Privacy Policy

Information We Collect

We collect information you provide directly, information generated automatically by your use of the platform, and information from third parties.

Information you provide directly:

• Account data — name, email address, password, and role (client, Expert, or team member) when you register.
• Profile data — for Experts: professional headline, bio, specializations, credentials, industries served, hourly rate, and profile photo. For clients: company name, industry, and business type.
• Service data — service listings created by Experts, including title, description, pricing, and category.
• Booking & hire data — when you book a consultation or hire an Expert, we collect the details of that engagement including dates, messages, and deliverables.
• Payment data — billing and payout information processed through Stripe (we do not store raw card numbers on our servers).
• Communications — messages sent through the platform's direct messaging, booking messages, team conversations, and support requests.
• Reviews & ratings — feedback submitted after completed engagements.

Information collected automatically:

• IP address, browser type, device type, operating system, and referring URLs.
• Pages visited, features used, and time spent on the platform.
• Profile view analytics (for Experts, we track which profiles were viewed and when).
• Session data stored via browser cookies.

How We Use Your Information

We use the information we collect to:

• Create and manage your account and provide access to the platform.
• Facilitate matches between clients and Experts, including AI-powered matching.
• Process payments, payouts, and subscription billing through Stripe.
• Enable direct messaging, team collaboration, booking management, and project tracking.
• Send transactional emails — account verification, password resets, booking confirmations, subscription invoices, withdrawal status updates, and team invitations.
• Resolve disputes and enforce our Terms & Conditions.
• Provide profile view analytics to Experts.
• Improve our platform, AI matching algorithms, and user experience.
• Comply with legal obligations and respond to lawful requests.
• Detect fraud, protect the security of our platform, and prevent abuse.

How We Share Your Information

We share information only in the following circumstances:

• Between platform users — Client names, profile data, and messages are shared with Experts they engage with, and vice versa, as necessary to facilitate engagements.
• Public profiles — Expert profiles (name, headline, bio, specializations, services, and ratings) are visible to the public on the platform.
• Team members — When you invite team members to a workspace, they may see project details and conversations relevant to their assignment.
• Service providers — We share data with trusted third-party providers: Stripe (payment processing), email delivery providers (transactional email), and cloud hosting infrastructure. These providers are contractually bound to protect your data.
• AI matching — Anonymized service and profile data may be processed by our AI provider (OpenRouter) solely to generate match results. No identifiable contact information is shared with the AI provider.
• Legal compliance — We may disclose information when required by law, court order, or government authority, or to protect the rights, property, or safety of our users or the public.
• Business transfers — In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction. We will notify you before your information is subject to a different privacy policy.

Payment Information

All payment processing on CPA Connections is handled by Stripe, a PCI-DSS-compliant payment processor. When you enter payment card details, that information is transmitted directly to and stored by Stripe. We receive only a tokenized reference and the last four digits of your card for display purposes.

Expert payout information (bank account details or card details for withdrawals) is stored in our system in a limited form (last 4 digits, account type, routing number) to facilitate withdrawal requests reviewed and approved by our administrative team.

All financial transactions on the platform — service hires, consultation bookings, and subscription billing — are processed through Stripe's secure infrastructure.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. Specifically:

• Account data is retained for the lifetime of your account. You may request deletion at any time (see Your Rights below).
• Transaction records (bookings, hires, invoices, withdrawals) are retained for a minimum of seven (7) years for financial and tax compliance purposes.
• Messages and conversation history are retained for the duration of your account and for a reasonable period after account closure.
• Email logs are retained for up to one (1) year for auditing and troubleshooting.
• Profile view analytics are retained for up to two (2) years.

Cookies & Tracking Technologies

We use cookies and similar technologies to operate and improve the platform:

• Session cookies — required to keep you logged in and maintain your session state.
• CSRF tokens — required for security to prevent cross-site request forgery.
• Preference cookies — to remember settings such as your selected filters.
• Analytics — we may use anonymized analytics to understand how users interact with the platform and identify areas for improvement.

You can control cookies through your browser settings. Disabling session cookies will prevent you from logging in to the platform.

Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access — request a copy of the personal data we hold about you.
• Correction — update inaccurate or incomplete information through your account profile settings.
• Deletion — request deletion of your account and associated personal data (subject to legal retention obligations).
• Portability — request your data in a portable format.
• Opt-out of marketing — we do not send marketing emails; all our emails are transactional. You may manage notification preferences in your account settings.

To exercise any of these rights, contact us at support@cpaconnections.com. We will respond within 30 days.

Security

We implement industry-standard security measures to protect your personal information:

• All data transmitted between your browser and our servers is encrypted using TLS (HTTPS).
• Passwords are hashed using bcrypt and are never stored in plain text.
• Payment processing is handled exclusively by Stripe's PCI-DSS-certified infrastructure.
• Access to personal data is restricted to authorized personnel who need it to perform their role.
• Email verification is required for all accounts before platform access is granted.

Despite these measures, no system is completely secure. We encourage you to use a strong, unique password and to notify us immediately if you suspect unauthorized access to your account.

Children's Privacy

CPA Connections is a professional services platform intended for use by businesses and adults aged 18 and older. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that a minor has provided us with personal information, we will promptly delete it. If you believe a minor has registered on our platform, please contact us at support@cpaconnections.com.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify registered users by email.

Your continued use of the platform after changes are posted constitutes your acceptance of the revised policy. We encourage you to review this page periodically.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please reach out to us:

• Email: support@cpaconnections.com
• Phone: (817) 650-6198
• Address: CPA Connections, United States