top of page

Security Privacy

​

Effective Date: [Insert Date]
Last Updated: 11/2024

 

At GMG Tax, Insurance & Business Services, we prioritize the security of your personal and financial information. This Security Policy outlines the measures we take to protect your data and ensure compliance with applicable California laws, including the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).

 

1. Information We Protect

 

We are committed to safeguarding the following categories of personal and financial information:

  • Personal Identifiers: Name, address, email, phone number.

  • Financial Information: Social Security numbers, tax records, payment details.

  • Sensitive Business Information: Business financials, insurance policy details.

  • Internet Activity: IP addresses, browser type, website interactions.

 

2. Security Measures

 

We have implemented the following measures to protect your information from unauthorized access, use, or disclosure:

  1. Data Encryption:

    • Sensitive data is encrypted during transmission using SSL/TLS protocols and securely stored at rest.

  2. Access Controls:

    • Access to personal and financial data is limited to authorized personnel only.

    • Employees are trained regularly on security best practices.

  3. Firewalls and Intrusion Detection:

    • Advanced firewalls and intrusion detection systems are in place to block unauthorized access.

  4. Regular Security Audits:

    • Routine audits are conducted to identify and address vulnerabilities.

  5. Data Minimization:

    • Only necessary data is collected and stored to meet service and legal obligations.

 

3. Breach Notification

 

In the event of a data breach, we will:

  • Notify affected individuals promptly as required by California's Data Breach Notification Law (Cal. Civ. Code § 1798.29).

  • Provide details about the breach, including the type of information compromised and steps taken to mitigate the issue.

  • Offer guidance to affected individuals on protecting their information.

 

4. Your Responsibilities

 

While we implement robust security measures, we encourage you to:

  • Use strong, unique passwords for your accounts.

  • Avoid sharing sensitive information over unsecured networks.

  • Notify us immediately if you suspect unauthorized access to your data.

 

5. Third-Party Services

 

We may collaborate with trusted third-party service providers to:

  • Process payments securely.

  • Manage client accounts efficiently.

  • Provide IT support and hosting services.
    These providers are required to adhere to strict data security standards.

 

6. Data Retention and Disposal

  •  

  • Personal and financial information is retained only as long as necessary to meet service needs or legal requirements.

  • When data is no longer needed, it is securely disposed of using industry-standard methods.

 

7. Updates to This Policy

 

We may update this Security Policy periodically to reflect changes in our practices or legal requirements. Any updates will be posted on this page with a revised "Last Updated" date.

 

8. Contact Us

 

If you have questions or concerns about this Security Policy, please contact us:

​​

 

​

bottom of page