SDO CPA LLC

Last updated: 2025-12-07

Overview

This Privacy Policy describes how SDO CPA LLC (“firm,” “we,” “us,” or “our”) collects, uses, maintains, and discloses information when you use our website (sdocpa.com), our client portal, and our professional accounting, tax, and consulting services.

SDO CPA LLC is located at 214 S Main St, Suite 101C, Duncanville, Texas 75116. You may contact us at 972-296-0981 or contact@sdocpa.com.

This Privacy Policy applies to information collected through our website, client portal, and professional services. It does not apply to information collected by third parties, including through any application or content that may link to or be accessible from our services.

Regulatory Framework

As a CPA firm providing tax preparation and financial services, we are subject to multiple privacy and data security requirements, including:

Gramm-Leach-Bliley Act (GLBA) and FTC Safeguards Rule: We maintain a Written Information Security Plan (WISP) as required by 16 C.F.R. Part 314.

IRS Publication 4557: We follow IRS guidance on safeguarding taxpayer data.

IRC §7216: We comply with federal restrictions on disclosure and use of tax return information.

AICPA Code of Professional Conduct: We adhere to the confidentiality requirements of Rule 1.700.001.

Texas Data Privacy and Security Act (TDPSA): Effective July 1, 2024, we honor consumer rights under Texas Business and Commerce Code Chapter 541.

Texas State Board of Public Accountancy: We comply with 22 TAC §501 regarding confidentiality of client information.

Information We Collect

Information You Provide

When you engage our services, create an account in our client portal, or communicate with us, we may collect: name and contact information (email, phone, mailing address); Social Security numbers, taxpayer identification numbers, and dates of birth; financial information including income, expenses, assets, liabilities, and bank account details; business information including entity structure, ownership, and operations; employment information; investment and retirement account details; real estate and property information; foreign financial account and asset information; health insurance coverage information; and other information necessary to provide our services.

Information We Collect Automatically

When you visit our website, we automatically collect: IP address and domain name; browser type and operating system; pages visited and time spent on our website; referring website addresses; and device identifiers.

Cookies and Tracking Technologies

We use cookies and similar technologies to collect information about your browsing activities. You can instruct your browser to refuse cookies, but some features of our website may not function properly without them. We use Google Analytics to analyze website traffic. We do not sell your personal data or use it for targeted advertising.

How We Use Your Information

We use your information to: provide tax preparation, bookkeeping, compilation, and consulting services; prepare and file tax returns with the IRS and state agencies; communicate with you about your engagement and deliverables; respond to government inquiries on your behalf when authorized; comply with legal and regulatory requirements; improve our services and website; send newsletters and educational content (with your consent); and maintain the security of our systems and your data.

Disclosure of Your Information

As a general rule, we do not disclose nonpublic personal information about our clients or former clients to anyone except as described in this policy or as permitted by law and our professional standards.

We may disclose your information:

To government agencies: As necessary to file tax returns, respond to notices, or comply with legal process (subpoenas, summons, court orders).

To service providers: We use third-party service providers to assist in delivering our services. All service providers are contractually required to maintain confidentiality and may only use your information to provide services on our behalf.

For professional reviews: In the course of a peer review or investigation by a state or national licensing board.

In connection with a business transfer: If we sell or merge our practice, we will take appropriate precautions (such as confidentiality agreements) to protect your information.

In legal proceedings: To defend against or pursue legal claims, disclosing only information necessary and taking reasonable precautions to limit public disclosure.

Third-Party Service Providers

We use the following categories of service providers to deliver our services:

Client Portal and Practice Management: TaxDome Inc. provides our secure client portal for document sharing, e-signatures, and communication.

Tax Preparation Software: Professional tax software for return preparation and e-filing.

Accounting Software: QuickBooks Online or similar platforms for bookkeeping services.

Cloud Storage: Secure cloud storage providers for document retention.

Email and Communication: Email service providers for client communication.

Payment Processing: Payment processors for billing and collections.

All service providers are selected based on their security practices and are contractually bound to protect your information. We require service providers to maintain appropriate safeguards and to use your information only for the purposes specified.

Data Security

We maintain a Written Information Security Plan (WISP) that includes administrative, technical, and physical safeguards designed to protect your information. Our security measures include: encryption of data in transit and at rest; multi-factor authentication for system access; access controls limiting employee access to information needed for their job functions; regular security training for all personnel; secure disposal of documents and electronic data; monitoring and testing of security controls; and incident response procedures.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to using commercially reasonable measures to protect your data.

Data Retention

We retain your information for as long as necessary to provide our services and comply with legal, regulatory, and professional requirements. Generally, we retain tax return workpapers and supporting documents for a minimum of seven (7) years after the filing date or the date the return was due, whichever is later. After the retention period, we securely destroy physical documents by shredding and electronic data by methods that render it unrecoverable.

Your Privacy Rights

Texas Residents (TDPSA)

Under the Texas Data Privacy and Security Act (effective July 1, 2024), Texas residents have the right to: confirm whether we are processing your personal data; access your personal data; correct inaccuracies in your personal data; delete your personal data (subject to exceptions); obtain a portable copy of your personal data; and opt out of the sale of personal data (we do not sell personal data).

To exercise these rights, contact us at contact@sdocpa.com or 972-296-0981. We will respond within 45 days. If we cannot fulfill your request, we will explain why. You may appeal a denial by contacting us in writing, and we will respond within 60 days.

Tax Return Information (IRC §7216)

Federal law imposes restrictions on how tax return preparers may use and disclose tax return information. We will not disclose your tax return information to third parties without your written consent, except as permitted or required by law. We may request your consent for specific disclosures, such as sharing information with your mortgage lender or other advisor.

Marketing Communications

You may opt out of receiving marketing emails by clicking “Unsubscribe” in any marketing email or by contacting us at contact@sdocpa.com. Opting out of marketing communications does not affect transactional communications related to your engagement.

Client Portal

We provide a secure client portal (powered by TaxDome) for document sharing, electronic signatures, and communication. The portal uses encryption and secure authentication. You are responsible for maintaining the confidentiality of your login credentials. If you believe your account has been compromised, notify us immediately.

Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you as required by applicable law. For breaches affecting 500 or more individuals, we will notify the FTC as required by the Safeguards Rule. We maintain an incident response plan to address security incidents promptly.

Children’s Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13 except as necessary to provide tax services to families (such as claiming dependents on tax returns). If we learn we have collected personal information from a child under 13 without parental consent, we will delete that information.

Links to Third-Party Websites

Our website may contain links to third-party websites. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party websites you visit.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this policy indicates when it was last revised. We encourage you to review this policy periodically. Continued use of our services after changes constitutes acceptance of the updated policy.

Contact Information

If you have questions about this Privacy Policy or our data practices, contact us at: