate and continually improve our robust information security management system; and
  • Enforcing a “need to know” policy for access to data and systems.

 

Third-Party Web Content

Our web sites feature links to outside information, products, and services that are not under the control of FirmWorks. Please be sure to read and understand the terms, conditions, limitations, intellectual property rights, and/or any related privacy policies that may apply to this external content, or to the organizations that provide it.

We also use third-party web components, such as forms, buttons and widgets, that are provided by (or hosted by) other entities. Some of these components may collect personal information, such as your IP address, or your web site navigation details. This Privacy Notice does not otherwise apply to these components, and we encourage you to review the privacy policies of the respective technology providers.

 

Contact Us

If you would like to exercise your rights as set out in the “Your Rights” or “Automated Decision Making and Profiling” sections above, or have questions or concerns about this Privacy Notice, or the ways in which we process your personal information, please contact us by one of the following methods:

By email:

privacy@firmworks.com

By postal mail:

FirmWorks LLC
1508 S. Walnut St.
Bloomington, IN 47401
Attention: Privacy Office

By phone:

888.915.6492

 

Policy Change

This published version of our Privacy Notice was last updated on May 1, 2024, and supersedes all previously published versions.

This Privacy Notice may be modified or amended from time to time as relevant privacy laws change and/or as the FirmWorks’ privacy-related processes and practices evolve and expand.