Privacy Policy

Privacy Policy

Last Updated: November 5, 2024

Dansa D’Arata Soucia CPAs, LLC (“Dansa D’Arata Soucia”) respects the privacy of individuals who visit our website, https://www.darata.com (the “Website”), or interact with us through any other electronic means and are committed to protecting your personal information in accordance with the terms of this Privacy Policy (the “Policy”) and all applicable federal, state, and local laws.  By visiting our Website, any of our other client facing software applications, or when you opt-in to receive SMS messages from us (collectively “the DDS communication applications”), you accept and agree to the terms described in this Privacy Policy.

This Policy describes the types of information we may collect from you or that you may provide to us when you visit and/or use DDS communication applications.  It also describes our practices for collecting, using, maintaining, protecting, and disclosing that information.

Please read this Policy carefully to understand our policies and practices regarding your information and how we use and treat it.  By accessing, interacting with and/or using the DDS communication applications, you agree to all of the terms in this Policy.

We may change this Policy from time to time, at any time, in our sole discretion.  Any modifications will be effective immediately.  You can determine when the Policy was last revised by referring to the “Last Updated” legend at the top of this page.  Any and all updates to the Policy will be posted on this page for your review and understanding.  Continued use of DDS communication applications after we make any such change is deemed to be acceptance of those changes.  It is your responsibility to regularly check the Policy for updates.  Please regularly check the Policy for updates, as all changes will be binding on you and your use of DDS communication applications.

I. Notice and Disclaimer

No client or other relationship is created by your use of DDS communication applications.  No client or other relationship between you and Dansa D’Arata Soucia is or may be created by your access to or use of DDS communication applications or any information contained on it, including any and all other websites owned or operated by us.  A client relationship with Dansa D’Arata Soucia can only be created through the execution of a written engagement letter with us. A written engagement letter with Dansa D’Arata Soucia defines the extent of any engagement and the terms and conditions under which the engagement is being undertaken.

Our website and the materials made available through it are intended as a general overview and discussion of the referenced subjects.  None of the information on the website constitutes advice, nor does it necessarily reflect the opinions of Dansa D’Arata Soucia, our CPAs, affiliates, employees or clients.  Information on our webiste should not be used as a substitute for the advice of a professional with full understanding of your specific situation and facts.  The material and information provided on our website are current as of the date on which they are posted and are subject to change.  Dansa D’Arata Soucia accepts no responsibility for any actions taken or not taken on the basis of these representations.  Neither your use of our webiste nor your reliance on any of the information contained thereon creates or constitutes the formation of  a client or other relationship with Dansa D’Arata Soucia.

If you would like us to represent you, please call or email us, or contact us through the “Contact” feature available on our website.  This will allow us to determine whether the matter for which you seek assistance is one for which we are able to accept professional responsibility.  We reserve the right to decline any representation.

The information contained on Our website is for general guidance on matters of interest only. While Dansa D’Arata Soucia has made every attempt to ensure that the information contained on Our website has been obtained from reliable sources, Dansa D’Arata Soucia is not responsible for any errors or omissions, or for the results obtained from the use of this information.  THE INFORMATION IS MADE AVAILABLE “AS IS” WITHOUT ANY WARRANTIES, EXPRESS OR IMPLIED, REGARDING AVAILABILITY, ACCURACY, USEFULNESS, COMPLETENESS, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR USE.  THESE DISCLAIMERS INCLUDE ANY LIABILITY FOR ANY DAMAGES OR INJURIES CAUSED BY ANY FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DELETION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS, COMMUNICATION LINE FAILURE, THEFT OR DESTRUCTION OR UNAUTHORIZED ACCESS TO, ALTERATION OF, OR USE OF RECORD, WHETHER FOR BREACH OF CONTRACT, TORTIOUS BEHAVIOR, NEGLIGENCE, OR UNDER ANY OTHER CAUSE OF ACTION INCLUDING DAMAGE CAUSED BY DANSA D’ARATA SOUCIA’S SOLE NEGLIGENCE.

NEITHER DANSA D’ARATA SOUCIA NOR ANY OF ITS EMPLOYEES, AGENTS, SUCCESSORS, ASSIGNS, AFFILIATES, OR CONTENT OR SERVICE PROVIDERS SHALL BE LIABLE TO USERS OR OTHER THIRD PARTIES FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF USE OF OUR WEBSITE, ANY INABILITY TO GAIN ACCESS TO OR USE OUR WEBSITE, OR OUT OF ANY BREACH OF ANY WARRANTY OR DUTY.

  1. IRS Circular 230 Notice

Nothing on DDS communication applications relating to any federal tax transaction or matter are considered to be “covered opinions” as described in IRS Circular 230.

  1. COVID-19 Notice

Any information contained on Our website relating to COVID-19 is provided for informational purposes only and is expressly limited to the COVID-19 related legislation, governmental actions and other topics described herein.  It should not be considered comprehensive as there may be other legislative and governmental actions, present and future, related to COVID-19.  The content provided on Our website is general in nature; it may not apply to your specific situation.  None of this information constitutes legal, tax, financial or other professional advice; it is not a substitute for professional advice from your advisers.  This Website may contain links and references to third-party sources.  Such sources are only provided for the convenience of the user.  Dansa D’Arata Soucia does not recommend or endorse the contents of such third-party sources.

II. What Data Dansa D’Arata Soucia Collects

  1. Personal Data

Personal Data collected by Dansa D’Arata Soucia may include: your first and last name, your company name, your job title, your mailing address, your e-mail address, your telephone number, your fax number, your billing information, information contained in any e-mail or other communication you send to us, and information you give to us in any other way and any other identifier that permits us to identify or contact you (“Personal Data”).

Many features of DDS communication applications are available to you without you being required to affirmatively provide your Personal Data.  However, you may be requested to provide Personal Data in order to gain access to some of our content or services, to contact us, or to receive additional information from us.

  1. Usage Data

In addition to the Personal Data that you provide to us, data may also be collected automatically when you access or interact with DDS communication applications.

We may collect information about how you access and use DDS communication applications (“Usage Data”).  Usage Data may include information such as your device’s Internet Protocol address (“IP address”), the type of browser or application you are using to access DDS communication applications, browser version, the operating system, the time and date of your visit, the pages of DDS communication applications that you visit, the time spent on those pages, unique device identifiers and other diagnostic data.  We may also collect information regarding the device(s) you use to access or use DDS communication applications.

When you visit DDS communication applications with a mobile device, we may collect certain information automatically, including, but not limited to: the type of mobile device you are using, your mobile device unique ID, the IP address of your mobile device, your mobile device operating system, the type of mobile internet browser you are using, unique device information and other diagnostic data.

By using our Website, you authorize us to collect information about the pages served to you as an anonymous user.  This information will be used for the purpose of calculating aggregate site statistics.  If you register as a user of our Website, you authorize us to personalize the information that Dansa D’Arata Soucia delivers to you and to use your information when calculating aggregate client data.  As a registered user of our Website, you give us permission to send you e-mails, text messages, or place telephone calls to you related to the information that you request.

  1. Tracking and Cookies Data

Dansa D’Arata Soucia may use cookies or other tracking technologies to collect Usage Data and track how you use DDS communication applications.  We may use cookies for statistical reporting for DDS communication applications and for other purposes relating to making our Website available to you.  Cookies are small files that are placed on your computer, mobile device or any other device by a website, containing the details of your browsing history on that website among its many uses.  We use cookies and similar tracking technologies to track activity on our Website and store certain information.  Tracking technologies include beacons, tags, and scripts to collect and track information and to improve and analyze our Website.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.  However, if you do not accept cookies, some features of DDS communication applications may be unavailable to you.

  1. Special Category Data

We do not collect any personal information about you that is identified under the European General Data Protection Regulation (GDPR) as special category data.  Special category data includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, personal or political opinions, trade union membership, information about your health, and genetic and biometric data.  Nor do we collect any information about criminal convictions and offenses.  If we learn that we have collected such personal information, we will take steps to delete the data as soon as possible.

III. What Dansa D’Arata Soucia Does with Your Personal Data

Your Personal Data is primarily used to: (i) provide you with information that you request from us, and (ii) allow you to access our services, data, and information.

We may also use your Personal Data for the following purposes:

  • To provide and maintain DDS communication applications: including to monitor usage of DDS communication applications
  • For the performance of a contract with you: namely, to complete and deliver to you the services and/or products that you have purchased from us
  • To contact you: to contact you by telephone, email, text message, or other equivalent means of electronic communication
  • To manage your requests: to attend to and manage the requests you direct to us
  • To provide client support
  • To detect, prevent, and address technical issues
  • To gather analysis and valuable information so that we can improve the services and information that we provide to you

IV. Why We Collect Personal Data

As outlined above, most of the Personal Data we collect is provided to us directly by you, often in a request from you for Dansa D’Arata Soucia services.  Your Personal Data is collected for our legitimate business interests or those of our service providers as outlined below:

  • To allow the performance of services we provide and/or contracts we have with you.
  • To make sure we can keep in touch with you to provide these services.
  • To allow us to be efficient so that we can deliver the best service possible.
  • To prevent and detect criminal and/or fraudulent activity that would be damaging to you and us.
  • To promote our business to new and existing clients.

We (and our service providers) may share your Personal Data in the following situations:

  • With website providers: We may share your Personal Data with Website Providers to monitor and analyze the use of our Website.
  • Service providers: We may share your Personal Data with Service Providers to help us deliver our services to you.
  • For business transfers: We may share or transfer your Personal Data in connection with, or during negotiations of, any merger, sale of Dansa D’Arata Soucia assets, financing, or acquisition of all or a portion of our business to another company.
  • With business partners: We may share your Personal Data with our business partners to offer you certain services and/or products.
  1. Promotional Communications

Promotional Communications disseminated to clients and/or prospects include but are not limited to: client newsletters, marketing newsletters, informational alerts, webinar and/or training invitations, follow-up communications, thought-leadership promotions, blogs and video.

We have a legitimate interest in using your data for promotional purposes (see “Why We Collect Your Personal Data” above).  You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

V. Dansa D’Arata Soucia’s Disclosure of Personal Data to Third-Parties

Dansa D’Arata Soucia does not and will not sell Personal Data obtained through our Website to third parties for marketing purposes.

Third-party agents may need access to some of your Personal Data.  In such cases, Dansa D’Arata Soucia only provides third-party agents with the minimum amount of information needed to complete the requested service or transaction.  Dansa D’Arata Soucia reserves the right to disclose or share Personal Data it has acquired if it believes, in good faith, that such disclosure is necessary in order to:

  • comply with any applicable law, regulation, legal process, or enforceable governmental request;
  • enforce any applicable term of this Policy, including investigation of potential violations;
  • detect, prevent, or otherwise address fraud, security, or technical issues; or
  • protect against harm to the rights, property, or safety of Dansa D’Arata Soucia, our clients, or the public as required or permitted by law.

Dansa D’Arata Soucia reserves the right to provide third-parties with anonymized aggregate statistics about our clients, traffic patterns, and related Website information as described in this Policy.  This data reflects Website usage patterns but does not contain Personal Data about any individual user.

  1. Disclosure Through Business Transfer

We may buy, merge, or partner with another firm, company, or business and in doing so acquire or transfer Personal Data.  Personal Data collected through DDS communication applications may be among the transferred business assets.  In the event of an acquisition or merger, your Personal Data may be transferred so that we may continue to provide professional services to you.  In the course of such a transaction your Personal Data would likely be considered a business asset, and, notwithstanding limitations imposed by applicable data privacy legislation, you hereby agree to such a transfer.

  1. Other Reasons for Disclosure of Personal Data

We may disclose your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights of Dansa D’Arata Soucia
  • Prevent or investigate possible wrongdoing in connection with DDS communication applications
  • Protect the personal safety of users of DDS communication applications or the public
  • Protect against legal liability

VI. Third-Party Services

In general, the third-party providers used by us will only collect, use and disclose your Personal Data to the extent necessary to allow them to perform the services they provide to us.

  1. Third-Party Links

DDS communication applications may contain third-party links to websites that are not controlled by, owned, operated, or affiliated with Dansa D’Arata Soucia.  Once you leave our Website or are redirected to a third-party website or application, you are no longer governed by this Policy.  If you are redirected to a third-party website, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

When you click on links within our Website, they may direct you away from our Website to websites of third parties.  We are not responsible for the privacy practices of third parties and encourage you to read the privacy statements of any third-party website you are directed to.  Complaints, claims, concerns, or questions regarding third-party practices should be directed to the third-party.

  1. Google Analytics

Google Analytics is a web analytics website offered by Google that tracks and reports (non-personally identifiable) website traffic.  Google uses the data collected to track and monitor the use of our Website.  This data is shared with other Google Websites.  Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt-out of having made your activity on DDS communication applications available to Google Analytics by installing the Google Analytics opt-out browser add-on.  The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy Terms web page.

VII. Security

Protecting the security of Personal Data is very important to Dansa D’Arata Soucia.  However, it  is important to remember that no method of transmission over the Internet is entirely secure.  To protect your Personal Data, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.  When Personal Data is transmitted to Dansa D’Arata Soucia, it is protected by a “firewall” (a combination of hardware and software that helps keep unauthorized visitors from accessing information within Dansa D’Arata Soucia’s computer network), as well as industry standard SSL (Secure Sockets Layer) encryption.  Once Dansa D’Arata Soucia receives a transmission, Dansa D’Arata Soucia will take reasonable precautions intended to keep your Personal Data secure on our systems.  Even so, technical mistakes are possible.  No company, including us, can fully eliminate security risks associated with the transmission of Personal Data over the Internet.

While Dansa D’Arata Soucia strives to protect privacy, no data transmission over the Internet may be guaranteed to be 100% secure.  Dansa D’Arata Soucia, therefore, cannot warrant or guarantee the security of any Personal Data transmitted to Dansa D’Arata Soucia online, and is not responsible for the theft, destruction, or inadvertent disclosure of that Personal Data.

We restrict access to your Personal Data to our employees, service providers and third parties who need to know the information in order to process it on our behalf.  However, neither people nor security systems are foolproof, including encryption systems.  In addition, people can commit intentional crimes, make mistakes, or fail to follow policies.  Therefore, while we use commercially reasonable efforts to protect your Personal Data, we cannot guarantee its absolute security.  If an applicable law imposes any non-disclaimable duty to protect your Personal Data, you agree that intentional misconduct will be the standard used to measure our compliance with this duty.

VIII. Intellectual Property

Dansa D’Arata Soucia is the owner and/or authorized user of any trademark, registered trademark and/or service mark appearing in connection with DDS communication applications; and it is the copyright owner or licensee of the content and/or information on DDS communication applications.  If you make use of the intellectual property on our Website, you may violate trademark, copyright, and other laws of the United States, other countries, as well as applicable state laws and may be subject to penalties.  Dansa D’Arata Soucia does not grant any license or other authorization to visitors of our Website for its trademarks, registered trademarks, service marks, or other copyrightable material or other intellectual property, by using them in connection with our Website.

IX. Use of DDS communication applications by Children

Dansa D’Arata Soucia does not provide services to children.  In accordance with the Children’s Online Privacy Protection Act (“COPPA”), Dansa D’Arata Soucia does not knowingly request or solicit Personal Data from anyone under the age of 13, or anyone under the age of 16 in compliance with the California Consumer Privacy Act.  If you use DDS communication applications, you hereby represent and warrant that you are at least 16 years of age.  If you are under the age of 16, do not (i) use or provide any information on DDS communication applications or through any of its features, (ii) use any of the interactive or fillable features of DDS communication applications, or (iii) provide any information about yourself to us, including your name, address, telephone address, e-mail address or any other information that could be used to identify you.  In the event that Dansa D’Arata Soucia receives actual knowledge that it has collected Personal Data from someone under the age of 16 without the requisite and verifiable parental consent, Dansa D’Arata Soucia will delete that information as quickly as is practical.

X. California Privacy Rights

If you are a California resident, you have certain data protection rights.  If you are a California resident and would like to make a request for this information, please send an e-mail to admin@darata.com.

Under the California Consumer Privacy Act of 2018 (CCPA) and California Civil Code § 1798.83, you have the right to exercise the following rights:

  1. Disclosures of Personal Information We Collect

You have the right to know:

  • The categories of Personal Data we have collected about you
  • The categories of sources from which we have collected Personal Data
  • Our business or commercial purpose for collecting or selling Personal Data
  • The categories of third parties with whom we share Personal Data
  • The specific pieces of Personal Data we have collected about you
  1. Personal Data We Sell or Use for a Business Purpose

In connection with any Personal Data we may sell or disclose to a third party for business purposes, you have the right to know:

  • The categories of Personal Data that we sold
  • The categories of third parties to whom Personal Data was sold
  • The categories of Personal Data that we disclosed for a business purpose

Dansa D’Arata Soucia does not sell (as is defined in the CCPA) the Personal Data we collect and will not sell it without providing a right to opt out.

  1. Right to Deletion

Subject to certain exceptions set out below, upon receipt of a verifiable request from you, we will:

  • Delete your Personal Data from our records; and
  • Direct any service providers to delete your Personal Data from their records.

Please note that we may not delete your Personal Data if it is necessary to:

  • Complete the transaction for which your Personal Data was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between us and you
  • Detect and protect against security incidents, fraudulent or illegal activity, or for prosecuting those responsible for such activity
  • Debug, identify, or repair errors that impair existing functionality
  • Exercise free speech
  • Comply with the California Electronic Communications Privacy Act
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all applicable ethics and privacy laws
  • Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us
  • Comply with an existing legal obligation
  • Otherwise use your Personal Data, internally, in a lawful manner that is compatible with the context in which you provided the information
  1. Protection Against Discrimination

You have the right not to be discriminated against by us because you exercised any of your rights under the CCPA.  This means we cannot:

  • Deny goods or services to you
  • Provide a different level or quality of goods or services to you

Please note that we may charge a different price or rate to you if that difference is reasonably related to the value provided to us by your Personal Data.

  1. California’s Shine the Light Law

In addition to the CCPA, California Civil Code § 1798.83 permits users that are residents of California to request the following information regarding our disclosure of your Personal Data to third parties for those third parties’ direct marketing purposes: (i) a list of certain categories of personal information that we have disclosed to certain third parties for their direct marketing purposes during the immediately preceding calendar year; (ii) the identity of certain third parties that received personal information from us for their direct marketing purposes during that calendar year; and (iii) where the nature of the third parties’ business is not reasonably determinable, examples of the products or services marketed (if we have that information).  If you are a California resident and would like to make such a request, please email us at info@freedmaxick.com.

  1. “Do Not Track” Policy as Required by California Online Privacy Protection Act (CalOPPA)

DDS communication applications does not respond to or support Do Not Track (“DNT”) signals.

Do Not Track is a preference you can set in your web browser to inform websites you do not want to be tracked.  You can enable or disable DNT by visiting the preferences or settings page of your web browser.

XI. European General Data Privacy Regulation (GDPR)

If you are a resident of the European Union (EU), you have certain data protection rights under the European General Data Protection Regulation (GDPR).

  • Legal Basis for Processing Your Personal Data Under GDPR

To process your Personal Data, we must have a legal basis for doing so.  We may process your Personal Data under the following conditions:

  • Performance of a Contract: when your Personal Data is necessary for the performance of an agreement that we make with you and/or for any contractual obligations thereof
  • Legal Obligation: when your Personal Data is necessary for compliance with a legal obligation to which Dansa D’Arata Soucia is subject
  • Legitimate Interests: when processing your Personal Data is necessary for the purpose of the legitimate interests pursued by Dansa D’Arata Soucia
  • Your Data Protection Rights Under GDPR

In certain circumstances, you have the following data protection rights with respect to your Personal Data that we collect and process:

  • The Right to Request Access. You have the right to access, update, or delete the information we have about you.
  • The Right of Rectification. You have the right to have any incomplete or inaccurate information we hold about you corrected.
  • The Right to Object. You have the right to object to our processing of your Personal Data.
  • The Right to Restrict Processing.  You have the right to request that we restrict the processing of your Personal Data.
  • The Right of Erasure. In certain circumstances, you have the right to ask us to remove or delete your Personal Data.
  • The Right to be Forgotten. You have the right to request that we delete your personal information, in certain situations.
  • The Right to Transfer. Upon request we will provide you (or a third-party you have chosen) the Personal Data we have collected about you.  Your Personal Data will be provided in a structured, commonly used, machine-readable format.  Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the Personal Data to perform a contract with you.
  • Withdraw Your Consent.  You have the right to withdraw your consent at any time where Dansa D’Arata Soucia relied on your consent to process your Personal Data.
  • Exercising Your Rights Under GDPR

You may exercise any of the rights enumerated above by contacting us at admin@darata.com. Please note that we may ask you to verify your identity before responding to such requests. 

You also have the right to complain to a Data Protection Authority about our collection and use of your Personal Data.  For more information, please contact your local data protection authority in the European Economic Area.

If a Data Processing Addendum (DPA) is required, that can be requested using the information provided in the “Contact Us” section below.

XII. Data Breach Notification Procedure

Because Dansa D’Arata Soucia takes data security and privacy very seriously, Dansa D’Arata Soucia will notify you if after an investigation it is determined that there is a reasonable likelihood of harm as a result of your Personal Data having been acquired by an unauthorized person provided that the notification is allowed by law and will not compromise a criminal investigation of a law enforcement agency.  The notification may be made in writing, electronically, or by any other method authorized by law at the sole election of Dansa D’Arata Soucia.

XIII. Additional Terms

By accessing and/or using DDS communication applications, you acknowledge and agree that any dispute or claim arising in relation to DDS communication applications or this Policy shall be governed by the laws of the State of New York without regard to its conflict of law provisions.  You further agree to submit to the personal and exclusive jurisdiction of the courts located within the State of New York.

Any legal suit, action, or proceeding arising out of, or related to, DDS communication applications or this Policy shall be instituted exclusively in the federal courts of the United States or the courts of the State of New York, in each case located in the Western District of New York, although we retain the right to bring any suit, action, or proceeding against you for breach of these Terms of Use in your country of residence or any other relevant country.  You waive any and all objections to the exercise of jurisdiction over you by such courts and to venue in such courts.

Should any portion of this Privacy Policy be deemed unenforceable for any reason, you specifically agree that this will not affect the validity or enforceability of the remaining portions of this Privacy Policy.  The failure of Dansa D’Arata Soucia to exercise or enforce any right or provision of the Privacy Policy shall not constitute a waiver of such right or provision.  If any provision of the Privacy Policy is found by a court of competent jurisdiction to be invalid, you nevertheless agree that the court should endeavor to give effect to the intention of the Privacy Policy as reflected in the provision, and the other provisions of the Privacy Policy remain in full force and effect.

XIV. Contact Us

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or you simply would like more information, please email admin@darata.com or by mail:

Dansa D’Arata Soucia, LLP
Attention: Privacy Officer
500 Pearl Street – Suite 810
Buffalo, New York 14202