Privacy Policy
Effective date: July 12, 2026 · Last updated: July 12, 2026. This policy explains, in detail, what information this Site handles, how it is protected, and the rights you hold under United States and international privacy laws.
Effective date: July 12, 2026 · Last updated: July 12, 2026. This policy explains, in detail, what information this Site handles, how it is protected, and the rights you hold under United States and international privacy laws.
Seal & Associates LLC ("the firm," "we," "us") is a tax and accounting firm organized in Arizona with its principal office at 2580 Hwy 95, Ste 111, Bullhead City, AZ 86442. For the purposes of the EU/UK General Data Protection Regulation ("GDPR"), the firm is the data controller of personal information collected through this website, sealandassociates.com (the "Site"). This policy covers information collected through the Site and through inquiries you initiate by phone, text, email or social media in response to the Site. It does not replace, and where inconsistent is superseded by, the confidentiality terms of a signed engagement letter and the professional confidentiality duties described in Section 4.
Information you provide. When you submit the Site's contact form we collect the information you enter: your name, email address, phone number, the service you are interested in, your message, your answer to the human-verification question, and your communication-consent choice. If you call, text, email or message the firm, we collect the contact details and content you choose to share. If you book a consultation through a scheduling tool, we collect the details you provide to book it.
Information collected automatically. Our hosting infrastructure and, if enabled, our security provider (such as Cloudflare) automatically log standard technical data when you visit: IP address, approximate (city-level) location derived from IP, browser type and version, operating system, device type, referring page, pages viewed, timestamps and security signals used to detect bots and attacks. If you choose "accept all" in the Site's consent banner, the Site also runs Google Analytics 4 (provided by Google LLC), which collects pseudonymous usage data such as pages viewed, approximate location, device and browser information, and interaction events, using cookies and similar identifiers. Analytics does not run unless and until you accept. If you choose "essential only," the Site runs no analytics, advertising or fingerprinting scripts and stores only one item in your browser: your cookie-consent choice.
Information from other sources. If you interact with the firm's Facebook page or leave a Google review, we receive whatever those platforms make publicly available. We do not purchase data about you from data brokers.
Sensitive information — please do not submit it through the Site. The contact form is for initial inquiries only. Do not submit Social Security numbers, taxpayer identification numbers, financial account numbers, government ID numbers, health information or similar sensitive data through the Site. Secure channels for documents are provided after an engagement is established.
We use the information described above to: respond to your inquiry and communicate with you about it; schedule and prepare for consultations; evaluate and enter into engagements; provide and administer professional services to engaged clients; send communications you have consented to receive; maintain the security and integrity of the Site, including bot and abuse prevention; comply with legal, regulatory, tax and professional obligations, including record-retention requirements; establish, exercise or defend legal claims; and improve the Site's content and usability in aggregate, non-identifying ways.
Where GDPR or a similar law applies, our legal bases are: your consent (marketing communications, SMS, non-essential cookies — withdrawable at any time); steps prior to entering a contract and performance of a contract (responding to inquiries, providing engaged services); legal obligation (tax, accounting and professional record-keeping); and legitimate interests (site security, fraud prevention, defending claims) balanced against your rights.
As a provider of tax preparation and related financial services, the firm is a "financial institution" for purposes of the Gramm-Leach-Bliley Act and complies with the FTC Safeguards Rule and Privacy Rule, maintaining a written information-security program with administrative, technical and physical safeguards appropriate to the sensitivity of client information. The firm does not sell client information and does not share nonpublic personal information with nonaffiliated third parties except as permitted by law (for example, service providers under confidentiality obligations, or disclosures you authorize).
Federal law provides special protection for tax-return information. Under Internal Revenue Code §§ 6713 and 7216 and Treasury regulations, the firm uses and discloses tax-return information only as permitted by law or with the taxpayer's specific, written consent. State board of accountancy confidentiality rules and AICPA professional standards impose additional duties of confidentiality on client information; where those rules are stricter than this policy, the stricter rules control.
The Site uses Google Analytics 4 for aggregate usage statistics, and nothing else. Analytics is implemented with Google Consent Mode v2 and is denied by default: analytics cookies are set only after you choose "accept all" in the consent banner. Choosing "essential only" keeps analytics off with no loss of functionality. The banner records your choice ("accept all" or "essential only") in your browser's local storage; you can change your mind at any time by clearing the Site's data in your browser settings, after which the banner will ask again. The Site sets no marketing or advertising cookies. The Site does not engage in cross-site tracking, so browser "Do Not Track" and Global Privacy Control (GPC) signals have nothing to disable — but to the extent a GPC signal is legally treated as an opt-out request, we honor it, because we do not sell or share personal information for cross-context behavioral advertising in the first place.
We do not sell personal information, we do not rent it, and we do not share it with third parties for their own marketing. We disclose information only: (a) to service providers that process it on our documented instructions and under confidentiality obligations — website hosting, security/CDN (e.g., Cloudflare), analytics (Google Analytics, only if you have accepted analytics cookies), form processing, scheduling/CRM and communications platforms, and IT support; (b) to professional advisers (such as lawyers or insurers) where necessary to obtain advice or defend claims; (c) to authorities where required by law, subpoena, court order or regulatory demand, or where disclosure is necessary to protect the rights, property, safety or security of the firm, its clients or the public; (d) in connection with a merger, acquisition, financing or sale of the firm's business, subject to confidentiality protections and, where required, notice to you; and (e) with your direction or consent. Client tax-return information is disclosed only as described in Section 4.
We call or text you only about your inquiry and related services, and only where you have provided your number and, for texts, checked the consent box (or texted us first). Consent is not a condition of service. Message frequency varies and message/data rates may apply. Reply STOP to opt out of texts at any time and HELP for assistance; you may also opt out of calls by telling us during any call or through the contact page. Mobile numbers and SMS consent records are never sold or shared with third parties for their marketing.
We keep inquiry information only as long as needed to respond and to evaluate a potential engagement, after which it is deleted or anonymized unless a longer period is required. Records of engaged-client work are retained as required by IRS rules, Arizona Board of Accountancy requirements and professional standards — typically a minimum of seven (7) years for tax workpapers and returns — and then securely destroyed. Security logs are retained for a shorter operational period. Consent records (cookie and SMS choices) are retained as evidence of compliance for as long as legally relevant.
We use administrative, technical and physical safeguards appropriate to the sensitivity of the information we handle, including: encrypted connections (HTTPS/TLS) for all Site traffic; a content-security policy and anti-bot protections on the Site; access controls limiting client information to personnel who need it; secure document-exchange channels for engaged clients rather than email attachments; and vendor due diligence for service providers. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security; you transmit information to the Site at your own risk. If a breach of security affecting your unencrypted personal information occurs, we will notify you and the relevant regulators as required by applicable law, including state breach-notification statutes.
Depending on your state of residence — including under the California Consumer Privacy Act as amended by the CPRA, and the comprehensive privacy laws of Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia and other states as they take effect — you may have the right to: know/access the personal information we hold about you, including the categories collected, the purposes, and the categories of recipients; obtain a portable copy; correct inaccurate information; delete personal information, subject to legal retention exceptions; opt out of the sale or sharing of personal information, of targeted advertising, and of profiling in furtherance of significant decisions; and limit the use of sensitive personal information. We honor these requests from any U.S. resident regardless of state.
For clarity: we do not sell personal information, do not share it for cross-context behavioral advertising, do not use it for targeted advertising, and do not engage in profiling that produces legal or similarly significant effects — so there is nothing to opt out of, but the rights remain yours. California residents: the categories of personal information collected in the preceding 12 months are identifiers (name, email, phone, IP), customer-records information you choose to submit, internet activity (pages visited on this Site), and inferences limited to your stated service interest; sources, purposes and recipients are as described in Sections 2, 3 and 6. California's "Shine the Light" law (Civil Code § 1798.83): we do not disclose personal information to third parties for their direct marketing. We will never discriminate or retaliate against you for exercising any privacy right.
If you are in the EEA, UK or Switzerland, you additionally have the rights of access, rectification, erasure ("right to be forgotten"), restriction of processing, data portability, and objection to processing based on legitimate interests, as well as the right to withdraw consent at any time (without affecting prior processing) and the right not to be subject to solely automated decision-making with legal or similarly significant effects — which we do not conduct. The Site and the firm's services are directed to the United States; if you contact us from abroad, your information will be transferred to and processed in the United States, which may not provide the same level of data protection as your jurisdiction. Where GDPR applies to such a transfer, we rely on your explicit consent given by initiating contact and, with service providers, on appropriate safeguards such as standard contractual clauses. You have the right to lodge a complaint with your local supervisory authority (in the UK, the ICO).
For Canadian residents, we handle personal information consistent with the principles of PIPEDA (accountability, consent, limited collection and use, accuracy, safeguards, openness, access and challenge). Residents of other jurisdictions with privacy laws (such as Australia's Privacy Act or Brazil's LGPD) may exercise the rights in Section 10 by the same methods, and we will apply them to the extent those laws require.
Submit any privacy request via the contact page, by mail to the address in Section 1, or by phone or email using the details on the contact page. Tell us which right you are exercising and the jurisdiction you reside in. We will verify your identity using the information we already hold (never by asking for more sensitive data than necessary), respond within the time required by the applicable law (generally 30–45 days, extendable where the law allows), and keep a record of the request. You may use an authorized agent where the law permits; we will require reasonable proof of the agent's authority. If we decline a request (for example, because tax records must legally be retained), we will explain why and how to appeal, including to your state attorney general where applicable.
The Site is intended for adults and is not directed to children under 13 (or under 16 where a higher age applies). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will delete it promptly, consistent with COPPA and analogous laws.
The firm may use AI-assisted tools in operating the Site and its marketing and scheduling workflows. Any such processing of personal information occurs under human oversight, is limited to the purposes in Section 3, and is never used to train third-party public AI models on your personal information or client data. We do not make automated decisions about you that produce legal or similarly significant effects. Client work product is prepared and reviewed by qualified professionals.
Links on the Site (Google Maps and reviews, Facebook, scheduling and form tools) lead to services with their own privacy practices, which we do not control. Review their policies before providing information to them.
If we change this policy, the updated version will be posted here with a new "last updated" date, and material changes will be highlighted on this page (and, where required by law, notified to you directly). Your continued use of the Site after changes are posted constitutes acknowledgment of the updated policy.
Privacy questions, requests or complaints: Seal & Associates LLC, 2580 Hwy 95, Ste 111, Bullhead City, AZ 86442 · · · or the contact page. We take every privacy inquiry seriously and will respond promptly.