Privacy Policy
Effective Date: January 1, 2026 | Last Updated: March 14, 2026
1 Information We Collect
Personal Information You Provide
When you use our services, you may provide us with the following types of personal information:
- Identity Information: Full legal name, date of birth, Social Security Number (SSN) or Individual Taxpayer Identification Number (ITIN), and government-issued identification
- Contact Information: Email address, phone number, mailing address, and preferred method of communication
- Financial Information: W-2 forms, 1099 forms, bank account details for direct deposit, investment statements, business income records, expense documentation, and prior tax returns
- Employment Information: Employer details, job title, and compensation data
- Dependent Information: Names, dates of birth, SSNs, and relationship details of dependents claimed on tax returns
- Business Information: Entity type, EIN, business financial records, payroll data, and business structure details
Information Collected Automatically
When you visit our website, we may automatically collect:
- IP address and approximate geographic location
- Browser type, version, and operating system
- Pages visited, time spent on pages, and referring URLs
- Device type and screen resolution
2 How We Use Your Information
We use the information we collect for the following purposes:
- Tax Preparation & Filing: To prepare, review, and electronically file your federal and state tax returns with the IRS and applicable state agencies
- Tax Planning & Advisory: To provide personalized tax planning strategies, deduction optimization, and financial guidance
- IRS Representation: To communicate with the IRS on your behalf through our Enrolled Agent network for notices, audits, and resolution matters
- Client Communication: To send you status updates, document requests, filing confirmations, and respond to your inquiries
- Account Management: To create and maintain your secure client portal account and manage your engagement with our firm
- Compliance: To comply with IRS regulations, state tax authority requirements, and applicable federal and state laws
- Service Improvement: To analyze usage patterns and improve our website, portal, and service offerings
3 Legal Basis for Processing
We process your personal information based on the following legal grounds:
- Contractual Necessity: Processing is necessary to perform our tax preparation and advisory services under our engagement agreement with you
- Legal Obligation: We are required to collect and retain certain tax-related information under IRS regulations (including 26 U.S.C. § 6107 and § 6109) and state tax authority requirements
- Legitimate Interest: We may process data to improve our services, protect against fraud, and ensure the security of our systems
- Consent: Where required by law, we will obtain your explicit consent before processing your information for specific purposes such as marketing communications
4 Information Sharing & Disclosure
We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following limited circumstances:
- Tax Authorities: The IRS, state tax agencies, and other government bodies as required for tax filing, representation, and compliance purposes
- Service Providers: Trusted third-party providers who assist with our operations, including our tax preparation software (Intuit ProSeries), client management platform (Canopy Tax), secure client portal, and e-filing transmission services. These providers are contractually bound to protect your data
- Enrolled Agents: IRS Enrolled Agents in our network who may assist with tax representation, audit defense, and IRS notice resolution on your behalf
- Legal Requirements: When required by law, subpoena, court order, or government regulation
- Business Transfers: In connection with a merger, acquisition, or sale of assets, with prior notice to affected clients
We will never disclose your tax return information to third parties without your written consent, except as required by law, in accordance with IRS Regulation § 7216.
5 Data Security
Protecting your information is a top priority. We implement comprehensive security measures including:
- Encryption: All data is encrypted in transit (TLS 1.2+) and at rest using 256-bit AES encryption
- Written Information Security Plan (WISP): We maintain a comprehensive WISP in compliance with IRS Publication 4557 and the FTC Safeguards Rule, outlining our policies and procedures for safeguarding client data
- Access Controls: Role-based access controls, multi-factor authentication, and unique user credentials for all systems containing client data
- Secure Client Portal: All document exchange occurs through our encrypted client portal — we never request sensitive documents via unencrypted email
- Physical Security: Secure workstation policies, locked storage for physical documents, and compliant disposal procedures for sensitive materials
- Monitoring & Response: Continuous monitoring for unauthorized access attempts and a documented incident response plan
- Employee Training: Regular security awareness training for all personnel with access to client information
While we implement industry-leading safeguards, no method of electronic transmission or storage is 100% secure. We will notify you promptly in the event of a data breach affecting your personal information, as required by applicable law.
6 Data Retention
We retain your personal and tax information in accordance with the following guidelines:
- Tax Returns & Supporting Documents: A minimum of seven (7) years from the date of filing, as recommended by IRS guidelines and in compliance with 26 U.S.C. § 6107 (requiring retention of copies or lists for at least three years)
- Client Engagement Records: For the duration of our professional relationship plus seven (7) years
- Communication Records: For three (3) years following the conclusion of the relevant tax year engagement
- Website Analytics Data: Aggregated and anonymized data may be retained indefinitely; identifiable data is retained for no more than twenty-four (24) months
Upon expiration of the retention period, data is securely destroyed using methods compliant with NIST SP 800-88 guidelines for media sanitization.
7 Your Rights & Choices
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete personal information
- Deletion: Request deletion of your personal information, subject to legal retention requirements (note: we are legally required to retain certain tax records)
- Portability: Request a copy of your data in a structured, commonly used, and machine-readable format
- Opt-Out: Opt out of marketing communications at any time by clicking the unsubscribe link in any email or contacting us directly
- Restrict Processing: Request that we limit how we use your data in certain circumstances
To exercise any of these rights, please contact us at ask@sparkletax.com. We will respond to verified requests within thirty (30) days.
8 Cookies & Tracking Technologies
Our website uses the following types of cookies and tracking technologies:
- Essential Cookies: Required for basic website functionality, such as session management and security. These cannot be disabled
- Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous usage data. We use this information to improve our site experience
- Functional Cookies: Remember your preferences and settings (such as language or region) for a more personalized experience
We do not use advertising or targeted marketing cookies. You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect website functionality.
9 Third-Party Services
We use the following third-party services in connection with our tax preparation and advisory services:
- Intuit ProSeries: Professional tax preparation software for return preparation and e-filing
- Canopy Tax: Practice management, client engagement, and document management platform
- Client Portal: Encrypted document exchange and secure communication platform
- FormSubmit: Contact form submission processing
Each of these providers maintains their own privacy policies and security practices. We ensure that all third-party providers we work with meet or exceed industry-standard security requirements and are contractually obligated to protect your information.
10 Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. While we may process information about minors as dependents on a client's tax return (provided by the parent or legal guardian), we do not directly solicit or collect information from children.
If you believe we have inadvertently collected personal information from a child, please contact us immediately at ask@sparkletax.com, and we will take prompt steps to delete such information.
11 State-Specific Privacy Rights
California Residents (CCPA/CPRA)
If you are a California resident, you have the right to: (1) know what personal information we collect and how it is used; (2) request deletion of your personal information; (3) opt out of the sale of your personal information (note: we do not sell your data); and (4) non-discrimination for exercising your privacy rights. To submit a verifiable consumer request, contact us at ask@sparkletax.com.
Virginia, Colorado, Connecticut, Utah & Other State Residents
Residents of states with comprehensive privacy laws may have additional rights, including the right to access, correct, delete, and obtain a copy of their personal data, as well as the right to opt out of targeted advertising and profiling. We honor all applicable state privacy law requirements. Contact us to exercise your rights.
12 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page
- Notify existing clients via email or through the client portal for significant changes
- Post a notice on our website homepage for at least thirty (30) days
Your continued use of our services after any changes constitutes your acceptance of the updated policy. We encourage you to review this page periodically.