Quarterly tax deadline is Jun 15. See how much you owe penalties

FlyFin Tax Services Privacy Policy

Effective Date: Mar 3, 2025

I. Our Commitment to Your Privacy and Data Security

FlyFin Tax Services (“FlyFin,” “we,” “us”) is committed to protecting the privacy and confidentiality of your personal and financial information. As a tax preparer, we are a “financial institution” under the Gramm-Leach-Bliley Act (GLBA) and are subject to the IRS Internal Revenue Code (IRC) Section 7216 regarding the use and disclosure of your tax return information.

Our commitment is to provide affordable, high-quality tax services, which requires utilizing the skills of licensed CPAs and Enrolled Agents (EAs) located in jurisdictions outside of the United States. This practice is detailed below and requires your explicit consent.

II. Information We Collect

We collect nonpublic personal information (“NPI”) necessary to prepare and file your tax returns, provide detailed tax queries, and fulfill related services. This includes:

  • Identifiers: Name, address, phone number, email address, date of birth.
  • Government-Issued IDs: Social Security Number (SSN), Individual Taxpayer Identification Number (ITIN).
  • Financial Data: Income, expenses, bank account information, investment data, retirement account details, and all related tax forms (W-2, 1099, 1098, etc.).
  • Authentication Data: Usernames and passwords used to access your FlyFin account.

III. How We Use Your Information

We use your NPI solely for the following purposes:

  1. Tax Preparation and Filing: To accurately prepare, process, and electronically file your federal, state, and local tax returns.
  2. Tax Consulting: To respond to your detailed tax queries and provide tax planning advice.
  3. Customer Service: To manage your account, communicate regarding your return, and process billing.
  4. Legal Compliance: To comply with all applicable laws, regulations, legal processes, and governmental requests, including those from the IRS and state taxing authorities.

IV. Disclosure and Cross-Border Data Transfer (Required Consent)

A. REQUIRED DISCLOSURE FOR OFFSHORE DATA ACCESS (IRC §7216)

By using the FlyFin app and checking the required consent box, you are granting us permission to disclose your tax return information (including personal and financial data) to tax return preparers located outside of the United States.

  • Recipients: Your tax return information will be accessed by CPAs and Enrolled Agents who are licensed professionals but are operating from various international locations.
  • Purpose: These professionals will be responsible for the initial preparation, data entry, quality review, and detailed query support for your tax return to achieve FlyFin’s low-price point.
  • Security: These offshore partners are contractually required to maintain the same level of data security and confidentiality as FlyFin, in compliance with U.S. laws, including the FTC’s Safeguards Rule.

B. Disclosure to Other Parties (No Consent Required)

We may disclose your NPI without your specific consent to the following parties:

  • Taxing Authorities: The IRS and state/local tax agencies, only as necessary for the preparation, processing, or electronic filing of your tax return.
  • Service Providers: Third-party vendors who assist with the technical operation of the FlyFin app, data encryption, and secure storage, provided they are bound by confidentiality agreements.

FlyFin will NEVER sell or rent your NPI to marketers or any other unrelated third party.

V. Confidentiality and Security Measures

We implement a comprehensive written information security program (WISP) as required by the FTC’s Safeguards Rule. Our security measures include:

  • Encryption: All data is encrypted both in transit (using protocols like SSL/TLS) and at rest (stored securely in encrypted databases).
  • Access Control: Access to your NPI is restricted to authorized FlyFin personnel and the outsourced licensed CPAs/EAs on a “need-to-know” basis only.
  • Professional Standards: All licensed CPAs and EAs, regardless of location, are contractually bound to abide by the ethical and confidentiality standards of IRS Circular 230.
  • Physical Security: Secure, locked facilities for any physical documents and protected servers for digital data.
  • App Security: Mandatory Multi-Factor Authentication (MFA) to access the FlyFin app.

VI. Data Retention

We retain your tax return information for the minimum period required by law, which is typically seven (7) years from the due date or filing date of your return, or as required by your state law. Once the retention period expires, your data is securely and permanently destroyed using industry-standard methods.

VII. Your Right to Revoke Consent and Control Over Your Data

You have the right to revoke your consent for your data to be accessed by offshore professionals at any time.

  • To Revoke Consent: You may revoke your consent by submitting a written request to privacy@flyfin.tax.
  • Consequence of Revocation: If you revoke consent, FlyFin may not be able to continue providing you with its tax preparation services at the advertised price point, as the model relies on the global network of professionals. Your revocation may lead to the cancellation of the engagement, and we will advise you of any fees due for services rendered up to that point.
  • Access/Deletion: You may request access to your records or request the secure destruction of records beyond the legally required retention period by contacting us.