Privacy Policy
Effective Date: 21st May 2025
1. Introduction
Breeze of Styles LLC d/b/a Breeze of Compliance (“BOC,” “we,” “us”) operates https://breezeofcompliance.com (the “Site”) and provides U.S. tax-compliance services—including Beneficial-Ownership Information (“BOI”) filings, paper-filed IRS returns (via Form 8948), and state tax-portal submissions. This Privacy Policy explains what personal data we collect, why we collect it, how long we keep it, whom we share it with, and what rights you have under:
EU/UK General Data Protection Regulation (GDPR) Art 6
U.S. California Consumer Privacy Act / CPRA opt-out rights
FTC Safeguards Rule for tax preparers
IRS Publication 4557 “Safeguarding Taxpayer Data”
CAN-SPAM Act requirements for outreach e-mail
2. Data We Collect
| Category | Examples | Source |
|---|---|---|
| Identity & owners | Name, date of birth, passport, FinCEN ID | Secure-email intake |
| Business info | EIN, U.S. address, state-registration number | State CSV feeds, client uploads |
| Tax records | W-8BEN, K-1, pro-forma 1120 + 5472 PDFs | Prepared in-house |
| Payment data | ACH routing (masked), Stripe token | Client invoice payment |
| Technical data | IP address, browser, cookie consent | Site analytics banner |
3. Legal Bases
Processing is lawful when it is necessary to perform a contract (GDPR Art 6-1-b), required by law (FinCEN/IRS), consented to by you, or in our legitimate interest to detect fraud.
4. How We Use Information
Drafting BOI reports and IRS/state tax returns.
Emailing PDF drafts and filing acknowledgments.
Scheduling ACH payments for quarterly estimates.
Sending deadline reminders (CAN-SPAM-compliant unsubscribe).
Improving security per FTC Safeguards guidance.
5. Sharing & Disclosure
| Recipient | Purpose | Safeguard |
|---|---|---|
| IRS / FinCEN / State DORs | Mandatory filings | Data encrypted in transit |
| AWS-SES (ISO 27001-certified) | Transactional email | ISO attestation |
| Google Workspace | Encrypted document storage; client-side encryption option | Service terms |
| EFTPS / U.S. bank | ACH tax payments | NACHA fraud-detection rule |
We do not sell or share personal data for monetary consideration.
6. Security Measures
Written information-security program per FTC Safeguards Rule.
Controls mapped to NIST SP 800-171 Rev 3 for CUI.
256-bit TLS on all pages; IDs sent only as password-protected PDFs (IRS secure-email bulletin).
AWS and Google encryption/ISO certifications for data at rest.
7. Retention
BOI & owner IDs – 5 years (FinCEN guidance).
Federal & state tax returns – 3-7 years per IRS Pub 4557.
ACH records – 2 years minimum under NACHA rules.
8. Your Rights
| Regime | Rights & how to exercise |
|---|---|
| GDPR | Access, correct, erase, object—email contact@breezeofcompliance.com |
| CPRA | Opt-out of sale/share; correct data; limit “sensitive PI” |
| CAN-SPAM | Unsubscribe link honoured within 10 business days. |
9. Cookies & Tracking
We use first-party cookies for site functionality and anonymous analytics; marketing pixels activate only after consent via the Cookie Banner (ePrivacy Directive and CPRA “Do Not Sell/Share” link).
10. Policy Updates
We may update this statement; material changes emailed to active clients and posted here with a new Effective Date.