Privacy Policy

At FirmaBizz, we take your privacy and data security seriously. This Privacy Policy ("Policy") explains how we collect, use, disclose, and protect your personal information when you use our platform, services, and website (collectively, the "Services"). This Policy applies to all users of FirmaBizz and applies to all personal data we process.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. By accessing or using FirmaBizz, you consent to the practices described in this Policy. If you do not agree with our privacy practices, please do not use our Services.

1. Information We Collect

1.1 Personal Information You Provide

We collect personal information that you voluntarily provide to us when using our Services, including:

• Account Information: Name, email address, phone number, password, and account preferences
• Immigration Data: Information about your immigration status, visa category, sponsorship details, family relationships, employment history, and previous immigration petitions
• Tax Information: Social Security Number (SSN), Employer Identification Number (EIN), income information, tax filing status, and tax documents
• Personal Details: Date of birth, country of origin, address history, passport/travel document information, and biographical data
• Contact Information: Phone numbers, email addresses, and preferred contact methods
• Document Information: Copies of government-issued documents, forms, correspondence, and supporting documentation
• Payment Information: Credit card and billing address information (processed securely by third-party payment processors)
• Communication Data: Messages, inquiries, feedback, and customer support interactions

1.2 Information We Collect Automatically

We automatically collect certain information about your device and usage of our Services:

• Device Information: Device type, operating system, browser type, IP address, and unique device identifiers
• Usage Data: Pages visited, features used, forms completed, time spent on pages, clicks, and interactions with our platform
• Cookies and Similar Technologies: Information from cookies, local storage, and tracking pixels to enhance user experience
• Location Information: General geographic location based on IP address (we do not track precise GPS location)
• Log Data: Server logs containing access times, referral URLs, and error information

1.3 Information from Third Parties

We may receive information about you from third parties, including publicly available information, information shared with our consent, or information to verify your identity and prevent fraud.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Core Service Delivery

• Completing and generating immigration and tax forms
• Processing AI-powered document preparation and recommendations
• Preparing and delivering documents you request
• Providing customer support and resolving issues
• Communicating with you about your account and Services

2.2 Account Management

• Creating and maintaining your account
• Processing payments and managing billing
• Sending important account notifications
• Verifying your identity and preventing fraud
• Enforcing our Terms of Service and other agreements

2.3 AI Improvement and Analytics

• Training and improving our AI models and algorithms
• Analyzing user patterns to enhance our Services
• Testing new features and functionality
• Creating anonymized, aggregated analytics
• Conducting research to improve document accuracy

2.4 Marketing and Communication

• Sending promotional emails and updates (with your consent)
• Personalizing your experience and recommendations
• Conducting surveys and gathering feedback
• Marketing new features and Services

2.5 Legal and Compliance

• Complying with legal obligations and government requests
• Protecting against fraud, abuse, and security threats
• Enforcing our agreements and protecting our rights
• Maintaining records for tax and legal compliance

3. Legal Basis for Processing (GDPR)

For users in the EU and other jurisdictions requiring legal basis for data processing, we process your personal data on the following bases:

• Contract Performance: Processing necessary to provide the Services you have requested
• Legitimate Interests: Processing necessary for our legitimate business interests, including fraud prevention, service improvement, and analytics
• Legal Obligation: Processing required to comply with applicable laws and regulations
• Your Consent: Processing based on your explicit consent for marketing and promotional communications
• Vital Interests: Processing necessary to protect your vital interests or those of another person

4. How We Share Your Information

4.1 We Do NOT Sell Your Data

4.2 Service Providers

We share information with trusted service providers who assist us in operating our Services, subject to strict confidentiality agreements:

• Payment processors and financial institutions
• Cloud hosting and storage providers
• Email and communication service providers
• Analytics and analytics platforms
• Customer support platforms
• AI and machine learning service providers
• Legal and accounting service providers

4.3 Legal Requirements

We may disclose your information if required by law or when we believe in good faith that disclosure is necessary to:

• Comply with valid legal processes, court orders, or government requests
• Enforce our Terms of Service and other agreements
• Protect the security or integrity of our Services
• Protect the rights, privacy, safety, or property of FirmaBizz, users, or the public
• Prevent or investigate possible wrongdoing
• Respond to claims of illegal activity

4.4 Business Transfers

If FirmaBizz is involved in a merger, acquisition, bankruptcy, or sale of substantially all assets, your information may be transferred as part of that transaction. We will provide notice before your information becomes subject to a different privacy policy.

5. Cookies and Tracking Technologies

5.1 Types of Cookies We Use

We use cookies and similar technologies to enhance your experience and understand how our Services are used:

• Essential Cookies: Required for authentication, security, and core functionality
• Performance Cookies: Help us understand user behavior and improve Service performance
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used with your consent for retargeting and advertising (if applicable)

5.2 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Disabling cookies may limit your ability to use certain features of our Services. We respect Do Not Track (DNT) signals where applicable.

5.3 Third-Party Tracking

Third-party service providers may place cookies on your device. These services have their own privacy policies, and we are not responsible for their practices. We recommend reviewing their privacy policies for information about their data collection practices.

6. Your Privacy Rights

6.1 Rights Under GDPR (EU/EEA Users)

If you are located in the European Union or European Economic Area, you have the following rights regarding your personal data:

• Right to Access: Obtain a copy of your personal data and confirmation of how we process it
• Right to Rectification: Correct inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data (subject to legal obligations)
• Right to Restrict Processing: Limit how we use your personal data in certain circumstances
• Right to Data Portability: Receive your personal data in a structured, commonly used format and transfer it to another provider
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent for any processing based on your consent
• Right to Lodge a Complaint: File a complaint with your local data protection authority

6.2 Rights Under CCPA (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request what personal information we have collected, used, and disclosed about you
• Right to Delete: Request deletion of personal information we have collected about you (subject to exceptions)
• Right to Opt-Out of Sale: Direct us not to sell your personal information (FirmaBizz does not sell data)
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
• Right to Limit Use: Request that we limit our use of sensitive personal information

6.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

6.4 Verification Process

We may require you to verify your identity before fulfilling your request. We will respond to verified requests within the required timeframes (typically 30-45 days depending on your jurisdiction). If we cannot fulfill your request, we will explain the reason.

7. Data Security

7.1 Security Measures

We implement comprehensive technical, administrative, and physical safeguards to protect your personal information:

• Encryption: SSL/TLS encryption for data in transit; AES-256 encryption for sensitive data at rest
• Secure Infrastructure: Secure cloud hosting with industry-standard security protocols
• Access Controls: Strict access controls limiting data to authorized personnel only
• Authentication: Multi-factor authentication and strong password requirements
• Regular Audits: Regular security audits and vulnerability assessments
• Employee Training: Privacy and security training for all employees
• Data Minimization: Collecting only the minimum data necessary for our Services
• Backup and Recovery: Secure backup and disaster recovery procedures

7.2 Security Limitations

While we implement industry-leading security measures, no system is completely secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and password.

7.3 Data Breach Notification

In the event of a data breach involving your personal information, we will notify you as required by applicable laws. We maintain cybersecurity insurance and have procedures to mitigate harm from any security incident.

8. Data Retention

8.1 Retention Periods

We retain your personal information for as long as necessary to provide our Services and comply with legal obligations:

• Account Information: Retained for the duration of your account and 7 years after account closure for legal/tax compliance
• Service Documents: Retained for 7 years to comply with tax and government regulations
• Payment Information: Retained for 7 years for financial and tax compliance
• Communication Records: Retained for 3 years for customer service and dispute resolution
• Usage Analytics: Retained for 24 months for analytics and improvement purposes
• Marketing Data: Retained until you opt out, then deleted within 30 days
• Backup Data: Retained according to our backup retention policy; backups automatically deleted after 90 days

8.2 Data Deletion

After the applicable retention period, we delete or anonymize your personal information. Data retained for legal, tax, or compliance purposes will be securely destroyed after all requirements are satisfied. You may request deletion earlier by contacting us at legal@axiopistisholdings.com, subject to legal obligations.

9. Children's Privacy

FirmaBizz does not intentionally collect personal information from children under 18 years of age. Our Services are designed for adults 18 years and older. If we become aware that we have collected information from a child under 18, we will take steps to delete such information immediately.

Parents or guardians who believe their child has provided information to us should contact us immediately at legal@axiopistisholdings.com.

10. International Data Transfers

10.1 Cross-Border Transfers

FirmaBizz operates primarily in the United States. Your personal information may be transferred to, stored in, and processed in the United States and other countries. By using our Services, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.

10.2 Data Adequacy and Safeguards

When transferring personal information from the EU/EEA to the United States, we implement safeguards including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy mechanisms and supplementary safeguards
• Data processing agreements with all service providers
• Equivalent security measures as required by GDPR

10.3 Compliance with Data Protection Laws

We maintain compliance with applicable international data protection laws and regulations in all jurisdictions where we operate.

11. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, and services that are not operated by FirmaBizz. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services before providing them with your personal information.

12. AI and Automated Decision-Making

12.1 AI Processing of Information

FirmaBizz uses AI and machine learning technologies to:

• Analyze information you provide to pre-fill forms and identify relevant questions
• Generate recommendations for document completion
• Detect patterns and potential errors in submissions
• Improve our Services and user experience
• Prevent fraud and abuse

12.2 Human Review

All documents prepared by our AI are subject to your review and human verification. You are responsible for ensuring the accuracy and completeness of all information before submission to government agencies.

12.3 No Automated Decision-Making

FirmaBizz does not make final decisions about document approval or eligibility based solely on automated decision-making. All decisions affecting your rights are reviewed and approved by the user.

13. State and Regional Privacy Laws

13.1 California Consumer Privacy Act (CCPA)

California residents have additional rights under the CCPA. We do not sell personal information. For CCPA-related requests, contact us at legal@axiopistisholdings.com. We will respond within 45 days.

13.2 Other State Laws

We comply with all applicable state privacy laws including Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other state privacy regulations. Users in these states have rights similar to CCPA.

13.3 GDPR (EU/EEA)

We fully comply with the General Data Protection Regulation (GDPR) for all users in the European Union and European Economic Area.

14. Modification of Policy

We reserve the right to modify this Privacy Policy at any time. We will notify you of material changes by posting the updated Policy on our website and updating the "Last Updated" date. For material changes affecting your rights, we will provide additional notice. Your continued use of the Services after such changes constitutes acceptance of the modified Policy.

We encourage you to review this Privacy Policy periodically to stay informed of how we protect your information.

15. Contact Information

If you have questions about this Privacy Policy, your privacy rights, or our privacy practices, please contact us:

Data Protection Authority

EU/EEA residents have the right to lodge a complaint with their local data protection authority if they believe we have violated their privacy rights. You may find your local authority on the websites of the European Data Protection Board (EDPB).