PRIVACY POLICY

CROSSLINK FAMILY OF COMPANIES

Important Information: Please read this carefully as we have made updates to our Privacy Policy.

This Privacy Policy goes into effect January 25, 2024 (“Effective Date”).

This Privacy Policy describes the information that the Crosslink Family of Companies (“we”, “our”, “us”) including CrossLink Professional Tax Solutions, LLC, CrossLink Tax Tech Solutions, LLC and its two d/b/as, CrossLink Tax Pro Alliance and uTax, and Audit Allies, LLC (collectively “CrossLink”) collects from you, or you may provide through your interactions with www.crosslinktax.com, www.crosslinktaxtech.com, www.taxproalliance.com, www.utaxsoftware.com, www.auditallies.com, and other websites and applications owned or controlled by CrossLink that link to this Privacy Policy (collectively, the “Sites”), and services and products offered by CrossLink. For certain offerings on our Sites, there may be additional notices about our information practices and choices. Please read those additional privacy disclosures to understand how they apply to you.

To contact us, see the section “How To Contact Us” below.

Scope of this Privacy Policy.

This Privacy Policy describes our privacy practices for individuals in the United States. We do not market to nor target subjects of other countries. We meet all rules and regulations relating to data protection and security promulgated by the Internal Revenue Service and its Security Summit and comply with the Gramm-Leach-Bliley Act.

Our Privacy Policy does not apply where CrossLink processes your information in our role as a service provider or data processor on behalf of a customer or entity that acts as the data controller, who alone or jointly with others determines the purposes and means of the processing of personal information (for example, customers of our professional tax software products or companies that co-brand our software). When we act as a service provider or data processor, the privacy policy of the data controller will govern the processing of your personal information, defined as information that identifies, relates to, describes, or is reasonably capable of being associated with or linked to you. In certain circumstances, there may be more than one data controller processing your information. In these situations, we act as an independent data controller over our processing activities.

This Privacy Policy explains CrossLink’s collection, use, retention, disclosure and security of information about you. It also describes your choices regarding the use, access, and correction of your personal information. By using our Sites, products, and services, you agree to the collection and use of information in accordance with this Privacy Policy.

Since your privacy is a priority to us, CrossLink will not share nonpublic information about you with third parties outside of the CrossLink Family of Companies without your consent, except as explained in our Privacy Policy.

The Centralization of Your Information.

We use the information you choose to share with us across our platform. Here’s what we mean by “platform” – when you choose to share data with us or bring over information from third parties, we use that data together, not just within the individual offering(s) you’re using. In other words, data entered into one service or product becomes a part of your “CrossLink Account”. Your CrossLink Account includes your credentials; your name and contact details; payment information; information about your activities, your interests and preferences; the content you place in our Sites, products and services; information we have collected about you from third-party sources and insights that are associated with you. The information in your CrossLink Account will be shared across the CrossLink Family of Companies to generate our various offerings, services and experiences and otherwise maximize the benefits to you of our platform.

Information We Collect.

We collect information from you directly, the devices that you use to interact with us, and certain third-parties including analytics providers.

Information You Give Us.

The personal information that we receive about you depends on your interactions with CrossLink, and how you use and set up your account. Personal information that you provide may also depend upon what Sites, products and services you use and applicable law. You may provide the following information to us directly when you enter and use our Sites, contact us for support, or purchase products and services:

·       Creating an account. We collect information when you create an account, or interact with our Sites, products and services. Information may include your contact information (such as your name, address, phone number and email), profile photo, bank, billing or payment information (collected by us or our third-party payment processor), usernames and credentials.

·       Identification information. We collect information to verify your identity, including your name, social security number, social insurance number, driver’s license numbers, government-issued identification details, for example, to verify your identity or to help you file your tax return.

·       Customer support, product research, training and feedback. We may collect personal information when you reach out to us for support, give us feedback, participate in optional surveys, product research or training and you choose to share.

·       Device information. We may collect information about your device such as Internet Protocol (“IP”) addresses, log information, error messages, device type, and unique device identifiers. For example, we may collect IP addresses from you as part of our sign-in and security features.

·       Content. We may receive information about your business, your finances, expenses, invoices, financial statements, details of your financial transactions, payroll details, payment details, tax return details, details about your customers or vendors or employees, income and wage information, and/or investment information.

·       Third-party service content. We receive information about you when you sign in to a third-party service with your CrossLink Account or when you connect your CrossLink Account to a third-party service. For example, you may choose to connect your CrossLink Account with your bank accounts. To sync your financial account information, we must access your financial account information.

·       Usage information. We may collect usage information such as the pages you viewed, the features you use, your browser type and details about any links with which you interact.

·       Location information. Certain features in our Sites, products and services may collect your precise location information, device motion information, or both, if you grant permission to do so in your device settings.

·       Information from cookies and other technologies. CrossLink and our service providers may use commonly used tools such as cookies, web beacons, pixels, local shared objects and similar technologies to collect information about you.

• Information you provide to us to prepare or file a tax return using our Sites, products and services, which information may include your Social Security Number, date of birth, income, employment status, marital status, claimed deductions, credits, and other information necessary to accurately complete your tax return (collectively, “Tax Return Information”).
• Information that you make available to us via a social media platform, including content that you post on our social media pages and community pages.
• Information you submit to inquire about or apply for a job with us.
• Information you provide when you provide customer testimonials or feedback; post comments on our blog or community forums; or participate in our surveys, promotions, marketing events, trade shows, webinars, conferences, training, or product research.
• Any other information you submit to us.

Information We Get Automatically.

We and partners working on our behalf may use cookies, web beacons, pixels, tags, or other digital tracking technologies to collect the following information from the device you use to interact with our Sites, products and services:

• Internet Service Provider.
• Device information. We may collect information about your device such as Internet Protocol (“IP”) addresses, log information, product usage, error messages, device type, and unique device identifiers.
• Operating system and browser type.
• Usage information. We may collect analytical information about how you interact with our Sites, products and services including usage information such as the pages you viewed, mouse clicks, movements, and scrolling activity, the features you use and details about any links with which you interact.

Our Sites, products and services may change over time, and we may introduce new features that may collect new or different types of information.

For more information about cookies see “Cookies and Other Tracking Technologies” below.

You may be able to limit access of some of these technologies at the individual browser or device level; however, this limitation may disable or limit some of the features offered.

Information Provided by Others.

Our Sites, products and services are designed to connect with other people and organizations. Therefore, others may be able to input information about you. You may also be able to input or process information about others. If you input information about others into our Sites, products and services, you must only do so if you have first received the appropriate rights and permissions to do so, including by getting advanced written consent, if required by applicable law.

Other Information Sources.

We may also get information about you from other sources, where permitted by applicable law. We protect and process information obtained from those parties as described in this Privacy Policy, consistent with any additional restrictions imposed by the source of the information. Our sources may vary over time and depend upon how you use our Sites, products and services. For example, we receive information from:

• Your service providers. If you choose to sync to a non-CrossLink account/service with your account, we will receive information from that account/service according to your settings with that account/service.
• Supplemental information and identity verification providers. Service providers who help us verify your identity, the specifics of your business, and/or supplement the information you have provided and ensure the accuracy of your information.
• Customer Support providers. Service providers who provide us with information about you or your interaction with our Sites, products and services for troubleshooting purposes.
• Other users. As described in the section “Information Provided By Others”, we may get information about you from other users.
• Cybersecurity & anti-fraud providers. We may receive information from service providers who help combat fraud, illegal activity and to help protect your personal information.
• Communication providers & social networks. We may collect information from email providers, communication providers, and social networks.

·       Joint offerings. We may engage in joint-marketing activities with others.

·       Publicly available Sources. We collect information from publicly available sources.

·       Government agencies. We receive information from government agencies, including various tax agencies.

How We Use Your Information.

We may use the information we collect for the following purposes:

• Tax preparation and related services: Section 301-7216 of the Internal Revenue Code (“Section 7216”) specifically governs the use and disclosure of “Tax Return Information” as that term is used in Section 7216. Some states may also have additional laws and regulations related to the use and disclosure of the same information. We use Tax Return Information only in accordance with those applicable laws and regulations to prepare and assist in preparing a tax return, to provide services associated with preparing a tax return, and to provide you with other products and services you specifically request or consent to, unless otherwise allowed under applicable law.
• Service functionality: To complete purchases of products and services you request, including processing payments, fulfilling orders, and service communications, as well as to conduct general business operations, such as accounting, and send you information related to our products and services, including confirmations, invoices, technical notices, updates, security alerts, training and support, and administrative messages.
• Service improvement: As permitted by law, to improve our Sites, products and services, analyze our customer base and purchasing trends and the effectiveness of our marketing.
• Customer support: As permitted by law, to address questions submitted to our customer or technical support systems and to send updates or security alerts.
• Marketing, advertising, and promotions: As permitted by law, to send marketing messages; to provide notification of new or related products and services, enhancements and promotions; and to personalize advertisements that you see on our Sites and third-party online platforms and to measure the effectiveness of our advertising.  For example, we may use your personal information, such as your email address or phone number, to contact you about products or information we think might be of interest to you. 
• Personalization: To personalize your online experience, such as by recording your preferences and settings.
• Security and fraud prevention: To monitor and investigate fraud, identity theft, and other illegal activity; to protect your rights and the safety of others; and to protect and secure our Sites, products and services, assets, network, and business operations.
• Legal compliance: To comply with legal process, such as subpoenas, court orders, warrants, and other lawful regulatory or law enforcement requests, and to comply with legal requirements. To enforce, remedy or apply our terms and conditions or other agreements.
• For other purposes that are compatible with the disclosed purposes if and where this is permitted by applicable law.

Unless allowed by applicable law and we have your consent, we do not:

• Sell your personal information for money;
• Use Tax Return Information to market products or services unrelated to tax preparation; or
• Share your personal information with third parties for use in their own business.

How We Share Your Information.

The privacy and security of your information is important to us. We may share your information with the following types of entities or in the following circumstances:

• IRS and State Revenue Authorities: We disclose Tax Return Information only in accordance with your requests, such as when filing a tax return with the IRS or state revenue authority, or as allowed by applicable law (including certain permitted disclosures to other tax preparers or providers of auxiliary services).
• Public Authorities: CrossLink may be required to preserve and disclose personal information including Tax Return Information, and any part thereof, without your consent as provided by law, such as, to respond to lawful requests by authorities, including to meet national security or law enforcement requirements, a subpoena or court order, judicial process or bankruptcy proceedings, or regulatory authorities to protect against fraud and in compliance with the IRS Security Summit. We may also disclose your personal information when we believe disclosure is necessary to protect your rights and safety, or the rights and safety of others. We may disclose your information to federal, state, or local officials to assist in the investigation or prosecution of a crime. As permitted by law, we may disclose your information to the IRS and Information Sharing and Analysis Centers (ISACs) to prevent stolen identity refund fraud (SIRF) and as related to potential cyber security threats.
• Financial Services Providers: We may share personal information with collection agencies, credit bureaus and loan service providers, financial product underwriters and payment card association members. Late payments, missed payments, or other defaults on your account may be reflected in your credit report and consumer report. We may also share your personal information with other companies, lawyers, credit bureaus, agents, government agencies, and card associations in connection with issues related to fraud, credit, or debt collection.
• Acquiring Businesses: Your information may be disclosed in connection with an actual sale, merger, acquisition, dissolution, or transfer of all or a portion of our business or relevant operating unit. We reserve the right to transfer your information as part of the transaction.
• Affiliates: We may share information about you and the products and services you have purchased from us to members of the CrossLink Family of Companies, all of whom follow this Privacy Policy, for everyday business purposes (as described in this Policy) as well as for marketing purposes.
• Service Providers: In some cases, your information may be disclosed to our service providers to complete a product purchase, to fulfill a service you request, or to market one of our products or services. Our service providers include companies that use Web analytics software or tools, deliver downloadable products, offer online software applications, or send emails on our behalf. Not all service providers may be applicable to you. Some service providers are only relevant if you use certain tax forms or otherwise prepare a tax return using our software. While these relationships may require us to share information, our service providers are prohibited from using your information other than to act on our behalf.
• Joint Marketing and Custom Label Partners: We may provide information to individuals or companies with whom we have a joint marketing arrangement and/or that custom-label our products and services. We require all marketing and custom-label partners to have written contracts with us that require them to safeguard your information and prohibit them from selling, retaining, using, or disclosing your information for any purpose other than performing the contract. We only share Tax Return Information with custom-label partners as permitted under Section 7216.
• Online Advertising Partners: We partner with companies that assist us in advertising our services, including partners that use cookies and online tracking technologies to collect information to personalize, retarget, and measure the effectiveness of advertising.
• Social Media Platforms: If you interact with us on social media platforms, the platform may be able to collect information about you and your interaction with us. If you interact with social medial objects on our Sites, both the social media platform and your connections on our Sites may be able to view that activity. To control the sharing of information, please review the privacy policy of the relevant social media platform.
• Other Visitors: We may post customer testimonials on our Sites. These testimonials may contain personal information such as a customer’s name. We will obtain your consent to use your name prior to posting your testimonial. If you wish to update or delete your testimonial, contact us. Our Sites also offer publicly accessible blogs and/or community forums. Any information you provide in these areas may be read, collected, and used by others who access them. To request the removal of your personal information from our blog or community forum, contact us.
• Integrated Third Party Products and Services: Other companies’ products, services and applications may use or integrate with our Sites, products and services (“Non-CrossLink Services”). If you choose to link, sync or otherwise use any of these Non-CrossLink Services you consent and direct us to share your information, including personal information, to the company providing the Non-CrossLink Services. Non-CrossLink Services are subject to the applicable terms and privacy statement of the company providing the service.
• Third-Party Event Partners. When you register for or attend one of our events, we may share the information you provide at registration or with us during the event with our event partners.  These third parties may use your information to provide you with information about their own products and services.
• Third-Party Content or Advertising Partners. When you use our Sites, products and services, third parties that provide content, advertising, or functionality to the Sites, products and services may collect or receive information about you and/or your use of the Sites, products and services, including through the use of cookies, beacons, and similar technologies.  These third parties may use your information to provide you with advertising that is based on your interests and to measure and analyze ad performance, on our Sites, products and services or other websites or platforms, and combine it with information collected across different websites, online services, and other devices. These third parties’ use of your information will be based on their own privacy policies.  

Links to Other Websites.

Our Sites may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other websites. We encourage our users to be aware when they leave our Sites and to read the privacy policy of each website that collects personally identifiable information.

Third-Party Payment Processor.

We may use a third-party payment processor for payments. CrossLink does not store credit card details and instead relies on our third-party payment processor for this. Furthermore, in connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to our third-party processor whose use of your personal information is governed by their privacy policy. Please contact CrossLink support for third-party payment processor information.

Information Retention.

Unless you specifically ask us to delete your personal information, we retain your personal information as long as it is necessary to comply with our data retention requirements and provide you with our products and services. However, even if you request a deletion, we may be required to maintain your information for as long as necessary to:

1. comply with our legal or regulatory compliance needs;
2. to exercise, establish or defend legal claims; and/or
3. to protect against fraudulent or abusive activity on our service.

This means we may keep different information for different periods.

There may be occasions where we are unable to fully delete, anonymize, or de-identify your information due to technical, legal, regulatory compliance or other operational reasons. Where this is the case, we will take reasonable measures to securely isolate your personal information from any further processing until such time as we are able to delete, anonymize, or de-identify it.

If you wish to cancel your account or request that we no longer use your information to provide you with our products and services, contact us.

Keeping Your Information Safe is Important to Us.

The security of personal information is extremely important to us. We employ security measures consistent with standard industry practices to prevent unauthorized access to your personal information collected. In addition, CrossLink meets all rules and regulations relating to data protection and security for the tax industry promulgated by the Internal Revenue Service and its Security Summit.

For example, we:

·     Constantly work to review and update our security practices and procedures and implement accepted best methods to protect your personal information.

·     Comply with applicable laws and security standards.

·     Securely transmit your sensitive personal information.

·     Train our staff and require them to safeguard your data.

You play a critical role in protecting your information by maintaining up-to-date computer security protections and by not sharing your username or password with anyone. NEVERTHELESS, NO DATA TRANSMISSION OVER THE INTERNET, OR METHOD OF ELECTRONIC STORAGE, IS 100% SECURE. THEREFORE, WE CANNOT GUARANTEE THE ABSOLUTE SECURITY OF YOUR INFORMATION.

We do not Knowingly Collect Information from Children.

Our Sites, products, and services are not targeted at children of any age, and we do not collect information from children under age 16. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information.

Changes to our Privacy Policy.

We may make changes to this Privacy Policy from time to time. The “Effective Date” at the top of this page shows when this Privacy Policy was last revised. Any changes will become effective when we post a revised version of this Privacy Policy on the Sites. Notification of changes may be made by email or by means of a notice on the Sites. We encourage you to review this Privacy Policy periodically to remain informed about how we are protecting your data.

Cookies and Other Tracking Technologies.

How We Use Cookies

We use cookies or similar technologies to analyze trends, administer our Sites, track users’ movements on our Sites, products and services, mobile applications, co-branded offerings and other third-party sites, and gather demographic information about our user base as a whole.

We may receive reports based on the use of these technologies on an individual as well as aggregated basis. We use cookies for remembering user settings. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use the Sites, but your ability to use some features or areas of our Sites, products, and services may be limited. As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. We do this to improve our Sites, products and services and to deliver relevant ads and track ad campaign performance and efficiency.

We work with third parties to provide services on or help us improve our Sites. To disable or reject third-party technologies, please refer to the relevant third party’s website. 

How to Manage Your Cookies

You can also set your Internet browser to warn you each time a cookie is being sent or to turn off all cookies (except Flash cookies). Use the links below to learn how to manage cookies from your browser or navigate to your browser’s Help menu for more information.

·       Google Chrome

·       Microsoft Edge

·       Microsoft Internet Explorer

·       Mozilla Firefox

·       Safari (on Mac)

You can also use third-party tools to identify and make additional choices about many technologies, including cookies. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored. Please note that cookie management tools provided by certain browsers will not remove Flash cookies. To learn how to restrict and block Flash cookies, visit the Adobe website here. As with any cookie, if you do restrict Flash cookies, there may be some features that you won’t be able to use.

Most mobile devices allow you to manage how other technologies, such as unique identifiers, are set and used. Please reference your mobile operating system support documentation to learn more.

The following websites provide more information about your choices to opt-out of tracking through certain third-party advertising and analytics cookies:

• Digital Advertising Alliance: DAA’s opt-out page provides information on companies that participate in its WebChoices tool and how to opt out using its browser tool.
• Network Advertising Initiative: NAI’s opt-out page provides information on its member companies that deliver tailored online ads and your choices to opt-out of receiving them.
• TrustArc: TrustArc’s opt-out page allows you to send requests to the companies that place cookies in your browser.

Please note: Even if you opt out of cookies or targeted advertising, you will still receive advertisements, but they may not be tailored to your interests. The choice to opt out of certain technologies may affect, alter, or eliminate the functionality of certain features of the products and services offered by CrossLink.

Your Information Rights and Choices.

You have control over your personal data and how it’s collected, used, and shared. You have the right to access any information held by CrossLink that you either input directly or information collected as described above, subject to our information retention policy.

If you wish to manage any of the following, please contact us.

Request a Copy of your Information.

Upon request, CrossLink will provide you with certain personal information you specifically request.  

Change or Correct Personal Information.

You may view, manage, and/or make changes to your personal information.

Opt-Out of Technologies.

You may choose to opt out of certain technologies used on our Sites, including those used for online advertising purposes. However, the choice to opt out of certain technologies may affect, alter, or eliminate the functionality of certain features of the products and services offered by CrossLink.

If you exercise these options, please be aware that you may still see advertising, but it will not be personalized.

Opt out of Email Communications.

To unsubscribe from receiving general marketing messages from us, please contact us. You may also choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in those emails or newsletters. If you choose to stop receiving our newsletter or marketing emails, we will continue to send you necessary service and transactional communications.

Verification.

To help protect the privacy and security of your information, you may be asked to provide additional information to verify your identity and/or ownership rights prior to us exercising your data rights.

California Resident Rights

This describes the rights of Californians under the California Consumer Privacy Act of 2018, which was amended by the California Privacy Rights Act of 2020 (together, “CCPA”). The CCPA requires businesses like us to provide certain information to California consumers. This contains the following four parts:

• You Can Opt Out of Our Sharing Your Personal Information. We Do Not Sell Your Personal Information.
• Your CCPA Rights
• The CCPA Categories of Personal Information We Collect and the Sources
• The CCPA Categories of Personal Information We Disclose for a “Business Purpose”

You Can Opt Out of Our Sharing Your Personal Information. We Do Not Sell Your Personal Information.

You can opt out of us sharing your personal information by contacting us or filling out the Do Not Sell or Share My Personal Data Form which is located on our Sites’ main page. The CCPA requires us to disclose if we share your personal information. We may share your personal information, including information about your visits to our Sites, with our partners in order to market CrossLink’s products and services to you on other platforms.

We do not sell your personal information.

Your Rights Under the CCPA

The CCPA provides Californians with the following rights:

Requests for Information.

You (or your authorized agent) can request a copy of your personal information. Under the CCPA, you can also request that we disclose how we have collected, used, and disclosed your personal information over the past 12 months, including the categories of personal information we collected and our purposes for doing so; the categories of sources for that information; the categories of third parties with whom we shared it or disclosed it for a business purpose and our purposes for doing so. Companies that sell personal information (we do not) must make additional disclosures.

Your Right to Opt-Out of Sales.

We do not sell personal information, so we don’t have an opt-out.

Your Right to Opt-Out of Sharing.

Under the CCPA, you can opt out of the sharing of your personal information with third parties for cross-context behavioral advertising purposes. You can direct us not to share your personal information as described above.

Your Right to Limit the Use of Sensitive Personal Information.

Under the CCPA, you can limit a business’s use and disclosure of your sensitive personal information to certain purposes specified by law (e.g., providing you with services you request or preventing fraud, or for other purposes that don’t involve deriving your attributes). We only use sensitive personal information for such permitted purposes, so we don’t have an opt-out.

Nondiscrimination for Exercising Your CCPA Rights.

The CCPA prohibits businesses from discriminating against you for exercising your rights under the law. Such discrimination may include denying services, charging different prices or rates for services, providing a different level or quality of services, or suggesting that you will receive a different level or quality of goods or services as a result of exercising your rights.

Your Right to Correct Inaccurate Personal Information.

You can edit much of your personal information through your account with us (such as your profile information). You can also request that we correct inaccurate personal information.

Your Right to Delete Personal Information.

You can request that we delete your personal information by requesting that we deleted your CrossLink Account or by requesting we delete specific information about you. We honor such requests unless an exception applies, such as when the information is necessary to complete the transaction or contract for which it was collected or when information is being used to detect, prevent, or investigate security incidents, comply with laws, or identify and repair bugs.

The CCPA Categories of Personal Information We Collect and the Sources

Our Privacy Policy describes the information we collect and its sources. The chart below organizes the personal information categories set forth in the CCPA.

CCPA Personal Information Categories and corresponding sources of this info.