Accountable Holdings Inc. Privacy Policy

Last Updated: January 20, 2026

Effective Date: January 20, 2026

Introduction

Accountable.org ("Accountable," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and services (collectively, "Services").

This Privacy Policy applies to all Accountable Services, including:

  • Tax optimization and planning tools

  • Doc Hub (automated tax document aggregation)

  • Found Money (tax benefit discovery)

  • Financial dashboards and analytics

  • Civic engagement and political prediction features

  • All other current and future Accountable products

Please read this Privacy Policy carefully. By using our Services, you consent to the practices described in this Policy. If you do not agree with this Policy, please do not use our Services.

1. Information We Collect

We collect information to provide, improve, and personalize our Services.

1.1 Information You Provide Directly

Account Information:

  • Full legal name

  • Email address

  • Phone number

  • Date of birth

  • Mailing address

  • Social Security Number (SSN)

  • Password and security questions

  • Profile photo (optional)

  • Communication preferences

Identity Verification Information:

  • Government-issued ID (driver's license, passport)

  • Biometric data (if used for verification)

  • Identity verification answers

  • Credit header information (name, address, SSN verification)

  • Photo identification

Financial Account Credentials:

  • Bank account login credentials (encrypted, not stored by us)

  • Credit card information (for payments)

  • Investment account access information

  • Payroll system credentials

  • Educational institution portal credentials

Payment Information:

  • Credit/debit card numbers (processed by payment processor)

  • Billing address

  • Payment history and transaction records

Tax Information:

  • Previous tax returns

  • Filing status and dependents

  • Income sources and amounts

  • Withholding preferences

  • Deduction and credit information

  • State residency information

Communications:

  • Messages sent through our platform

  • Customer support inquiries

  • Feedback and survey responses

  • Email correspondence

1.2 Financial and Tax Data We Collect

From IRS and Tax Authorities:

  • Tax transcripts (return, account, wage & income)

  • Tax return history

  • Filing status and dates

  • Refund/payment information

  • Current tax balance owed

  • Audit and examination records

From Financial Institutions:

  • Bank account numbers and balances

  • Transaction history

  • Account types and status

  • Credit card transactions

  • Investment holdings and transactions

  • Loan and mortgage information

  • Interest and dividend income

From Employers and Payroll Providers:

  • W-2 forms (wages, taxes withheld)

  • Pay stubs and earning statements

  • Employer name and EIN

  • Retirement plan contributions

  • Health insurance information

  • Stock compensation details

From Educational Institutions:

  • 1098-T forms (tuition statements)

  • 1098-E forms (student loan interest)

  • Enrollment status

  • Scholarship and grant information

From Other Sources:

  • 1099 forms (freelance, contract income, interest, dividends)

  • 1098 forms (mortgage interest)

  • K-1 forms (partnership/S-corp income)

  • Cryptocurrency transaction records

  • Rental property income and expenses

  • Business income and expenses (if self-employed)

1.3 Information Collected Automatically

Device and Usage Information:

  • IP address and location data

  • Device type, model, and operating system

  • Browser type and version

  • Mobile carrier information

  • Device identifiers (UDID, advertising ID)

  • Screen resolution and settings

Activity Data:

  • Pages visited and features used

  • Time spent on pages

  • Click patterns and navigation paths

  • Search queries within our Services

  • Feature interaction data

  • Content views and downloads

  • Button clicks and form interactions

Location Information:

  • IP-based approximate location

  • GPS location (if you grant permission on mobile)

  • Time zone

Cookies and Tracking Technologies:

  • Session cookies

  • Persistent cookies

  • Web beacons and pixels

  • Local storage

  • Analytics identifiers

  • Advertising identifiers

1.4 Information from Third Parties

Account Aggregation Services:

  • Plaid, April TDS, and other data aggregators

  • Financial account connection status

  • Transaction categorization

  • Institution metadata

Identity Verification Providers:

  • Identity verification results and risk scores

  • Fraud risk assessment

  • Watchlist screening results

  • Device fingerprinting data

Data Brokers and Public Records:

  • Address history and change of address data

  • Public records information

  • Demographic information

  • Professional information

Social Media (if you connect):

  • Profile information

  • Email address

  • Friends list (if you grant permission)

Credit Reporting Agencies:

  • Credit header information (NOT your credit score)

  • Name, address, SSN verification

  • Fraud indicators

Government Agencies:

  • Tax information from IRS

  • Benefit eligibility from state/federal agencies

  • Public records

2. How We Use Your Information

We use your information for the following purposes:

2.1 To Provide and Improve Services

Core Service Delivery:

  • Create and manage your account

  • Authenticate your identity

  • Process transactions and payments

  • Connect to financial and tax accounts

  • Retrieve tax documents and financial data

  • Calculate tax optimization opportunities

  • Identify tax credits and deductions

  • Generate financial insights and analytics

  • Provide personalized recommendations

  • Enable civic engagement features

Service Improvement:

  • Analyze usage patterns and trends

  • Improve algorithms and calculations

  • Develop new features and products

  • Conduct research and testing (A/B testing)

  • Enhance user experience and interface

  • Optimize performance and reliability

Personalization:

  • Customize dashboard and recommendations

  • Tailor content to your interests and situation

  • Remember your preferences and settings

  • Provide relevant tips and insights

2.2 Identity Verification and Fraud Prevention

  • Verify your identity during onboarding

  • Prevent identity theft and fraud

  • Detect suspicious activity

  • Monitor for unauthorized access

  • Screen against watchlists and sanctions

  • Comply with Know Your Customer (KYC) requirements

  • Prevent money laundering (AML compliance)

  • Protect against account takeover

  • Validate document authenticity

2.3 Communications

Transactional Communications:

  • Account creation confirmations

  • Service notifications and alerts

  • Tax document availability notifications

  • Payment receipts and billing statements

  • Security alerts and fraud warnings

  • Password reset and account recovery

  • Service updates and maintenance notices

Support Communications:

  • Respond to inquiries and support requests

  • Provide customer service

  • Troubleshoot technical issues

  • Follow up on feedback

Marketing Communications (with consent):

  • Product updates and new features

  • Tips and educational content

  • Special offers and promotions

  • Newsletters and announcements

  • Survey and feedback requests

Legal and Administrative:

  • Policy updates and changes

  • Legal notices and compliance communications

  • Response to legal requests

2.4 Legal and Compliance

  • Comply with tax reporting obligations

  • Respond to legal requests and court orders

  • Cooperate with law enforcement

  • Enforce our Terms of Service

  • Protect our rights and property

  • Comply with financial regulations (GLBA, BSA/AML)

  • Meet IRS and state tax authority requirements

  • Fulfill audit and examination requests

2.5 Analytics and Research

  • Understand how users interact with Services

  • Measure effectiveness of features

  • Conduct market research

  • Create aggregated, anonymized insights

  • Benchmark against industry trends

  • Improve tax optimization algorithms

2.6 Advertising and Marketing

  • Display personalized ads (with consent)

  • Measure ad effectiveness

  • Retarget visitors

  • Promote our Services on other platforms

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

3.1 With Your Consent

We share information when you explicitly authorize us to do so, such as:

  • Connecting to tax preparation software

  • Sharing with financial advisors you designate

  • Participating in partner integrations

3.2 Service Providers and Partners

We share information with trusted third parties who help us deliver Services:

Account Aggregation:

  • Plaid (financial data aggregation)

  • April TDS (IRS transcript retrieval)

  • Other authorized financial data providers

Identity Verification and Fraud Prevention:

  • Jumio, Onfido, or similar verification services

  • Fraud detection platforms

  • Credit reporting agencies (for identity verification only, not credit checks)

  • Anti-money laundering screening services

Cloud Infrastructure:

  • Amazon Web Services (AWS) / Microsoft Azure / Google Cloud

  • Cloud storage providers

  • Content delivery networks (CDNs)

  • Database hosting services

Payment Processing:

  • Stripe, PayPal, or similar processors

  • PCI-compliant payment gateways

  • Billing and subscription management platforms

Communications:

  • Email service providers (SendGrid, Mailchimp)

  • SMS providers

  • Push notification services

  • Customer support platforms (Zendesk, Intercom)

Analytics and Performance:

  • Google Analytics

  • Mixpanel or similar analytics platforms

  • Error tracking services (Sentry)

  • Performance monitoring tools

Marketing and Advertising:

  • Google Ads, Facebook Ads

  • Marketing automation platforms

  • Ad measurement and attribution services

All service providers are contractually required to:

  • Protect your information

  • Use data only for specified purposes

  • Comply with privacy and security standards

  • Not sell or share your data for their own purposes

3.3 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice before your information becomes subject to a different privacy policy.

3.4 Legal Requirements and Protection of Rights

We may disclose information when required by law or when we believe disclosure is necessary to:

Legal Compliance:

  • Comply with court orders, subpoenas, or legal process

  • Respond to government requests

  • Meet regulatory requirements

  • Comply with IRS summons or tax authority requests

Protection:

  • Protect our rights, property, or safety

  • Protect users' rights, property, or safety

  • Prevent fraud or illegal activity

  • Investigate security incidents

  • Enforce our Terms of Service

  • Prevent imminent harm to persons or property

3.5 Aggregated and De-Identified Data

We may share aggregated or de-identified data that cannot reasonably identify you:

  • Industry trends and insights

  • Statistical information about Service usage

  • Research findings

  • Benchmarking data

  • Market analysis

This data may be shared with:

  • Research partners

  • Industry organizations

  • The public (in reports or publications)

  • Business partners

3.6 With Other Users (Limited)

Civic Engagement Features: If you participate in political prediction features or forums:

  • Your username/display name may be visible

  • Your predictions or posts may be public

  • Your profile information you choose to share

You control what information is public through privacy settings.

4. Data Security

We implement comprehensive security measures to protect your information:

4.1 Technical Safeguards

Encryption:

  • TLS 1.3 for data in transit

  • AES-256 encryption for data at rest

  • End-to-end encryption for sensitive data

  • Encrypted backups

Access Controls:

  • Multi-factor authentication for employees

  • Role-based access controls (RBAC)

  • Principle of least privilege

  • Regular access reviews and audits

  • Automatic session timeouts

Infrastructure Security:

  • Firewalls and intrusion detection/prevention systems

  • DDoS protection

  • Web application firewall (WAF)

  • Regular vulnerability scanning

  • Penetration testing (at least annually)

  • Secure development lifecycle (SDL)

Network Security:

  • Virtual Private Cloud (VPC) isolation

  • Network segmentation

  • Secure API gateways

  • Rate limiting and throttling

  • IP whitelisting for sensitive operations

Application Security:

  • Input validation and sanitization

  • SQL injection prevention

  • Cross-site scripting (XSS) protection

  • Cross-site request forgery (CSRF) protection

  • Secure coding practices

  • Regular security code reviews

4.2 Administrative Safeguards

Policies and Procedures:

  • Comprehensive information security policy

  • Incident response plan

  • Business continuity and disaster recovery plans

  • Data retention and destruction policies

  • Vendor management program

Employee Training:

  • Regular security awareness training

  • Privacy and compliance training

  • Incident response drills

  • Secure handling of sensitive data

Background Checks:

  • Background checks for employees with data access

  • Confidentiality agreements

  • Security clearances where appropriate

4.3 Physical Safeguards

  • Secure data center facilities (SOC-certified)

  • Physical access controls

  • Biometric authentication for facility access

  • 24/7 security monitoring

  • Environmental controls (fire suppression, climate control)

4.4 Compliance and Certifications

We maintain or work toward compliance with:

  • SOC 2 Type II (security, availability, confidentiality)

  • PCI DSS (payment card security)

  • GLBA Safeguards Rule (financial data protection)

  • IRS Publication 1075 (tax information security)

  • NIST Cybersecurity Framework

4.5 Incident Response

In the event of a data breach:

  • We will investigate immediately

  • Notify affected users without undue delay

  • Comply with breach notification laws

  • Take steps to prevent future incidents

  • Cooperate with authorities

4.6 Limitations

No system is 100% secure. While we implement strong security measures, we cannot guarantee absolute security against:

  • Sophisticated cyber attacks

  • Zero-day vulnerabilities

  • Social engineering (phishing, etc.)

  • Compromised user credentials

  • Insider threats

  • Third-party service breaches

Your Responsibilities:

  • Use strong, unique passwords

  • Enable two-factor authentication

  • Keep devices and software updated

  • Don't share account credentials

  • Be cautious of phishing attempts

  • Use secure networks (avoid public Wi-Fi for sensitive activities)

  • Monitor account for suspicious activity

  • Report security concerns immediately to security@accountable.org

5. Data Retention

We retain your information only as long as necessary for the purposes described in this Policy and to comply with legal obligations.

5.1 Active Accounts

While your account is active, we retain:

  • All account and profile information

  • Financial and tax data

  • Transaction history

  • Usage and activity logs

  • Communication history

5.2 After Account Closure

When you close your account:

Deleted Within 90 Days:

  • Personal identification information (name, email, phone)

  • Financial account credentials

  • Non-required personal data

  • Marketing lists and preferences

Retained for Legal/Regulatory Compliance:

  • Tax records: 7 years (IRS requirement)

  • Identity verification records: 5 years (AML/KYC requirement)

  • Financial transaction records: 7 years (GLBA, financial regulations)

  • Payment records: 7 years (tax and accounting requirements)

  • Legal hold data: Until resolved (litigation, investigations)

5.3 Backup and Archival Systems

Data in backup systems may persist for up to 90 days after deletion from production systems due to our backup retention schedule.

5.4 Aggregated Data

Aggregated or de-identified data that cannot identify you may be retained indefinitely for:

  • Analytics and research

  • Service improvement

  • Industry benchmarking

6. Your Privacy Rights and Choices

6.1 Access and Portability

Right to Access: You can request a copy of your personal information.

How to Exercise:

  • Email privacy@accountable.org

  • Request through account settings

  • Include: Your name, email, and specific data requested

We will provide:

  • Data in a readable format

  • Within 30 days of verified request

  • Free of charge (for reasonable requests)

Data Portability: You can request your data in a structured, machine-readable format to transfer to another service.

6.2 Correction and Updates

Right to Correction: You can correct inaccurate or incomplete information.

How to Exercise:

  • Update directly in account settings

  • Email support@accountable.org

  • Contact customer support

We will correct:

  • Inaccurate personal information

  • Outdated contact information

  • Profile data

  • Preferences

6.3 Deletion

Right to Deletion: You can request deletion of your personal information, subject to legal retention requirements.

How to Exercise:

  • Request account deletion through settings

  • Email privacy@accountable.org with subject "Delete My Account"

  • Call customer support

Limitations: We may need to retain certain information to:

  • Comply with legal obligations (tax record retention)

  • Resolve disputes

  • Enforce our agreements

  • Prevent fraud

  • Complete transactions

Timeline:

  • Personal data deleted within 90 days

  • Legally required data retained per requirements

  • Confirmation email sent upon completion

6.4 Opt-Out of Marketing

Email Marketing:

  • Click "unsubscribe" in any marketing email

  • Update preferences in account settings

  • Email optout@accountable.org

SMS Marketing:

  • Reply "STOP" to any marketing SMS

  • Update preferences in account settings

Push Notifications:

  • Disable in device settings

  • Disable in app settings

Note: You cannot opt out of:

  • Transactional emails (receipts, confirmations)

  • Security alerts

  • Service notifications

  • Legal notices

6.5 Cookies and Tracking

Browser Settings:

  • Configure browser to block/delete cookies

  • Use "Do Not Track" signal (we honor DNT)

  • Use private/incognito browsing mode

Cookie Preferences:

  • Manage cookie preferences at www.accountable.org/cookies

  • Opt out of analytics through account settings

Ad Choices:

  • Opt out of personalized ads

  • Use NAI opt-out tool: www.networkadvertising.org/choices

  • Use DAA opt-out tool: www.aboutads.info/choices

Note: Disabling certain cookies may limit Service functionality.

7. State-Specific Privacy Rights

7.1 California Privacy Rights (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know:

  • Categories of personal information collected

  • Sources of personal information

  • Business purposes for collection

  • Categories of third parties we share with

  • Specific pieces of personal information we hold

Right to Delete: Request deletion of personal information, subject to exceptions for:

  • Legal compliance

  • Fraud prevention

  • Internal uses

  • Completing transactions

Right to Correct: Correct inaccurate personal information.

Right to Opt-Out of Sale/Sharing: We do NOT sell personal information. We do NOT share for cross-context behavioral advertising.

Right to Limit Sensitive Personal Information: Limit use of sensitive personal information (SSN, financial data, biometrics) to purposes necessary for providing Services.

Right to Non-Discrimination: We will not discriminate against you for exercising your rights.

Authorized Agent: You may designate an authorized agent by:

  • Providing written authorization signed by you

  • Providing proof of Power of Attorney

Verification: We verify your identity using:

  • Account credentials

  • Email verification

  • Knowledge-based authentication

  • Additional information as needed

Response Time:

  • 45 days for most requests

  • 45-day extension possible for complex requests

  • Notification if we cannot fulfill request

Contact for CCPA Requests:

  • Email: privacy@accountable.org (Subject: "California Privacy Request")

  • Phone: [Phone Number]

  • Mail: Accountable.org, Attn: Privacy Officer, [Address]

7.2 Virginia Privacy Rights (VCDPA)

Virginia residents have rights under the Virginia Consumer Data Protection Act:

  • Right to access personal data

  • Right to correct inaccuracies

  • Right to delete personal data

  • Right to obtain a copy of personal data

  • Right to opt out of targeted advertising, sale, and profiling

Contact: privacy@accountable.org (Subject: "Virginia Privacy Request")

7.3 Colorado Privacy Rights (CPA)

Colorado residents have rights under the Colorado Privacy Act:

  • Right to access, correct, and delete personal data

  • Right to data portability

  • Right to opt out of targeted advertising, sale, and profiling

Contact: privacy@accountable.org (Subject: "Colorado Privacy Request")

7.4 Connecticut Privacy Rights (CTDPA)

Connecticut residents have similar rights under the Connecticut Data Privacy Act.

Contact: privacy@accountable.org (Subject: "Connecticut Privacy Request")

7.5 Utah Privacy Rights (UCPA)

Utah residents have rights under the Utah Consumer Privacy Act.

Contact: privacy@accountable.org (Subject: "Utah Privacy Request")

7.6 Other States

Other states may have privacy laws providing similar rights. Contact privacy@accountable.org to exercise your rights.

8. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

8.1 Legal Basis for Processing

We process your data based on:

Consent:

  • Optional features and services

  • Marketing communications

  • Certain cookies and tracking

Contract Performance:

  • Providing Services you requested

  • Account management

  • Payment processing

Legal Obligation:

  • Tax compliance

  • Financial regulations (AML/KYC)

  • Legal requests

Legitimate Interests:

  • Fraud prevention and security

  • Service improvement and analytics

  • Direct marketing (where permitted)

  • Business operations

8.2 GDPR Rights

Right to Access: Request information about processing and a copy of your data.

Right to Rectification: Correct inaccurate data.

Right to Erasure ("Right to be Forgotten"): Request deletion under certain circumstances.

Right to Restrict Processing: Limit how we process your data.

Right to Data Portability: Receive your data in portable format.

Right to Object: Object to processing based on legitimate interests or for direct marketing.

Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing).

Right to Lodge a Complaint: File complaint with your supervisory authority.

8.3 International Data Transfers

We are based in the United States. If you are outside the U.S., your data will be transferred to and processed in the U.S.

Transfer Mechanisms:

  • Standard Contractual Clauses (SCCs)

  • Adequacy decisions

  • Your consent

Safeguards:

  • Encryption

  • Access controls

  • Contractual protections

  • Compliance with GDPR requirements

8.4 Contact for GDPR Requests

Email: privacy@accountable.org (Subject: "GDPR Request")
EU Representative: [If applicable, provide EU representative contact]

9. Children's Privacy

Our Services are NOT intended for individuals under 18 years of age.

We do not knowingly collect information from children under 18.

If you are a parent or guardian and believe your child provided information:

  • Contact us immediately at privacy@accountable.org

  • We will delete the information promptly

  • We will take steps to prevent future access

If you are under 18:

  • Do not use our Services

  • Do not provide any personal information

  • Have a parent or guardian contact us if needed

10. Third-Party Services and Links

10.1 Third-Party Services

When you connect third-party accounts, you are subject to those services' privacy policies:

  • Banks and financial institutions

  • Payroll providers

  • Educational institutions

  • IRS and government agencies

  • Social media platforms

We recommend reviewing their privacy policies.

We are not responsible for:

  • Third-party privacy practices

  • Third-party data security

  • Third-party terms or policies

  • Third-party data use

10.2 External Links

Our Services may contain links to external websites. We are not responsible for:

  • Content on linked sites

  • Privacy practices of linked sites

  • Security of linked sites

Review privacy policies of sites you visit.

10.3 Social Media

If we offer social media integrations:

  • Your interactions are governed by social platforms' policies

  • We may receive information per their APIs

  • You control what you share on social platforms

11. Automated Decision-Making and Profiling

We use automated systems for:

11.1 Tax Optimization

  • Calculating optimal withholding

  • Identifying tax credits and deductions

  • Estimating tax refunds or amounts owed

  • Providing personalized recommendations

Your Rights:

  • Request human review of automated decisions

  • Provide input or contest decisions

  • Understand the logic behind decisions

11.2 Fraud Detection

Automated systems analyze patterns to detect:

  • Identity theft

  • Account takeover

  • Suspicious transactions

  • Fraudulent activity

Accounts may be flagged for manual review based on risk scores.

11.3 Personalization

Algorithms determine:

  • Content recommendations

  • Feature suggestions

  • Educational resources

  • Dashboard customization

These do not produce legal or similarly significant effects without human review.

12. International Data Transfers

Accountable is based in the United States. If you access Services from outside the U.S.:

Data Processing Location:

  • Primary data storage and processing in the U.S.

  • Some service providers may be located internationally

  • Cloud infrastructure may span multiple regions

Transfer Safeguards:

  • Standard Contractual Clauses

  • Adequacy decisions (where applicable)

  • Encryption and security measures

  • Contractual protections

Your Consent: By using our Services, you consent to transfer of your data to the U.S. and other countries where we or our service providers operate.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

How We Notify You:

  • Material changes: Email notification and/or prominent notice in Services

  • Non-material changes: Update "Last Updated" date

  • All changes posted at www.accountable.org/privacy

Your Choices:

  • Continued use after changes = acceptance

  • If you don't agree, stop using Services and contact us to close your account

Review Regularly: We encourage periodic review of this Policy to stay informed.

14. Contact Us

Questions, concerns, or requests about this Privacy Policy:

Email:
 Privacy inquiries: privacy@accountable.org
General support: support@accountable.org
Security issues: security@accountable.org
Data requests: privacy@accountable.org

Mail:
 Accountable.org
Attn: Privacy Officer
[Street Address]
[City, State, ZIP Code]

Phone: [Phone Number]
Hours: Monday-Friday, 9 AM - 6 PM ET

Response Time: 10 business days for most inquiries

15. Additional Disclosures

15.1 Financial Privacy Notice (GLBA)

As a financial service provider, we are subject to the Gramm-Leach-Bliley Act (GLBA). This Privacy Policy serves as our Privacy Notice under GLBA.

Categories of Information Collected:

  • Identification (name, SSN, address, DOB)

  • Financial (account numbers, income, transactions)

  • Tax information (returns, withholding, credits)

Categories of Information Disclosed: We may disclose the above to:

  • Service providers (as described in Section 3.2)

  • As required by law

Opt-Out Rights: You may opt out of certain disclosures not required for providing Services by contacting privacy@accountable.org.

We do NOT share with non-affiliated third parties for their marketing purposes.

15.2 California Financial Privacy Rights

California residents: We will not share information we collect about you with non-affiliated third parties, except:

  • To process transactions

  • Service your account

  • As permitted by California law

15.3 Vermont Financial Privacy Rights

Vermont residents: We will not share information with non-affiliated third parties except as permitted by Vermont law, such as:

  • Processing transactions

  • Maintaining your account

  • As required by law

Appendix A: Categories of Personal Information (CCPA)

For California residents, detailed categories of information we collect:

We collect various types of information to provide our services. This includes basic identifiers like your name, email, SSN, address, phone number, and IP address, which we use for account creation, identity verification, and service delivery. We also collect financial information such as bank accounts, credit cards, income, and tax data to deliver our services, prevent fraud, and optimize your tax situation.

Certain protected classifications like age, citizenship, and marital status are collected to ensure tax compliance and determine your eligibility for various benefits. We track commercial information including your transaction history and purchasing behavior to improve our services and provide analytics. Your internet activity, such as browsing history, search history, and interactions with our platform, helps us personalize and improve the service.

We collect geolocation data from your IP address and GPS (if you permit it) to prevent fraud and apply local tax rules. Professional information like your employment status, employer, salary, and occupation helps us optimize your taxes and verify income. Education information including school enrollment and tuition is used to determine your eligibility for education credits.

In some cases, we may collect biometric information such as facial recognition for identity verification purposes. We also develop inferences about your preferences, characteristics, and behavior to personalize recommendations.

All of this information, including sensitive personal information like your SSN, financial account credentials, precise geolocation, and biometrics, is shared with service providers who help us deliver these services. Service providers with access to sensitive information operate under limited use agreements.

Sources:

  • Directly from you

  • Automatically through Service use

  • Third-party financial institutions

  • Data providers and aggregators

  • Government agencies (IRS)

Sharing: We share with service providers as described in Section 3. We do NOT sell personal information.

Appendix B: Cookie Policy

Types of Cookies We Use

Strictly Necessary Cookies: Essential for Service functionality. Cannot be disabled.

  • Session management and authentication

  • Security and fraud prevention

  • Load balancing

Performance Cookies: Help us understand Service usage.

  • Analytics (Google Analytics, Mixpanel)

  • Error tracking (Sentry)

  • Performance monitoring

Functional Cookies: Enable enhanced functionality.

  • User preferences

  • Language settings

  • Feature customization

Targeting/Advertising Cookies: Used for personalized marketing (only with consent).

  • Ad personalization

  • Campaign tracking

  • Retargeting

  • Conversion measurement

Cookie Management

Browser Controls:

  • Chrome: Settings > Privacy and Security > Cookies

  • Firefox: Options > Privacy & Security > Cookies

  • Safari: Preferences > Privacy > Cookies

  • Edge: Settings > Privacy > Cookies

Third-Party Opt-Out:

  • Google Analytics: https://tools.google.com/dlpage/gaoptout

  • NAI Opt-Out: https://www.networkadvertising.org/choices

  • DAA Opt-Out: https://www.aboutads.info/choices

Our Cookie Preferences: Manage cookie preferences at: www.accountable.org/cookie-preferences

Note: Disabling certain cookies may limit functionality.

Cookie Duration

  • Session cookies: Deleted when you close browser

  • Persistent cookies: Remain for set period (typically 30-365 days)

  • Third-party cookies: Duration set by third party




Last Updated: January 20, 2026

For the most current version, visit: www.accountable.org/privacy

By using Accountable, you acknowledge that you have read and understood this Privacy Policy.