Federal legislation, regulations, and International law require financial institutions (which includes CPA firms) to provide all of their clients with notice of the firm's privacy policies and practices. These laws prohibit us from disclosing non-public financial information about our clients to third parties, unless expressly authorized to do so. Furthermore, Internal Revenue Service regulations prohibit us from disclosing who our clients are without their written consent.
Because these regulations impose record keeping requirements on all entities subject thereto, we require specifically worded written authorization from our clients when they want us to share or discuss personal data with other parties. We hope it will not become too much of a burden when we request that such written authorization be completed and returned to us. This authorization form can be downloaded from our website or obtained from our office.
For our European clients, we adhere to the General Data Protection Regulation (GDPR) (EU) 2016/679. Please refer to the GDPR Data Protection Guide at the end of this letter for further details.
To best serve our clients, Herrick, Ltd. occasionally uses third-party providers in relation to engagements. Such third-party providers include consultations with attorneys, accountants, and other financial professionals regarding technical tax issues, as well as the use of independent contractors to provide computer services. The use of third-party providers does not in any way relieve our firm from our responsibilities with regard to professional competence, due professional care, and technical compliance. In addition, any such third-party relationships are covered through written confidentiality agreements (with the exception of attorneys where all information is already confidential due to attorney-client privilege) to ensure the privacy of our clients.
We have always treated the privacy and confidentiality of our clients with the utmost care and have placed on it great importance. Please feel free to contact us if you should have any further questions. Many thanks.
Herrick, Ltd. dba Herrick Global
GDPR Data Protection Guide
We take our responsibilities under the GDPR seriously. If you have any questions or concerns, please contact the Controller at the contact information provided below.
The responsible authority (“Controller”) for all personal data processed by us is
72 Main Street
Telephone (regular): 802-864-4514
Telephone (facsimile): 802-860-2210
In order to provide you with a more personalized and responsive service we need to remember and store information about how you use this Website. This is done using small text files called cookies. Cookies contain small amounts of information and are downloaded to your computer or other device by a server for this Website. Your web browser then sends these cookies back to this Website on each subsequent visit so that it can recognize you and remember things like your user preferences. You can find more detailed information about cookies and how they work at http://www.aboutcookies.org/.
How to control cookies
You can control acceptance of cookies by modifying your Internet browser preferences. You have the ability to accept all cookies, to be notified when a cookie is set or to reject all cookies. Please note that, if you choose to block all cookies (including essential cookies), you may not be able to access all or part of our site and may be unable to use those services or engage in activities that require the placement of cookies.
To disable cookies:
- If you are using Internet Explorer 8.0+:
- Go to "Tools" in the menu bar and then click on "Internet Options"
- Click on "Privacy" Tab on top
- Move the slider up to the "Block all the Cookies" setting
- If you are using Firefox 4.0+:
- Go to "Tools" in the menu bar
- Click on "Options"
- Click on "Privacy Tab"
- Enable the box that says "Tell websites I do not want to be tracked"
- If you are using Google Chrome:
- Go to "Tools Menu"
- Click on "Settings"
- Click on "Advanced Settings"
- Click on "Privacy/Content Settings"
- "Cookies" should be selected. Once done, select "Block third party cookies and site data"
- If you are using Safari 5.0:
- Choose Safari > Preferences and click "Security"
- In the "Accept Cookies" section, specify if and when Safari should accept cookies from websites. To see an explanation of the options, click the Help button (it looks like a question mark). If you have set Safari to block cookies, you may need to temporarily accept cookies to open a page. Repeat the above steps, selecting “Always”. When you’re done with the page, turn off cookies again and remove the page’s cookies.
For more detailed information on how to control cookies you may wish to visit www.allaboutcookies.org.
Note, however, that some or all of the Website’s functions may not be available when you disable cookies.
- If you are using Internet Explorer 8.0+:
The Website uses Google Analytics, a web analysis service of Google Inc., USA (“Google”).
Our legitimate interest in data processing also lies in these purposes. The legal basis for the use of Google Analytics within the European Union is Art. 6 para. 1 lit. (f) GDPR. The data sent by us and linked to cookies, user-identifiers (e.g. User-IDs), or advertising-identifiers are automatically deleted after 14 months. Data whose retention period has been reached is automatically deleted once a month.
The IP address transferred by your browser as part of Google Analytics will not be merged with other data from Google.
You can also prevent the transfer of data generated through cookies and relating to your use of the Website (including your IP address) to Google and the processing of this data by Google Analytics by downloading and installing a browser plug-in available from the following link: (http://tools.google.com/dlpage/gaoptout?hl=en). Opt-out cookies prevent the future collection of your data when you visit this Website.
More information about the conditions of use and data privacy can be found at https://support.google.com/analytics/answer/7124332?hl=en or https://www.google.de/intl/en/policies/.
If you send us a request via one of our Website Contact Forms, we process the provided data exclusively for answering your request. Within the European Union, the legal basis is to be found in Art. 6 para 1 lit (b) GDPR.
If you have agreed to receive our email newsletter, we will use the data you gave us in this context (generally: your name, your company, and your email address) exclusively for producing and sending the newsletter to you (legal basis within the European Union: Art. 6 para 1 lit (b) GDPR). You have the right to withdraw your consent at any time by regular mail, fax, or email.
Disclosure of information to third parties
We may provide your personal information to other members of our network in order to provide you with information that could be of interest to you and conduct market or other research. Your personal information may also be disclosed to members of our network and other third parties in order to respond to your requests or inquiries; as part of a corporate transaction (such as a sale, divestiture, reorganization, merger, or acquisition); or where those parties handle information on our behalf, such as for payment processing purposes.
Use and Retention
We collect and use your personal information with your consent to provide you with access to the Website, or where we have a legitimate business interest in, or other legal basis for, such collection and use. The personal information you submit to us may be used to manage our relationship with you, including any of your requests, or to customize or improve the Website and related services offered to you.
We retain personal information as necessary for the duration of the purpose outlined in this Privacy Statement. Notwithstanding the duration of the purpose, we may retain your information if necessary to comply with our legal or professional obligations, enforce our agreements, or resolve disputes.
9. Your Rights
For all personal data collected in Europe, you have, according to Art. 15-20 GDPR, the right to request access to and rectification, erasure of personal data, restriction of processing concerning the data and data portability, as well as the right to lodge a complaint with the supervisory authority.
If you choose to register on the Portal, you may access your user profile, correct and update your details, or unsubscribe at any time. If you have any problem accessing your profile or would like to request a copy of your profile, please contact us.
Under applicable law, you may have the right to access or obtain a copy of the personal information that we have collected about you, or to review, modify, delete, or to request that we stop processing such personal information. If you have any questions, please contact us.