This privacy policy explains how KEEL (via TaxDome) (collectively, «KEEL», «we,» «us,» and «our») collects, uses, shares, and processes information about you. This privacy policy describes our practices concerning your personal data that we process when we provide you with KEEL’s services, including the services available through our website at keelcpa.com, our mobile, browser, and desktop applications, and other services where we link this Policy (collectively the «Services»).
It also tells you about your privacy rights. Our Terms of Service provide further terms governing your use of the Services. Together, along with this Privacy Policy, our Terms of Service, Data Processing Amendment («DPA»), Business Associate Agreement («BAA»), Refund Policy, Spam Guidelines, Partner Program Terms, Referral Program Terms, and any other electronic or written agreement as applicable between or applicable to KEEL and Customer, which govern the provision of the Service to you, as may be updated from time to time, form our «Agreement.» By accessing, downloading, registering with, purchasing from, or otherwise using our Services, you agree to the Agreement.
Please read this Privacy Policy and all other applicable terms of our Agreement carefully before you start to use the Services. By using the Services or signing up for an account, you accept and agree to be bound and abide by the Agreement and consent to and agree that we may collect, process, use, retain, disclose, and transfer your Personal Data as described in this Privacy Policy. If you do not agree to the full Agreement, you must not access or use the Services.
We reserve the right to change this Privacy Policy at any time. We will alert you that changes have been made by indicating the «last updated» date of the current version. We encourage you to review this Privacy Policy from time to time to make sure that you understand how any Personal Data we collect will be used.
If you have any questions, comments, requests, or concerns related to this privacy policy or our privacy practices or if you would like to opt-out of future communications or exercise your other privacy-related rights, please feel free to contact us at:
KEEL
gc@keelcpa.com
We need to process your Personal Data to operate our organisation and provide you with our Services. By accepting the Agreement, you are confirming that you have read and understood these policies, including how and why we use your Personal Data. If you don’t want us to collect or process your Personal Data in the ways described in this Privacy Policy, you should not use the Services. Please note we are not responsible for the content or the privacy policies or practices of any third party organisation or service that interact with our Services. We encourage you to read the privacy policies of these third-party organisations before using any of the Services.
As used herein, the term «Personal Data» means any information relating to an identified or identifiable natural person including information that specifically identifies an individual (such as a name, address, telephone number, mobile number, e-mail address, credit card number, ACH bank information, identification number, location data, or an online identifier) and information about that individual or his or her activities that is directly linked to the individual. Personal Data does not include aggregate data, which is data we collect about the use of the Services or about a group or category of services or users, from which an individual’s identity cannot be discerned and all other Personal Data has been removed. This Privacy Policy in no way restricts or limits our use of aggregate data.
We rely on a number of legal bases to process the information we receive about you from your use of the Services, including where:
Where we process your information on the basis of consent, we will clearly obtain your opt-in info@keelcpa.com. Where we process your information on the basis of legitimate interests, we do so where the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.consent. Where given, you may withdraw your consent at any time by contacting us at
Information we may collect about you includes:
Account Information: you may register for an account with us (a «Services Account»). We do not require you to register to use our Services. However, if you do register a Services Account, you will gain access to those areas and features of the Services that require registration. We will collect certain information about you in connection with your registration for a Services Account, which may include Personal Data and other information such as a username and password.
To register for a Services Account, we will ask you to provide the following:
To register your organisation for a Services Account, we will ask you to provide the following: your organisation name, team size, currency, logo (optional), preferred settings, team member’s email, and role.
Payment Transaction Information: We may collect information related to purchases made through the Services. You may provide certain information to complete payments via the Services, including your credit or debit card number, card expiration date, CVV code, billing address, and ACH bank information (collectively, «Payment Information»), along with your name and billing, delivery and shipping address, to complete payment transactions through certain services.
Please note we work with Service Providers (as defined below) to handle payment transactions. We do not collect or maintain your credit card or other financial account information; this information is handled for us by our Service Providers. You are subject to the privacy policies and terms and conditions of our Service Providers when utilising a third-party service through our Services. Please review the Service Providers’ privacy policies and terms and conditions before using their services.
Task Information: When you use the Services, we collect certain information about your inputs into the Services which could contain Personal Data, such as comments, attachments, and daily stand-ups entered by users of the Services.
If you do not want to receive communications from us in the future, please let us know by sending us an e-mail requesting the same to info@keelcpa.com or by following the unsubscribe instructions found in any e-mail we send. If you supply us with your postal address, you may receive periodic mailings from us with information on new products and services or upcoming events. If you do not wish to receive such mailings, please let us know by contacting us at info@keelcpa.com.
Please note requests to remove your email address from our lists may take some time to fulfill. We may also still contact you as needed to provide important announcements or notifications regarding the Services.
Support Information: you may provide information to us via a support request submitted through the Services at info@keelcpa.com. We will use this information to assist you with your support request. Please do not submit any information to us via a support submission, including confidential or sensitive information that you do not wish for our Service Providers to have access to or use in the future.
Form Information: We may use forms to request certain information from you on the Services, such as your contact information to assist with contacts or service requests. This information may include Personal Data.
User contributions: You also may provide information to be posted on public areas of the Services, or transmitted to other users of the Services or third parties (collectively, «User Contributions»). Your User Contributions are posted on and transmitted to others at your own risk. We cannot and do not guarantee that your User Contributions will not be viewed by unauthorised persons.
Public information: We may also collect information about you from publicly available sources. Information you make publicly available in any public or open forum, such as on a social network, may be considered public information for the purposes of this Privacy Policy and may be accessed and collected by us. Please be aware that any content or information you share with or provide to third parties using or related to your use of the Services is neither private nor confidential. We are not responsible for any content or information you post or share with third parties. If you do not wish for certain information to be public, please do not share it publicly.
We do not collect any special categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).
We use automatic data collection and analytics technologies to collect aggregate and user-specific information about your equipment, domain name, patterns of use, communication data, and the resources that you access and use on the Services, including your IP address, browsing, and navigation patterns. This information is used to improve our Services.
We generally process information collected automatically on the legal basis of our legitimate interests in assessing the use of our Services. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing.
Information we collect automatically through your use of the Services includes:
Internet browser: Your Internet browser automatically transmits certain anonymous information when you use certain Services. As you navigate through our Services, we and our partners who include third-party Service Providers (as defined below) we engage to help provide our Services, may use automated means to collect various types of information about you, your computer, or other device used to access our Services.
A representative, non-exhaustive list of the types of automatically collected information may include:
We may use this information to customise your experience with our Services. You may set your browser to notify you when a cookie is sent or to refuse cookies altogether, but certain features of this site may not work without cookies.
We, along with our Service Providers, may use and combine such collected anonymous information to provide better service to site visitors, tailor the site based on your preferences, compile and analyse statistics and trends, monitor website activity and performance and otherwise administer and improve the site for your use. However, such information is not combined with your Personal Data collected.
Information collected by and from social media services and other third-party platforms: Our users can engage in the content on or through social media services or other third-party platforms, such as Facebook, or other third-party social media plug-ins, integrations, and applications. When you engage in our content on or through social media services or other third-party platforms, plug-ins, integrations, or applications, you may allow us to have access to certain information in your profile. This may include your:
For a description on how social media services and other third-party platforms, plug-ins, integrations, or applications handle your information, please refer to their respective privacy policies and terms and conditions, which may permit you to modify your privacy settings.
When we interact with you through our content on third-party websites, applications, integrations, or platforms, we may obtain any information regarding your interaction with that content, such as content you have viewed and information about advertisements within the content you have been shown or may have clicked on.
Analytics information: We use data analytics to ensure site functionality and improve the Services. We use mobile analytics software to allow us to understand the functionality of the Services on your phone. This software may record information such as how often you use the Services, what happens within the Services, aggregated usage, performance data, app errors and debugging information, and where the Services were downloaded from. We do not link the information we store within the analytics software to any Personal Data that you submit within the mobile application.
Log file information: When you use our Services, we may receive log file information such as your
We receive log file data when you interact with our Services, for example, when you visit our website, sign in to our Services, or interact with our email notifications. We use log file data to provide, understand, and improve our Services, and to customise the content we show you. We may link this log file to other information we collect about you via the Services
Cookies: We may also capture Personal Data about you automatically through your use of the Services by utilising background local storage and session storage technologies («Cookies») in order to improve the user experience. Cookies are small files or other prices of data that are downloaded or stored on your computer or other devices that can be tied to information about your use of our Sites and Services (including certain third-party services and features offered as part of our Services). You may change your browser setting to decline the use of Cookies (though this may adversely affect your operation or use of the Sites or Services). Before using the TaxDome website, you are advised to check your current browser settings to ensure that the settings reflect your consent for TaxDome to place cookies on your devices. You do not have to accept our cookies and you may set your browser to restrict their use and you may delete them after they have been placed on your hard drive. If you do not accept or delete our cookies, some areas of our websites may take more time to work, or may not function properly. This Privacy Policy does not cover the use of cookies by third parties over which we have no control.
Information collected by the TaxDome mobile app (iOS and Android): TaxDome may use information about your mobile device operating system.
Other web technologies: Our Service Providers (defined below) may also use other standard web-based technologies to analyse your movements while accessing our Services. The technologies include web «beacons,» «pixel tags,» and «clear gifs.» These technologies help us ascertain the effectiveness of our product and service campaigns and marketing programs, allow us to customise the services offered on or through our websites, and help determine the best use for websites content, and product and service offerings. Some of this information, including the IP address, may be stored on our Service Provider’s server logs and may be available for extended periods of time.
We use the information we receive about you for the purposes described in this Privacy Policy. We generally process Personal Data received about you through our Services on the legal basis of our legitimate interests in providing the Services and their functionality to you where such processing is necessary for the purposes of the legitimate interests pursued by us or by our Service Providers related to the Services. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing or pursuant to the performance of a contract. We will not share, sell, rent, or otherwise disclose your Personal Data to third parties without your consent or another valid legal basis permitted by law.
We will share your information in the following circumstances on the legal basis of the legitimate interests of providing the requested Services:
Service Providers: We use third parties to support our business and provide services such as receiving, processing and fulfilling orders, encrypting credit card data as a further measure of securing the data, processing credit card payments, processing product reviews, technical support, and providing comparative performance information relative to our site («Service Providers»). These third parties have only limited access to your information and may use your information only to perform these tasks on our behalf. Information we share with our Service Providers may include both information you provide to us and information we collect about you, including Personal Data and information from data collection tools like cookies, web beacons, and log files.
We may disclose the personal data that you have provided to us to Service Providers that we have engaged to perform business-related functions on our behalf, but only:
Business transactions: We may purchase other businesses or their assets, sell our business assets, or be involved in a bankruptcy, merger, acquisition, reorganisation, or sale of assets (a «Business Transaction»). Your information, including Personal Data, may be among assets sold or transferred as part of a Business Transaction. In some cases, we may choose to buy or sell assets. Such transactions may be necessary and in our legitimate interests, particularly our interest in making decisions that enable our organisation to develop over the long term.ws
Safety and Lawful Requests: We may be required to disclose Services user information pursuant to lawful requests, such as subpoenas or court orders, or in compliance with applicable laws. We generally do not disclose user information unless we have a good faith belief that an information request by law enforcement or private litigants meets applicable legal standards. We may share your information when we believe it is necessary to comply with applicable laws, to protect our interests or property, to prevent fraud or other illegal activity perpetrated through the Services or using our name, or to protect the safety of any person. This may include sharing information with other companies, lawyers, agents, or government agencies. Nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to a third party, including a government’s or request to disclose your information.
Other purposes: TaxDome may also disclose your personal data as is necessary to:
We may disclose your information in connection with the sale or merger of TaxDome or any transaction that involves the sale or assignment of some or all of our assets.
Aggregated Non-Personal Data: We may disclose aggregated, non-personal data received from providing the Services, including information that does not identify any individual, without restriction. We may share demographic information with business partners, but it will be aggregated and de-personalised so that personal data is not revealed.
We seek to ensure all individuals are provided with the rights mandated by their governing jurisdiction. Not all of the rights discussed in this Privacy Policy will apply to each individual data subject and may not apply to you depending upon your jurisdiction.
You may benefit from a number of rights in relation to the information that we process. Some rights apply only in certain limited cases, depending on your location. If you would like to manage, change, limit, or delete your personal data, you can do so by contacting us at help@taxdome.com. Upon request, we will provide you with information about whether we hold any of your personal data. In certain cases where we process your information, you may also have a right to restrict or limit the ways in which we use your personal data. In certain circumstances, you also have the right to request the deletion of your personal data, and to obtain a copy of your personal data in an easily accessible format.
To the extent that such rights are mandated by the laws applicable to the individual data subject, such as all data subjects residing in the European Union («EU»), the following rights may apply:
the right to access (GDPR, Article 15);
the right to rectification (GDPR, Article16);
the right to erasure (GDPR, Article 17);
the right to restrict processing (GDPR, Articles 18);
the right of object (GDPR, Article 21);
the right to data portability (GDPR, Article 20); or
the right to lodge a complaint with an appropriate data privacy regulatory authority (GDPR, Article 77).
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases, our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
If we process your information based on our legitimate interests as explained in this policy, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your data for direct marketing purposes, you can always object to using the unsubscribe link in such communications or changing your account settings.
Where you have provided consent to certain data processing, you have the right to withdraw that consent at any time by contacting us at help@taxdome.com. A withdrawal of consent will not affect the validity of our use of your personal data up until the point you have withdrawn your consent.
If you no longer wish to use the Services or receive service-related messages (except for legally required notices), then you may contact us using the information above.
Access to the information we have collected about you: We provide certain tools and settings within the Services to help you access, correct, delete, or modify your personal data associated with the Services. You may also contact us regarding the information we have collected about you, including regarding the nature and accuracy of the data that has been collected about you, to request an update, modification, or deletion of your information, to opt-out of certain Services uses of your information, or to withdraw any consent you may have granted to us. Please note that if you choose to delete your information or opt-out of the collection and use of your information, you understand that certain features, including but not limited to access to the Services, may no longer be available to you.
Data retention: We will retain your information only for as long as is necessary for the purposes set out in this policy, for as long as an account is active or as needed to provide the Services to you. We will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, enforce our agreements, and as otherwise described in this policy. We also retain log files for internal analysis purposes. These log files are generally retained for a brief period of time, except in cases where they are used for site safety and security, to improve site functionality, or we are legally obligated to retain them for longer time periods. We may delete your personal data from our systems as part of a data retention plan. Following termination or deactivation of a Services Account, we may retain your information and content for a commercially reasonable time for backup, archival, and audit purposes.
Opting-out of communications from us: Users may opt-out of receiving certain communications from us by following the unsubscribe process described in email communication, or by contacting us using the contact information provided above. However, please note you may not opt-out of certain Services-related communications, such as account verification, changes or updates to features of the Services, or technical and security notices.
Do Not Track: We do not currently employ a process for automatically responding to «Do Not Track» (DNT) signals sent by web browsers, mobile devices, or other mechanisms. Per industry standards, third parties may be able to collect information, including personal data, about your online activities over time and across different websites or online services when you use Services. You may limit certain tracking by disabling cookies in your Internet browser.
The security of your personal data is important to us. We take reasonable efforts to secure and protect the privacy, accuracy, and reliability of your information and to protect it from loss, misuse, unauthorised access, disclosure, alteration, and destruction. We implement security measures as we deem appropriate and consistent with industry standards. As no data security protocol is impenetrable, we cannot guarantee the security of our systems or databases, nor can we guarantee that personal data we collect about you will not be breached, intercepted, destroyed, accessed, or otherwise disclosed without authorisation. Accordingly, any information you transfer to or from Services is provided at your own risk.
Please do your part to help us keep your information secure. Services Account information is protected by a password. It is important that you protect against unauthorised access to your account and information by choosing your password carefully and by keeping your password and computer secure, such as by signing out after using the Services. You are responsible for maintaining the confidentiality of your password and Services Account and are fully responsible for all activities that occur under your password or Services Account. We specifically reserve the right to terminate your access to the Services and any contract you have with us related to the Services in the event it learns or suspects you have disclosed your Services Account or password information to an unauthorised third party.
We make reasonable efforts to ensure that our other Service Providers have implemented physical, electronic, and procedural security measures to assist with safeguarding your personal data and to help protect against unauthorised access and disclosure. Only our authorised personnel and our Service Providers who perform legitimate business functions for TaxDome are authorised to access your personal data. Notwithstanding our efforts, the Internet has inherent security risks. TaxDome cannot promise, and you should not expect, that your personal data, personal searches, and other communications will always remain secure. You should take care with regard to how you handle and disclose your personal data or any username or password that you are required to use to access services on our websites.
Where you act for a company processing Personal Data, or where you provide us the Personal Data of individuals, you are acting as a data controller, and TaxDome is the data processor. As a data controller, you are responsible for protecting the Personal Data you process and complying with all relevant legal requirements when you use the Services. This includes applicable data protection and privacy laws that govern the ways in which you can use Personal Data. Data controllers are also responsible for protecting Personal Data they provide to their data processors and must have a written agreement in place governing the details of the processing. TaxDome’s Data Processing Amendment is available at this link.
TaxDome will only process personal data in a way that is compatible with and relevant for the purpose for which it was collected or authorised by you. To the extent necessary for those purposes, TaxDome will take reasonable steps to ensure that personal data is accurate, complete, current, and reliable for its intended use.
TaxDome Operates from the United States: The United States, European Economic Area («EEA») Member States, and other countries all have different laws relating to privacy and data protection. When your information is moved from your home country to another country, the laws and rules that protect your personal data in the country to which your information is transferred may be different from those in the country in which you live. For example, the circumstances in which law enforcement can access personal data may vary from country to country. In particular, if your information is in the United States, it may be accessed by government authorities in accordance with U.S. law.
Please be advised information we collect about you via the Services may be transferred, processed, and/or accessed by us in the United States, or another country where we or our Service Providers operate. Please be aware that the privacy laws and standards in certain countries, including the rights of authorities to access your personal data, may differ from those that apply in the country in which you reside. If you are located outside the United States and choose to allow us to collect information about you, please be aware that we may transfer your personal data to the United States and process and store it there. We will transfer personal data only to those countries to which we are permitted by law to transfer personal data, and we will take steps to ensure that your personal data continues to enjoy appropriate protections.
EU-U.S. and Swiss-US Privacy Shield:
NOTE: Though Privacy Shield has been declared «invalid» by the Court of Justice of the European Union in the Schrems II case, TaxDome maintains its certifications and continues to meet its obligations under the EU-U.S. and Swiss-U.S. Privacy Shield frameworks. TaxDome utilises the EU’s Standard Contractual Clauses («SCCs») as an alternate legal transfer basis to Privacy Shield. TaxDome’s Data Processing Amendment (DPA) incorporates the SCCs and is incorporated by reference into, and made a binding part of our Terms of Service and Agreement (as defined in our Terms of Service) with TaxDome users. Please see www.taxdome.com/privacy-shield for more information.
TaxDome complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data from European Union member countries (and Iceland, Liechtenstein, and Norway) and Switzerland transferred to the United States pursuant to Privacy Shield. TaxDome has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, TaxDome is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain Personal Data relating to you in the United States. Upon request, we will provide you with access to the Personal Data that we hold about you. You may also correct, amend, or delete the Personal Data we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to help@taxdome.com.com or our DPO Victor Radzinsky at dpo@taxdome.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorised. To request to limit the use and disclosure of your Personal Data, please submit a written request to help@taxdome.com or our DPO Victor Radzinsky at dpo@taxdome.com.
In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
TaxDome’s accountability for Personal Data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, TaxDome remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the Personal Data on its behalf do so in a manner inconsistent with the Principles unless TaxDome proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, TaxDome commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact TaxDome by email at help@taxdome.com or our DPO Victor Radzinsky at dpo@taxdome.com.
TaxDome has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your complaint involves human resources data transferred to the United States from the EU and/or Switzerland in the context of the employment relationship and TaxDome does not address it satisfactorily, TaxDome commits to cooperate with the panel established by the EU data protection authorities (DPA Panel) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable and to comply with the advice given by the DPA panel and/or Commissioner, as applicable with regard to such human resources data. To pursue an unresolved human resources complaint, you should contact the state or national data protection or labor authority in the appropriate jurisdiction. Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. Complaints related to human resources data should not be addressed to the BBB EU PRIVACY SHIELD.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
TaxDome is not currently directly subject to the California Consumer Privacy Act of 2018 («CCPA»). However, we strive to act consistently with the intent of the CCPA.
Each capitalised term used, but not defined, in this section shall have the meaning given to such term in the CCPA or the Agreement. «Personal Information» includes Personal Data as defined in other sections of this Privacy Policy.
Consistent with the principles of the CCPA, if you are a resident of California, you may access the Personal Information we hold about you, ask that your Personal Information be corrected, updated, ported, or erased, and opt out of the further sale of your Personal Information (collectively, «Requests»). If you would like to make one of these Requests, follow the procedure described in the «Making Access, Data Portability, Correction, and Deletion Requests» section below. If you would like to designate an authorised agent to submit these Requests on your behalf, please contact us through the means indicated at the end of this Policy.
Access to Specific Information Requests: you may request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable Consumer request, we will disclose to you:
The categories of Personal Information we collected about you;
The categories of sources for the Personal Information we collected about you;
Our business or commercial purpose for collecting, sharing, or selling that Personal Information;
The categories of third parties with whom we share that Personal Information;
The specific pieces of Personal Information we collected about you (also called a data portability request) and provide a copy to you in an electronic or paper format; and
The categories of Personal Information, if any, we disclosed for a business purpose to a third party.
Deletion Request: you may request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm a verifiable Consumer request from you, we will delete (and direct our Contractors and Service Providers to delete) your Personal Information from our (and their) records, unless an exception applies (as described below).
As described in the CCPA we may delete your Personal Information by (a) permanently and completely erasing the Personal Information on our existing systems with the exception of archived or back-up systems; (b) de-identifying the Personal Information; or, © aggregating the Personal Information.
We may deny your deletion request for any reason including if retaining the information is necessary for us or one of our Contractors or Service Providers to:
Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
Debug products to identify and repair errors that impair existing intended functionality;
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
Comply with a legal, regulatory, or law enforcement obligation; or
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Making Access, Data Portability, Correction, and Deletion Requests: To make an access, data portability, or deletion request, please submit a verifiable Consumer Request by contacting us using the contact information at the end of this Policy. Only you, an authorised agent, or an entity registered with the California Secretary of State that you authorise to act on your behalf, may make a verifiable Consumer Request related to your Personal Information. You may only make a verifiable Consumer Request for access or data portability twice within a 12-month period. To be verifiable, the Consumer Request must:
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorised representative of that person and
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your Request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm that the Personal Information relates to you. Making a verifiable Consumer Request does not require you to create an account with us. We will only use Personal Information provided in a verifiable Consumer Request to verify the requestor’s identity or authority to make the Request.
Upon receiving a Request from you, we will verify your identity based on the information we have on file for you. Upon verification of your identity, we will proceed to process your request (subject to the exceptions stated above).
We endeavor to confirm receipt of your request within ten (10) days of receiving it. We will respond to a verifiable Consumer Request within forty-five (45) days of its receipt. If we require more time (up to an additional forty-five (45) days), we will inform you of the reason and extension period in writing.
We will deliver our written response via email to the email address associated with you or, if we are unable to determine your email address, via mail, if you provided that information to us.
Any disclosures we provide will only cover the 12-month period preceding the verifiable Consumer Request receipt. If applicable our response to your Request will explain any reason we cannot comply with the Request. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable Consumer Request unless it is excessive, repetitive, or manifestly unfounded. If we determine that your Request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your Request.
Non-Discrimination: We will not discriminate against you simply for making a Request pursuant to this section of the Policy.
Under California Civil Code Section 1798.83 (known as the «Shine the Light» law), our Services users and customers who are residents of California may request certain information about our disclosure of Personal Data during the prior calendar year to third parties for their direct marketing purposes. To make such a request, please write to us at the address below or at [email] with «Request for California Privacy Information» on the subject line and in the body of your message. We will comply with your request within thirty (30) days or as otherwise required by the statute. Please be aware that not all information sharing is covered by the «Shine the Light» requirements and only information on covered sharing will be included in our response.
If you are a Nevada resident who wishes to exercise your sale opt-out rights under Nevada Revised Statutes Chapter 603A, you may submit a request to the contact information listed at the end of this Privacy Policy. However, please know we do not currently sell Personally Identifiable Information triggering that statute’s opt-out requirements.
KEEL's website is a general audience website. The Services are not directed toward children who are under the age of 18. You may not use the Services if you are under the age of 18. If you are under the age of 18, you should not provide any information on our Services.
We do not knowingly collect Personal Data from children or minors. If KEEL or its Service Providers become aware that a child or minor has provided us with Personal Data without parental consent, that information may be deleted from our databases. If you have questions about Personal Data that may have been submitted by a child, please email us at info@keelcpa.com.
KEEL uses a self-assessment approach to assure compliance with this Privacy Policy and periodically verifies that the Privacy Policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible, and in conformity with the EU and Swiss privacy principles. We encourage interested persons to raise any concerns using the contact information provided and we will investigate and attempt to resolve any complaints or disputes regarding the use and disclosure of Personal Data in accordance with the principles.
If a complaint or dispute cannot be resolved through our internal process, we agree to dispute resolution using (an independent resourced mechanism) as a third-party resolution provider.
KEEL may update this Privacy Policy from time to time, and you should take the time to review it each time that you visit one of our Services. The most current version of this Privacy Policy will govern our use of your information and will be located at https://keelcpa.com/privacy. You may contact us to obtain prior versions. We will notify you of material changes to this Privacy Policy by posting a notice at the Services or by emailing you notifying you of the changes.
Last updated April 1, 2024