Privacy Policy
1. Introduction
FMS Advisory, LLC (“FMS Advisory”, “we”, “us”, or “our”) values your privacy. This Privacy Policy explains what personal information we collect, how we use it, with whom we share it, the rights you have with respect to your personal information, and how to contact us. This Policy applies to personal information collected through our websites, client portals, forms, email lists, phone and messaging programs, and other interactions (collectively, the “Sites and Services”).
By using our Sites and Services, or by providing personal information to us, you consent to the collection and use of your information as described in this Privacy Policy.
2. Scope and legal compliance
As an accounting and tax services firm, we operate in the United States and comply with applicable U.S. laws and regulations relevant to our services, including federal guidance and obligations governing the financial services and tax professions. We also implement internal safeguards consistent with federal guidance for financial institutions and tax preparers.
If you are a California resident, you have the additional rights described in Section 8 (California residents).
FMS Advisory, LLC (909 Rose Ave, Rockville, MD 20852) is the data controller for personal information collected through our Sites and Services. Our Data Security Coordinator is responsible for privacy and information security governance.
4. Information we collect
We collect personal information you provide and information collected automatically when you use our Sites and Services.
- Information you provide directly: examples include your name, email address, phone number, postal address, business name, job title, payment and billing information you supply when you purchase services (note: full payment card data is typically collected and stored by payment processors, not by us), intake and onboarding materials, tax and financial records necessary to provide services, and support or correspondence records.
- Information collected automatically: this may include IP address, device and browser characteristics, pages you visit, referrer URLs, and cookies or similar tracking information. See our Cookie Policy for more detail.
- Information from other sources: we may receive information from public sources and from service providers we use to operate our Sites and Services. We combine this information with data we collect directly.
Children’s privacy: our Sites and Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn we have collected personal information from a child under 13, we will take steps to delete it. If you believe we have collected information from a child under 13, please contact us.
We use personal information for the following business purposes and legal bases:
- To provide services and perform contracts. Processing necessary to deliver the accounting, tax, advisory, or other services you request.
- To process payments and manage orders. For billing, invoicing and fraud prevention. (Payment card information is handled by processors; we do not retain full card numbers on our systems.)
- To communicate with you. Responding to inquiries, scheduling, support, transactional notices, and account communications.
- To send marketing communications. With your consent where required (and always with an unsubscribe option), we may send newsletters, program updates, and promotional offers.
- To operate and improve our Sites and Services. For analytics, testing, diagnostics, and site performance.
- To protect our business and comply with legal obligations. This includes recordkeeping, responding to lawful requests by courts or government agencies, preventing fraud, and enforcing our agreements.
- For security and fraud prevention. Detecting and responding to security incidents and risks.
If you provide your email address to receive a freebie, register for a webinar, purchase a product, or otherwise request marketing communications, we may add you to our marketing list. You may opt out at any time by clicking the “unsubscribe” link in any email or by contacting us.
SMS/Text messages
By providing your mobile phone number, you consent to receive text messages from FMS Advisory for appointment reminders, account notices, and messaging you have opted into. Message & data rates may apply. Reply STOP to opt out or HELP for assistance. We will process STOP requests promptly.
Opt-in records
We retain time-stamped records of opt-in consent (including the opt-in method and confirmation) and records of any opt-out requests. These records are used solely to administer our messaging programs and to comply with legal or contractual obligations.
6. Sharing and disclosure
We do not sell personal information for monetary consideration.
We may disclose personal information to third parties only as necessary for business purposes, including to service providers that process data on our behalf. These categories of service providers include (but are not limited to):
- Payment and billing processors;
- Hosting and cloud-storage providers;
- Email and marketing platforms;
- Analytics and site-performance providers;
- Messaging and communications providers (including SMS providers);
- Professional advisors and consultants (legal, accounting, technical) who support our operations; and
- Governmental, regulatory, or law enforcement authorities where required by law.
When we engage service providers, we require contractual protections (for example, data processing agreements and contractual safeguards) that limit their use of personal information to the purposes we authorize and require them to implement appropriate security measures. We also require contractors to honor confidentiality and to follow our security policies. If you would like more information about the categories of processors we use, or the safeguards we require, please contact us.
Text messaging
No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Text-messaging originator opt-in data and associated consent records (including timestamps and the opt-in method) are excluded from any other categories of sharing; we will not disclose these records to third parties except as required by law or to an authorized messaging provider strictly to deliver messages on our behalf under contract.
7. Cookies and tracking
We use cookies and similar technologies to operate and improve the Sites and Services, remember your preferences, and to serve content and advertising. Our Cookie Policy explains the types of cookies we use, how we use them, and how you can control cookie settings. Please review the Cookie Policy for information on opting out of analytics and advertising cookies.
Our Sites may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those sites. Please review the privacy policies of any third parties before providing personal information.
8. Your rights
If you are a resident of the United States, you may have the right under applicable state law to request access to, correction of, or deletion of personal information we maintain about you. Certain states may also provide rights regarding the categories of personal information collected, the categories of sources, the business purposes of collection, and the categories of third parties with whom data is disclosed.
How to make a request. To exercise one of these rights, contact us at info@fmsadvisory.com and provide sufficient information to allow us to locate your record. We will verify your identity before fulfilling any request.
California residents (CCPA / CPRA)
California residents have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:
The right to request disclosure of the categories and specific pieces of personal information we have collected;
The right to request deletion of personal information (subject to certain exceptions);
The right to opt out of the sale or sharing of personal information (we do not sell personal information for monetary consideration); and
The right not to be discriminated against for exercising privacy rights.
For California requests, we will verify identity and respond within the timeframes required by law (generally within 45 days, subject to a single extension of 45 days with notice if necessary).
9. Data retention and secure destruction
We retain personal information only as long as necessary for the purposes for which it was collected and to meet legal, regulatory, tax or professional recordkeeping obligations.
Typical retention practices include:
Client files and tax records: generally retained for 7 years (or longer if required by law or contract).
Transactional and payment records: retained for accounting, tax reporting, and fraud-prevention purposes (generally 7 years).
Marketing and newsletter lists: retained until you unsubscribe or withdraw consent.
Job applicant records: retained for up to 2 years unless otherwise required.
Backups and logs: retained according to our systems and hosting providers’ schedules.
When information is no longer required, we securely delete or anonymize it in accordance with our secure-destruction procedures.
10. Security and the WISP
We maintain administrative, technical and physical safeguards to protect personal information. Our information-security program is documented in the Firm’s Written Information Security Plan (WISP), which describes our safeguards, access controls, employee training, contractor requirements, retention and secure-destruction procedures, and incident-response processes. The WISP is reviewed at least annually and is available to clients on request through the Firm’s Data Security Coordinator. Sensitive operational details are withheld for security reasons.
11. Data breach and incident response
If we become aware of an unauthorized acquisition or disclosure of personal information that triggers notification under applicable law, we will follow our WISP’s incident-response procedures, perform a post-incident review, and provide notifications to affected individuals and regulators as required by law.
12. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. If we make material changes to how we use or disclose personal information, we will provide notice as required by law and update the Effective Date of this Policy.
13. Contact us
For questions about this Policy or to exercise your privacy rights, contact:
FMS Advisory, LLC
909 Rose Ave, Rockville, MD 20852, United States
Email: info@fmsadvisory.com
