Your Data Security
- How is my clients' data secured?
- What assurances do you have that our data and our client's data are completely secure?
- Are GruntWorx products IRC Section 7216 compliant?
- How long are my organized PDF's kept on your servers/available to me on my online account?
- What happens if I forget my password?
- What if I forget the email address that I signed up with?
- Is all the data stored in the U.S.? Can it be accessed by people or computers outside of the U.S.?
- How can I make sure that I am adhering to Section 54.1 of the California Board of Accountancy Regulations when using GruntWorx products?
Your Data Security
- How is my clients' data secured?
We have engineered our systems to achieve the highest levels of accuracy and security. All communications between your computers and our servers are secured with the same technology used in electronic filing and electronic banking (128-bit SSL/Secure Sockets Layer encryption). Copanion uses VeriSign's SSL Certificate with Extended Validation (EV) and server-gated cryptography (SGC), the most secure option for SSL with the highest authentication and the strongest encryption. VeriSign is the Internet's oldest and largest security provider (verisign.com). Our servers are hosted at SAS 70 Type II compliant NaviSite data centers in the United States. Audited NaviSite operational controls and procedures include physical security; logical authentication; security monitoring; systems, environmental and problem management; and system backup. The NaviSite data center has delivered virtually 100% uptime since it opened in 1998 (navisite.com).
- What assurances do you have that our data and our client's data are completely secure?
Document security and data privacy are paramount to the success of our business. Our industry-leading safeguards provide the best possible assurance of the security of all data.
Our software runs on servers that are hosted at SAS 70 Type II compliant NaviSite data centers in the United States (www.navisite.com). All communications between your computers and our servers are secured with the same technology used in electronic filing and electronic banking (128-bit SSL/Secure Sockets layer encryption). We use VeriSign's SSL Certificate with Extended Validation and server-gated cryptography, which is the most secure SSL option with the highest authentication and the strongest encryption (www.verisign.com).
We will never contact nor solicit your clients for any reason. We will never sell or rent any information on their source documents. All your data is stored in the U.S., and is never accessible by anyone or any computer outside of the United States. Ever.
As noted in our Privacy Statement, client records may be viewed or accessed only for the purpose of resolving a problem, support issue, quality concern, suspected violation of Copanion's User Agreement, or as may be required by law. Select employees permitted to view this data have passed extensive background checks, are located in secure areas within our offices in the United States (accessible only via secure passkeys), are bound by stringent confidentiality agreements, and are fully insured.
Copanion's GruntWorx products are also IRC Section 7216-compliant. Tax Professionals using GruntWorx products in the preparation of a return are not required to have clients sign a written consent to use or disclose tax data. The use of the GruntWorx products is permitted as a tax preparer to tax preparer disclosure described in Treasury Regulations Section 301.7216-2(d)(1) since all of GruntWorx service providers are located in the United States and GruntWorx Populatevides an auxiliary service in connection with the preparation of tax returns that does not provide substantive determinations or advice affecting the tax liability reported by taxpayers.
We hope this gives you confidence that Copanion manages this sensitive data with the utmost care and integrity.
- Are GruntWorx products IRC Section 7216 compliant?
Yes. Tax Professionals using GruntWorx products in the preparation of a return are not required to have clients sign a written consent to use or disclose tax data. The use of the GruntWorx products is permitted as a tax preparer to tax preparer disclosure described in Treasury Regulations Section 301.7216-2(d)(1) since all of GruntWorx service providers are located in the United States and GruntWorx Populatevides an auxiliary service in connection with the preparation of tax returns that does not provide substantive determinations or advice affecting the tax liability reported by taxpayers.
- How long are my organized PDF's kept on your servers/available to me on my online account?
We will keep all data on our servers (unless you choose to delete them) until the end of the calendar year following the tax preparation period. For example, files uploaded on 2/15/09 will be available through 12/31/09, at which time the files will be deleted from our servers.
- What happens if I forget my password? How will you know it's me?
There is a "Forgot your password?" link on the login page of each GruntWorx Populateduct. Simply enter your email address on the "Forgot your password" page, and you will be sent an email to reset your password. Or you can send an email to support@copanion.com, and we'll be happy to reset your password for you! All you have to provide is the unique email address you signed up with.
- What if I forget the email address that I signed up with?
You'll need to remember the email address you signed up with, as that is one of our security measures. We cannot reset any passwords without the correct username (which is the email address you signed up with), and if you forget it, you'll need to sign up with a whole new account on a new email address.
- Is all the data stored in the U.S.? Can it be accessed by people or computers outside of the U.S.?
All your data is stored in the U.S., and is never accessible by anyone or any computer outside of the United States. Ever.
- How can I make sure that I am adhering to Section 54.1 of the California Board of Accountancy Regulations when using GruntWorx products?
Section 54.1 of the California Board of Accountancy Regulations requires informed consent of the client "through an engagement letter or in a separate consent agreement" before disclosing confidential information to an "external service provider" or an "external technician or software vendor in order to resolve software problems."
For Copanion to support products, resolve software issues, or sample returns to verify product quality, it may be necessary to access confidential information. Practitioners are advised to get client approvals in advance of needing such support by using engagement letters, a well known and widely recommended practice. This wording from the AICPA's sample language for engagement letters has been approved by the California Board of Accountancy as satisfying Section 54.1 requirements:
The firm may from time to time, and depending on the circumstances, use third-party service providers in serving your account. We may share confidential information about you with these service providers, but remain committed to maintaining the confidentiality and security of your information. Accordingly, we maintain internal policies, procedures and safeguards to protect the confidentiality of your personal information. In addition, we will secure confidentiality agreements with all service providers to maintain the confidentiality of your information and we will take reasonable precautions to determine that they have appropriate procedures in place to prevent the unauthorized release of your confidential information to others. Furthermore, the firm will remain responsible for the work provided by any such third-party service providers.
Live Phone Support:
1.877.830.6059 x3
8AM to 8PM EST
Monday-Friday
Weekend support is available
via email