PRIVACY POLICY & COOKIE POLICY
Cornerstone Tax & Accounting
212 Timber Lane, Anderson, SC 29621
Phone: 864-807-1240
Email: nick.rivanov@gmail.com
Last Updated: October 28, 2025
Cornerstone Tax & Accounting ("we," "our," "us," or "Company") is committed to protecting your privacy and ensuring you have a positive experience on our website and when using our services. This Privacy Policy explains how we collect, use, disclose, and otherwise handle your personal information in compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Federal Trade Commission (FTC) Safeguards Rule, and Internal Revenue Code Section 7216.
This policy applies to our website (https://cornerstonetaxacc.com/) and our tax preparation, accounting, and bookkeeping services.
---
1. INFORMATION WE COLLECT
We collect information in the following ways:
A. Information You Provide Directly
Through Our Website and Contact Forms:
- Name, email address, phone number
- Business information and structure
- Service inquiries and preferences
- Contact form submissions
Through Our Client Portal:
- Tax documents (W-2s, 1099s, receipts, statements)
- Social Security numbers or Tax Identification Numbers (TIN)
- Bank account and financial information
- Payment information
- Previous tax returns and financial records
- Business income and expense documentation
- Dependent information (names, Social Security numbers, dates of birth)
During Service Engagement:
- Detailed personal and financial information necessary for tax preparation
- Investment income and loss statements
- Mortgage interest, property tax, and charitable donation documentation
- Business financial records and bookkeeping data
B. Information Collected Automatically
Through Cookies and Tracking Technologies:
- Browser type and version
- Operating system
- Pages visited and time spent on pages
- Referring/exit pages
- IP address
- Device identifiers
Through Google Analytics:
- User behavior and engagement metrics
- Traffic sources and user flow
- Device and browser information
- Demographic information (age range, interests)
C. Payment Information
When you pay for services, payment information (credit card or bank account details) is collected by our payment processor and is never stored directly on our website or systems.
---
2. HOW WE USE YOUR INFORMATION
We use the information we collect for the following purposes:
Primary Service Delivery
- Preparing accurate tax returns
- Providing accounting and bookkeeping services
- Communicating with you about your account and services
- Maintaining detailed client records
Communication
- Responding to inquiries and requests
- Sending service-related updates and confirmations
- Providing tax tips and seasonal tax planning advice
- Notifying you of changes to our services or policies
Website Optimization
- Analyzing website traffic and user behavior
- Improving website functionality and user experience
- Personalizing your experience on our site
- Troubleshooting technical issues
Legal and Compliance
- Complying with tax laws and IRS requirements
- Meeting recordkeeping obligations (IRC Section 7216)
- Responding to lawful requests from government agencies
- Protecting against fraud and unauthorized access
Marketing and Business Development
- Sending promotional content and newsletters (with your consent)
- Tracking campaign effectiveness
- Understanding client needs and preferences
---
3. COOKIES AND TRACKING TECHNOLOGIES
What Are Cookies?
Cookies are small text files that are stored on your device when you visit a website. They allow websites to remember your preferences and track your activity.
Types of Cookies We Use
Essential Cookies (Necessary):
- Required for website functionality
- Enable secure login to your client portal
- Maintain session information with multi-factor authentication verification
- Prevent fraudulent activity
- User cannot opt out of essential cookies without disabling website functionality
Analytical Cookies (Performance):
- Google Analytics: Tracks website traffic, user behavior, and engagement
- Helps us understand how clients use our website
- Allows us to improve website performance and user experience
- Collects anonymized data; does not identify you personally
Marketing/Advertising Cookies:
- May be used for remarketing and targeted advertising
- Help display relevant content and offers
- Can be controlled through browser settings or opt-out mechanisms
Managing Cookies
Browser Control:
You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Please note that disabling essential cookies may affect website functionality and your ability to access your secure client portal.
Common Browser Cookie Settings:
- Google Chrome: Settings > Privacy and Security > Cookies and Other Site Data
- Firefox: Settings > Privacy & Security > Cookies and Site Data
- Safari: Preferences > Privacy > Manage Website Data
- Microsoft Edge: Settings > Privacy, Search, and Services > Clear Browsing Data
Google Analytics Opt-Out:
You can opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout
Targeted Advertising Opt-Out:
You can opt out of targeted advertising through industry tools like the Digital Advertising Alliance (DAA) or Network Advertising Initiative (NAI).
---
4. DATA SECURITY & SAFEGUARDS
Cornerstone Tax & Accounting takes the security of your personal and financial information seriously and complies with the Federal Trade Commission (FTC) Safeguards Rule. We implement the following security measures:
Technical Security Measures
- SSL Encryption: Our website uses 256-bit SSL encryption to protect data transmitted between your device and our servers
- Secure Client Portal: All tax documents and sensitive files are uploaded through an encrypted portal
- Multi-Factor Authentication (MFA): Required for all employees and available for client portal access to prevent unauthorized access
- Firewall Protection: Our systems are protected by advanced firewalls
- Regular Security Audits: We conduct regular security assessments to identify and address vulnerabilities
Administrative and Physical Security
- Limited Access: Only authorized employees with a legitimate business need can access sensitive client information
- Employee Training: All staff members receive annual cybersecurity training and awareness programs
- Written Information Security Plan (WISP): We maintain a comprehensive written security plan in compliance with FTC Safeguards Rule
- Secure Data Destruction: When data retention periods end, we securely destroy documents and files according to industry standards
Monitoring and Response
- Ongoing Monitoring: We continuously monitor our systems for signs of suspicious activity and unauthorized access
- Incident Response Procedures: We have established procedures to respond immediately to potential security breaches
- Regular Risk Assessments: We conduct regular risk assessments to identify potential vulnerabilities
IMPORTANT NOTE: While we implement industry-standard security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security. You use our services and website at your own risk.
---
5. IRS CONFIDENTIALITY AND DISCLOSURE RULES
IRC Section 7216 and IRS Circular 230 Compliance
Cornerstone Tax & Accounting adheres to Internal Revenue Code Section 7216 and IRS Circular 230 regulations. We are prohibited by federal law from disclosing tax return information to anyone without your explicit written consent.
Your tax return information will be used solely for:
- Preparing and filing your tax returns
- Supporting you in any IRS audit, correspondence, or examination
- Providing tax planning, advisory services, and consulting
- Complying with legal obligations
We will NOT disclose your information for any other purpose without your written permission, except:
- As required by law (IRS, state tax authorities, court orders)
- To law enforcement when legally required
- In response to valid administrative, civil, or criminal summons
UNAUTHORIZED DISCLOSURE OF TAX RETURN INFORMATION IS A FEDERAL CRIME SUBJECT TO FINES AND IMPRISONMENT.
---
6. DATA SHARING AND THIRD PARTIES
Cornerstone Tax & Accounting does NOT sell, rent, or lease your personal information to third parties.
We May Share Information With:
Service Providers:
- Payment processors (to securely process payments)
- Cloud storage providers (to securely store and back up client files)
- Email service providers (for communications)
- Website hosting and security providers
Legal Requirements:
- IRS and other federal tax authorities (as required by tax law)
- State tax authorities (as required)
- Law enforcement (when legally required)
- Government agencies (for compliance and audit purposes)
- Court orders or legal proceedings
Your Consent:
- Any other third party with your explicit written consent
Third-Party Service Provider Agreements
All third-party service provider contracts include specific data security requirements and confidentiality obligations. We conduct due diligence on all service providers to ensure they maintain appropriate safeguards for your information that meet or exceed our own security standards.
Future Contractors: If we engage third-party accountants or contractors in the future, they will be required to sign confidentiality agreements and comply with all applicable privacy laws and our data security standards.
Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of other websites. We encourage you to review their privacy policies before providing personal information.
---
7. DATA RETENTION
How Long We Keep Your Information
Tax Documents and Client Records:
- Retained for 7 years after service completion (per IRS recordkeeping requirements and IRC Section 7216)
- May be retained longer if required by law or if you have pending IRS matters
Website Analytics Data:
- Google Analytics data retained per Google's default settings (typically 26 months)
Marketing Communications:
- Retained until you unsubscribe or request deletion
Payment Information:
- Not retained on our servers (handled by third-party payment processor)
- Payment processor retention follows their privacy policy
Employee and Access Logs:
- Maintained for security and audit purposes (typically 12-24 months)
After the retention period, documents and records are securely destroyed according to industry standards using document shredding or secure digital destruction methods.
---
8. DATA BREACH RESPONSE & NOTIFICATION
Incident Response Plan
In the unlikely event of unauthorized access to your personal information, Cornerstone Tax & Accounting will:
1. Investigate Immediately: Determine the scope and nature of the unauthorized access
2. Mitigate Damage: Take immediate action to stop the breach and prevent further unauthorized access
3. Notify You: Contact you directly within 30 days of discovering the breach
4. Provide Information: In the breach notification, we will provide:
- Description of the incident
- Types of personal information accessed
- Recommended protective steps you should take
- Our contact information for questions
- Information about credit monitoring services if applicable
5. Notify Authorities: Report to the FTC if the breach affects 500 or more individuals or if required by state law
6. Correct Vulnerabilities: Implement corrective action to prevent similar incidents
7. Document the Process: Maintain records of the breach and our response for regulatory compliance
Notification to Law Enforcement
We will notify appropriate law enforcement agencies when required or appropriate and will cooperate fully with any investigation.
---
9. YOUR PRIVACY RIGHTS
Depending on your location and applicable law, you may have the following rights:
Right to Access:
- Request a complete copy of all personal information we maintain
- Contact us at nick.rivanov@gmail.com with "Data Request" in the subject line
- Reasonable request without unnecessary delay
Right to Correct:
- Request that we correct inaccurate or incomplete information
- We will update records and notify you of the correction
Right to Delete:
- Request deletion of your personal information
- IMPORTANT EXCEPTION: We may not be able to delete information required by tax law or IRS recordkeeping requirements (IRC Section 7216 requires retention for 7 years)
Right to Opt-Out:
- Opt out of marketing communications at any time by clicking "unsubscribe" or contacting us directly
- Opt out of analytics and advertising cookies through browser settings
- Opting out of essential cookies will limit website functionality
Right to Data Portability:
- Request your information in a portable, machine-readable format
Right to Lodge a Complaint:
- File a complaint with your state's Attorney General if you believe your rights have been violated
- For California residents: contact the California Consumer Privacy Protection Agency (CCPA)
- For EU residents: file a complaint with your local data protection authority
How to Exercise Your Rights
To exercise any of these rights, please contact us:
- Email: nick.rivanov@gmail.com
- Subject Line: "Privacy Request" + your specific request type
- Expected Response Time: Within 30 days (or as required by applicable law)
We will respond to your request within 30 days and may require verification of your identity to process your request.
---
10. MULTI-STATE PRIVACY COMPLIANCE
For Clients Residing in Multiple States
Because we serve clients throughout the United States, we comply with applicable privacy laws in all states where our clients reside, including but not limited to:
- California (CCPA/CPRA): Consumer rights to know, delete, and opt-out of sales
- Virginia (VCDPA): Consumer data protection rights
- Colorado (CPA): Consumer privacy rights
- Connecticut (CTDPA): Data privacy protections
- Utah (UCPA): Consumer privacy act
- Other State Privacy Laws: We comply with all state-specific privacy requirements
Enhanced Protections
If you reside in any state with specific privacy protections, those protections automatically apply to your information.
---
11. CHILDREN'S PRIVACY
Our services and website are not intended for individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information and terminate the child's use of our website.
---
12. IDENTITY THEFT PREVENTION PROGRAM
Cornerstone Tax & Accounting has implemented an identity theft prevention program designed to detect and respond to signs of suspicious activity involving your personal information.
Our Program Includes:
- Monitoring: We monitor for suspicious access attempts and unusual account activity
- Detection Procedures: We use security tools to identify potential threats to your data
- Response Procedures: We have established procedures for responding to potential data breaches and suspicious activity
- Client Notification: You will be notified immediately if we detect unauthorized access to your information
- Law Enforcement Coordination: We will coordinate with law enforcement when necessary
- Credit Monitoring: In cases of significant breach, we will offer credit monitoring services at no cost
---
13. FTC SAFEGUARDS RULE COMPLIANCE
Federal Trade Commission Safeguards Rule Requirements
Cornerstone Tax & Accounting complies with the Federal Trade Commission (FTC) Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA). As a professional tax preparation firm, we are required to maintain a written information security plan that safeguards your personal and financial information.
Our Compliance Includes:
- Written Information Security Plan (WISP): Comprehensive security plan addressing all Safeguards Rule requirements
- Multi-Factor Authentication: Required for all employees and available for client portal access
- Risk Assessment & Management: Regular security evaluations to identify and mitigate risks
- Employee Training: Annual cybersecurity awareness and training programs for all staff
- Secure Data Destruction: Protocols for securely destroying personal information at end of retention period
- Access Controls: Limited access based on business need-to-know principle
- Encryption: Use of encryption for sensitive data in transit and at rest
- Incident Response Plan: Procedures for detecting, responding to, and recovering from security incidents
- Ongoing Monitoring: Continuous monitoring of systems for suspicious activity
- Regular Testing: Periodic testing and evaluation of our security measures
Enforcement: The FTC actively enforces the Safeguards Rule. Violations can result in significant civil penalties and enforcement actions.
---
14. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Cornerstone Tax & Accounting
Email: nick.rivanov@gmail.com
Location: South Carolina
Response Time: We will respond to your inquiry within 10 business days
For privacy concerns or data requests, please include "Privacy Request" in your email subject line.
---
15. CHANGES TO THIS POLICY
Cornerstone Tax & Accounting reserves the right to modify this Privacy Policy at any time. Changes will be effective upon posting to our website. We will notify you of material changes via email or a prominent notice on our website.
Notification of Changes:
- We will send notice of significant changes to all clients via email at least 30 days before the changes become effective
- Continued use of our website and services following the posting of revised Privacy Policy means you accept and agree to the changes
---
16. LEGAL DISCLAIMERS
Professional Relationship Disclaimer
This Privacy Policy does not establish an attorney-client relationship or any confidentiality beyond what is provided by law. However, the information you provide to Cornerstone Tax & Accounting in connection with tax preparation services may be subject to tax professional privilege in certain circumstances.
Tax Preparation Disclaimer
Information provided through this website or our services may be subject to disclosure requirements under applicable tax laws, including federal and state tax regulations. While we maintain confidentiality to the extent permitted by law, we are required to comply with lawful requests from tax authorities.
---
17. POLICY EFFECTIVE DATE AND VERSION HISTORY
Effective Date: October 28, 2025
Version: 1.0
This Privacy & Cookie Policy applies to all services provided by Cornerstone Tax & Accounting and supersedes any previous privacy policies.
---
END OF PRIVACY POLICY & COOKIE POLICY
Copyright 2025 Cornerstone Tax & Accounting. All rights reserved.
This policy is compliant with:
- Federal Trade Commission (FTC) Safeguards Rule
- Internal Revenue Code Section 7216 and IRS Circular 230
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA/CPRA)
- Multi-State Privacy Laws (VCDPA, CPA, CTDPA, UCPA)
- Gramm-Leach-Bliley Act (GLBA)
