Our Privacy Policy contains the following sections:

Information for Prospective Customers.  This section describes the types of personal information we collect from and about representatives of the organizations that we desire to sell our Services to, our purposes for processing it, and how long we retain the various types of data.

Information for Customers. This section describes the types of data we process (which we call Customer Data, Business Record Data, and Administrative Data) in connection with providing our Services to our customers and the related operation and improvement of our Services and our business, as well as the purposes for processing, and how long we retain the various types of data.

General Information.  This section describes our processing of personal information related to categories of third parties to which personal information is or may be disclosed, as well as information about updates to this Privacy Policy, managing your personal information, your rights, and how to contact us with questions about this Privacy Policy or, as applicable, to exercise your rights.

INFORMATION FOR PROSPECTIVE CUSTOMERS

This section applies to you if you are a visitor to our website, if you have attended a Haven-organized or Haven-sponsored event (whether online or in person), if we have obtained your contact information in the context of our other marketing and sales activities (for example, via a referral, lead purchase, or marketing survey), or if you are in the process of purchasing our Services on behalf of your employer.

Information We Collect About You and How We Collect It Categories of personal information we collected in the context of our sales and marketing efforts in the last twelve months and sources from which we obtain personal information are set forth in the table below: We collect or may collect several types of information from and about you and other users of the Services, including:

• Information by which you may be personally identified, such as name, e-mail address, and the name of the company at which you work (“personal information”);
• Accounting and financial information through the accounting files that you connect with us (e.g., Xero, Quickbooks Online, etc.) and/or the financial accounts you give us access to;
• Financial and billing information;
• Analytics information;
• Information that is about you but individually does not identify you, such as IP address and date and time of visit;
• Information from your device, including contact information;
• Usage details and information, including how you communicate with other users of the Services, such as the time, date, sender, and your interactions with messages (such as when you open a message or capture a screenshot);
• Device, internet, and mobile information such as the hardware model, operating system version, unique device identifiers, browser type, language, wireless network, and mobile network information (including the mobile phone number);
• Location information when you use the Site or Haven Services;
• Information that you provide by registering or filling in forms or applications on or through the Site or in connection with the engagement agreement, including in connection with registering to access and use the Services;
• When you report a problem with the Site or any of the Haven Services;
• Records and copies of your correspondence (including e-mail addresses), if you contact us; and/or
• Details of transactions you carry out through the Site and any of the Haven Services.

The Haven Services permits customers to share and manage information by uploading and submitting data or content that can be shared, stored, and accessed through the Haven Services (“Customer Data”). If that Customer Data include personal information, we process any personal information contained in such Customer Data in the role of a processor on behalf of a customer (and/or its affiliates) who is the controller of the personal information. This Policy does not cover Customer Data, including any personal information contained in it. Customers control the nature of Customer Data and are the data controllers, and are required to provide all necessary notices and obtain all necessary consent from any individual. We are a data processor of such Customer Data, which means we only use it as directed by our customers. We collect this information:

• Directly from you when you provide it to us;
• From your third-party accounts (such as bank accounts, Quickbook accounts, and billing and invoicing accounts) that you enable us to access through your Login Credentials;
• Automatically as you navigate through or use the Site and the Haven Services through the use of cookies and tracking technologies; and
• From third parties, such as our business partners and other third parties, including Service Providers as discussed below, that provide us or you with certain services.

Certain web transactions may also involve your calling or emailing us or our emailing or calling you.

How We Use Your Information

We collect and process personal information for the business purposes of marketing and selling our Services.  We process your personal information with the goal of entering into an agreement to provide our Services with your employer or organization with which you are affiliated.  This includes, for example:

• Sending you marketing communications like emails or newsletters to (1) make you aware of, or provide you with information you have requested about, our Services or the services of our partners, (2) engage with you, and (3) analyze and improve our marketing efforts based on your engagement with our marketing communications, including analyzing whether you opened an email and how you interacted with it.  
• Communicating with you during the sales process, including, for example, via email, SMS, call or video conference. During the sales process, you may provide samples of your business’s financial data or access to repositories containing such financial data that we use to determine the appropriate Services to quote you.
• Creating, managing, and maintaining lead lists.
• Collecting information about your visits to our websites to (1) collect information about your organization’s needs and your position within your organization, (2) determine how to optimize our sales efforts with respect to your organization, (3) measure and improve the effectiveness of our website, and (4) measure the effectiveness of targeted marketing efforts.  Please see “Operation of our corporate website” below for additional information.
• Analyzing our interactions with you to optimize our sales processes.
• Improving our sales and marketing processes, including training our sales personnel and updating strategies and initiatives.
• Conducting market research and product research and development.
• Conducting surveys for marketing or product research and development purposes, for example, to assess the needs of the industries that we serve.
• Managing event registrations and attendance, including communicating with you about the event.

Operation of Our Corporate Website

Cookies and tracking technologies.

Cookies: We use cookies to operate and administer our Site, gather usage data on our Site and improve your experience on it. A “cookie” is a piece of information sent to your browser by a website you visit. Cookies can be stored on your computer for different periods of time. Some cookies expire after a certain amount of time, or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set in the cookie (as determined by the party placing it) and help recognize your computer when you open your browser and browse the Internet again (persistent cookies).

We also use Google Analytics to analyze how visitors interact with our corporate website.  When you visit one of our websites that has Google Analytics enabled, the URL of the webpage and your internet protocol address are sent to Google so that Google can provide us it’s analytics services.  Google also reads Google Analytics Cookies that are placed on your browser when you visit our corporate website.  Please refer to the Google Privacy & Terms for more information.

Social Media Features. Our corporate website uses social media features, like buttons that enable you to share content on our corporate website on social media platforms (“Social Media Features”). These Social Media Features may collect your internet protocol address and which page you are visiting within our corporate website, and may set a Cookie to enable the feature to function properly. Social Media Features are either hosted by a third party or hosted directly on our corporate website. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features.

Links to other sites.  Our corporate website includes links to other websites whose privacy practices may differ from those of Haven. If you visit or submit personal information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

How long we retain information for prospective customers

We retain your business contact information and related sales and marketing activity in our systems for purposes of maintaining a record of our relationships with customers and prospective customers, analyzing and improving our sales and marketing efforts and Services (including developing new Services based on feedback you may share with us in the course of our interactions with you in the sales and marketing context), complying with legal obligations, resolving disputes, enforcing our agreements, completing any outstanding transactions, and detecting and preventing fraud.  We generally retain this information until the earlier of your request that we delete your information and our determination that we no longer need your information for the purpose of marketing and selling our services to your employer.  We may retain your business email address indefinitely to keep a record of email marketing opt-out or deletion requests.

If you have not identified yourself on our website, the primary marketing tool that we use to monitor website and email marketing activity delete records of your visit or email engagement starting 90 days after your last activity in accordance with its retention policies.

Retention of internet activity information collected by third party website services providers is determined by the applicable third party.

INFORMATION FOR CUSTOMERS

This section applies to you if you are affiliated with one of our customers and would like to understand how we process personal data in the context of providing our Services and operating our business.

Information We Process

In connection with providing our Services, we process Customer Data, Business Records Data, and Administrative Data.  The sections below describe each of these data categories, purposes of processing, and retention period.  The section titled “General Information” describes the categories of third parties to whom personal information is or may be disclosed.

Customer Data.  Customer Data is data provided by our customers or at their direction for the provision of the Services, and excerpts and reports of such data prepared as part of the Services for customers.

Customer Data includes financial and business information of our customers that they provide or make available to us that enables us to provide our Services.  We receive this information directly from our customers or when they authorize us to access third party data repositories (including customer vendors and data aggregating services).  For example, we may import transaction data from a customer’s payment processing service, payroll service provider, bookkeeping software, or other service provider of customer via software integration (such as an application programming interface) or obtain transaction data via log-in information provided by the customer. We may develop ways to obtain transaction information from third party repositories that are more efficient than the initial method, and may update the ways of obtaining transaction data under a customer’s initial authorization.

This financial and business information may include personal information such as identifiers, names of individuals, relationships of individuals with our customers (like job title), and commercial information or employment-related information related to transactions between individuals and our customers (like invoice amounts or payroll amounts), as well as information related to entities (like names, transaction dates, and amounts). Customer Data provided in the context of our tax preparation services commonly includes the names of corporate officers and directors, ownership information, business contact information, and social security numbers of certain individuals for purposes of inclusion in the customer’s tax return or for completion of information returns. Customer Data provided in the context of our stock administration services may include employment status (active or terminated), personal contact information (personal email and address), and social security numbers (if provided by the individual equity holder).

Customer Data also includes financial information that we generate on behalf of our customers in the course of providing our Services, such as reports of financial information provided by our customers or at their direction, which may incorporate personal information.  For example, we prepare financial statements on behalf of our bookkeeping customers, which contains data that we compute on our customers’ behalf.  Depending on the customer’s form of business organization, the financial statements may include the names of individuals as line item names.

For customers who subscribe to more than one of our Services, one Service may obtain Customer Data from another Service to prevent duplicative requests for the same information.  For longer term customers, we may use Customer Data from prior years’ Services for current Services.

IMPORTANT NOTE:  Customers provide us access to third-party systems.  Information practices of these third parties are governed by their privacy policies and data governance programs and are outside of Haven’s control.

How we use Customer Data.  We process Customer Data on behalf of our customers for purposes of providing Services to our customers, and maintaining and improving our Services.  For example:

• Our service delivery personnel review reconciliations of transaction data to prepare financial statements on behalf of our customers.  
• We may create automated rules that increase efficiency in tasks such as categorizations based on learnings from Customer Data.
• We monitor a customer’s expenses to ensure appropriate pricing.
• We track changes in a customer’s business to monitor account health and identify opportunities for customer outreach, for example, if a customer has a financing event we may contact the customer regarding additional offerings.  
• We test and analyze new features of our Services intended to improve their efficiency or to enable customer insights into their financial information. These activities may include processing of Customer Data.
• We make product development investments based on trends in customer behavior.

To Provide Customer Service and Technical Support.  We may also process Customer Data in connection with customer support requests.

For Research, Including Publishing or Sharing Combined Information from Multiple Customers or Users, But Only in a Way that Would Not Allow the Customer or Any Other Person to be Identified. Only in a way that would not allow a customer or any other identifiable person to be identified, we may prepare and share information, such as benchmarking studies, about our customers with third parties, such as advertisers or partners, for research, academic, marketing and/or promotional purposes. We or our third party partners may publicly report the aggregated findings of the research or analysis, but only in a way that would not allow a customer or any other identifiable person to be identified.  For example, we might analyze which vendors our customers most commonly use and disclose the results on our website.  We might sample aggregate expense data from our customers to publish insights on our website.  

How long we retain Customer Data. Except as discussed below in Business Records Data, we retain Customer Data relating to tax preparation for at least seven years from the due date (including extensions) of the related tax filing and we retain other Customer Data for the purposes of assisting former customers (upon request at current hourly rates) with post-termination questions related to our Services as they transition, for example, to a different service provider, complying with legal obligations, resolving disputes, enforcing our agreements, completing any outstanding transactions, and detecting and preventing fraud.  We retain Customer Data until we receive a request to delete it, in which case, subject to any applicable legal requirements, we will take reasonable steps to remove or de-identify Customer Data in our systems that is not contained in Business Record Data.  We retain Customer Data incorporated into our reconciliation rules in a manner that does not identify the customer indefinitely and in accordance with applicable law.

Business Record Data.  In the course of providing our Services, our personnel communicate with representatives of our customers through a number of channels, including email, messaging applications, and conference calls (including video conference calls), all of which generate Business Record Data. Business Record Data includes customer instructions and authorizations that we rely on to provide our Services to our customers, as well as work papers and other information incidental to Service delivery, such as meeting scheduling information and follow up questions to customers (and information relating to our methodology that guides our processes and timing of gathering information from customers in order to provide our Services).  Categories of personal information we collected in Business Record Data in the last twelve months and sources from which we obtain personal information are set forth below:

• Personal identifiers like name, business email address, business phone number and business address from individual points of contact of our customers who correspond with us as we provide our services.
• Employment related information like your employer’s name and your job title from individual points of contact of our customers who correspond with us as we provide our services, for example, a job title commonly appears in an email signature.
• Audio and visual information like recording of your voice and likeness in calls or video conferences with our sales and service delivery personnel from individual points of contact of our customers who participate in calls or video conferences, with their consent.
• Inferences from personal information like customer satisfaction survey results from individual points of contact of our customers who respond to customer satisfaction surveys.

How we use Business Record Data.  We collect and process Business Record Data for our business purposes, which include, for example:

To Provide Our Services and Operate Our Business.  We process Business Record Data to provide our Services and customer support to our customers and for our business purposes, including service delivery management, analysis and improvement, new product and process development, and record keeping.

Customer Service and Technical Support. We may offer various Internet chat services, for example, to speak with a Haven support representative. A transcript of the chat session may be retained to resolve questions or issues related to our Services.

How long we retain Business Record Data. We retain Business Record Data for the purposes of maintaining documented customer instructions and approvals and a record of our relationships with customers, complying with legal obligations, resolving disputes, enforcing our agreements, completing any outstanding transactions, and detecting and preventing fraud.  We retain this data for as long as we may have a legal reason to keep it, which is up to the end of the longest applicable statute of limitations period.  We may delete this data earlier if we determine that it is not necessary to retain for the purposes mentioned above.  Customer Data may also be included in emails, messages, or call recordings.  To the extent Customer Data exists in our Business Record Data, it is incidental to our business purpose for retaining Business Record Data, and we process this Customer Data only for record keeping and legal purposes, and only in the context of our business relationships with our customers. The retention period for service fulfillment partners providing Haven Tax Services is governed by the service fulfillment partners’ privacy policy and data governance practices.

Administrative Data.  Administrative Data includes information related to Service management (for example, billing information, etc.) and information about the usage of our Services (for example, log data or metadata from service delivery communications and customer interactions, such as email senders and recipients, subject lines, dates of communication, and response times). Categories of personal information we collected in the last twelve months and sources from which we obtain personal information are set forth below:

• Personal identifiers like name, business email address, business phone number, business address, internet protocol addresses and cookie identifiers from you, if you choose to provide this information, individual points of contact of our customers who correspond with us as we provide our services and customer points of contact provide personal information about additional points of contact.
• Employment-related information like your employer’s name and your job title from you, if you choose to provide this information.
• Inferences from personal information like analysis of effective ways to improve our services for all customers from our analysis of metadata that we collect about the use of our products and services.

How we use Administrative Data.  We collect and process Administrative Data for our business purposes, which include, for example:

Account Registration. We may use your name, business address, business phone number, and business email address to register an account for you for certain Services we provide (for example, to create an account in our application) and to communicate important information to you. If you set up an account that may be accessed by people other than you, please note that they may see and have the ability to change or delete your personal information.

To Provide Our Services and Operate Our Business. We may use your information to operate our business, including providing our Services to your employer, providing support related to our Services, and protecting our Services, including to combat fraud and to protect your information.  For example, we collect Usage Information for the purpose of facilitating the proper, efficient, and secure operation of our Services.  For example, we may collect IP addresses to track and aggregate non-personal information, such as using IP addresses to monitor the regions from which users navigate to our Services to comply with US trade restrictions. We may also collect IP addresses from users when they log into the Services as part of our log-in and security features. We use Cookies to remember your preferences and navigation through our application to provide you an efficient experience with our application.

Customer Service and Technical Support. We may use your name, business address, business phone number, business email address, how you interact with our Services, and information about your computer configuration to resolve questions you may have about our Services and to follow up with you about your experience.

Communicate with You and Tell You About Other Services. We may use your business contact information to communicate with you about our Services and to give you offers for third party (for example, our Integration Partners) products and services that we think may be of use to you. Please see below under “General Information—Your Rights and Managing Your Privacy” for the choices you have regarding these communications.

To Improve Services and Develop New Services. We use Administrative Data to personalize or customize your experience and the Services, develop new features or services, and to improve the overall quality of Haven’s Services.  

Feedback. We may use (a) any suggestions that you make to us and (b) information you volunteer in surveys you answer for us, and combine them with feedback and/or answers from other customers, in order to better understand our Services and how we may improve them. Answering any survey is optional.

Research, Including Publishing or Sharing Combined Information from Multiple Customers or Users, But Only in a Way that Would Not Allow the Customer or Any Other Person to be Identified. Only in a way that would not allow a customer or any other identifiable person to be identified, we may prepare and share information about our customers with third parties, such as advertisers or partners, for research, academic, marketing and/or promotional purposes. We or our third party partners may publicly report the aggregated findings of the research or analysis, but only in a way that would not allow a customer or any other identifiable person to be identified.

How long we retain Administrative Data.  We will retain Administrative Data as long as necessary to serve you, to maintain a customer’s account for the entire period during which a customer subscribes to our Services, or as otherwise needed to operate our business.  We retain and use Administrative Data as required by applicable law and Haven’s records and information management policies to comply with our legal obligations, resolve disputes, enforce our agreements, complete any outstanding transactions, and for the detection and prevention of fraud, as well as to improve our Services, develop new services, and for any other business use, including disclosure to third parties or publicly, provided that we will not publicly disclose information that identifies a customer by name or its employees without the customer’s consent, unless otherwise required by law.  We retain Administrative Data until we determine that we no longer need it for the purposes described above.  We may retain different types of Administrative Data for different periods. Currently, we retain a record that a customer’s account existed (and related billing and customer relationship management information) and the individuals who are associated with the customer and who have access credentials and other Administrative Data indefinitely.  

When you close your account, we may continue to communicate with you about our Services, give you important business updates that may affect you, and, unless you have opted out of receiving marketing communications, let you know about products and services that may interest you.

GENERAL INFORMATION

How We Disclose Your Personal Information

In the course of providing our Services and operating our business we disclose personal information outside of Haven.

Vendors & Service Providers.To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with vendors and service providers, including providers of hosting services, cloud services and other information technology services providers, event management services, email communication software and email newsletter services, advertising and marketing services, payment processors, customer relationship management and customer support services, and web analytics services (for more details on the third parties that place cookies through the Site, please see the “Cookies” section above). Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us. We take commercially reasonable steps to ensure our service providers adhere to the Security standards we apply to your Personal Data.

Service Fulfillment Partners.  We work with non-affiliated tax service providers which fulfill certain of our Services. These tax service providers generally contract directly with our customers. With customer consent (1) we disclose customer business contact information to these service fulfillment partners for customer relationship management purposes and (2) we also disclose, or make available with our access, Customer Data to these service fulfillment partners so that they can perform the Haven tax preparation services. Service fulfillment partners may use service providers to process Customer Data in connection with their provision of the Haven tax preparation services.  These partners’ activities are subject to their privacy policies and data governance programs.

Response to Subpoenas and Other Legal Requests We may share information with courts, law enforcement agencies, or other government bodies when we have a good faith belief we’re required or permitted to do so by law, including to meet national security or law enforcement requirements, to protect our company, or to respond to a court order, subpoena, search warrant, or other law enforcement request.  We may also share information with litigants in civil litigation in accordance with our customer agreements and as required by law.

Protection of Haven and Others We may share account information, personal information and Usage Data when we believe it is appropriate to enforce or apply our agreements; or protect the rights, property, or safety of Haven, our Services, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. This does not include selling, renting, sharing, or otherwise disclosing personal information of our customers for commercial purposes in violation of the practices described in this Privacy Policy.

Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.

Business Advisors.  We may disclose information customers provide to us or that we collect or prepare to professional advisors who are subject to professional or contractual confidentiality requirements such as lawyers, bankers, auditors, brokers, and insurers.

De-identified and Aggregated Data

Once de-identified or aggregated in a way that does not permit reidentification, data is not personal information and we may use it for any purpose and retain it for any period.

International Data Transfers

In accordance with and as permitted by applicable laws and regulations, we reserve the right to transfer your information, process and store it outside your country of residence to locations where we or our third party service providers operate. Our service fulfillment partners use personnel who are located outside of the United States. Information that we provide or make available, or that you provide directly, to our service fulfillment partners may, as permitted by law, be transferred outside the United States for purposes of Service fulfillment.

How to Contact Us

If you have questions or comments about this Privacy Policy, please contact us. We welcome your feedback and comments.

Via Email. If you have questions or complaints regarding our Privacy Policy or practices, please contact us by email at taylor[at]tryhaventax.com.

Via Direct Mail. Haven Business Corporation. 132 Constitution Dr Orangeburg, NY 10962.

Changes to our Privacy Policy

From time to time we may change or update our Privacy Policies. We reserve the right to make changes or updates at any time. More information about how we will notify you is below. If we make material changes to the way we process your Personal Information, we will provide you notice via our Services or by other communication channels, such as by email or posting on this website. Please review any changes carefully. If you object to any of the changes and no longer wish to use our Services, you may provide a notice of non-renewal in accordance with your agreement with us. All changes are effective immediately upon posting and your use of our Services after a notice of material change or posting of an updated Privacy Policy shall constitute your consent to all changes.

Your Rights and Managing Your Privacy

Depending on your use of our Services and where you reside, you may have the right to request access to, correct, amend, delete, or object to certain uses of certain personal information (for example, by unsubscribing from direct marketing emails).

We strive to provide you with the ability to exercise these rights yourself via our Services. For example, you can access, update and correct most of your information from your account settings pages. If you cannot exercise a particular right via our Services, you can always email our privacy team at taylor@tryhaventax.com. Please note that if you send us a request relating to your personal information, we have to make sure that it is you before we can respond. In order to do so, we may ask to see documentation verifying your identity.

Please also note that there is a difference between the information we decide to collect for our own purposes (for example, your account sign-up information) and the information our Customers and Accountant Clients direct us to store or process via our Services (for example, names of employees or clients). If you are an individual who wishes to exercise your rights over information that one of our Customers or Accountant Clients may be storing or processing via our Services for their own purposes, you will need to contact the Customer or Accountant Client directly. In this scenario, we are only a service provider acting at their direction, and we cannot decide how to process their information.

California and Virginia Privacy Rights

If the California Consumer Privacy Act (CCPA) or the Virginia Consumer Data Protection Act (VCDPA), applies to you (for example, if you are a “consumer” under the CCPA), you are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes. In order to submit such a request, please contact us at taylor@tryhaventax.com

‍