1.Who we are
Y Assurance PLLC (the “Firm,” “we,” “us,” or “our”) is a CPA firm licensed by the Texas State Board of Public Accountancy. The Firm owns and operates the Chiaro website and service (collectively, the “Service” or “Chiaro”).
This Privacy Policy applies to information collected through chiarohq.com and the Service. Information collected in the course of an audit or advisory engagement is governed by the engagement letter between you and the Firm.
Contact: privacy@chiarohq.com.
2.What we collect
Contact information. When you contact us, request a meeting, or submit a form on chiarohq.com, we collect your name, email address, company, and any details you choose to share.
Account and access data. If you connect to the Service, we collect the access token associated with your account and logs of which actions you call.
Usage telemetry. Service activity, timestamps, request and response sizes, and error logs. We use this to monitor the Service and diagnose issues.
Website analytics. Standard server logs (IP address, user agent, referrer, pages visited) when you browse chiarohq.com.
3.How we use this information
- To provide access to the Service
- To monitor Service performance and fix bugs
- To communicate with you about your account, request, or meeting
- To understand how people use chiarohq.com
- To meet our legal and professional obligations
We do not sell your data. We do not use contact information or telemetry for third-party advertising.
4.Where data lives
Information described in this policy is stored on infrastructure operated by Supabase, Railway, and Vercel, located in the United States. Access is restricted to Firm personnel.
5.Who has access
- Firm personnel with a legitimate operational need
- Supabase (as our data processor for storage)
- Railway and Vercel (as our infrastructure providers)
- Email and communications providers used to respond to your request
Each provider is bound by its standard data processing terms. We do not share your data with advertisers, data brokers, or unrelated third parties.
6.How long we keep data
Contact information, account records, and product telemetry are retained for as long as they remain useful for the purposes described in Section 3, then purged.
Records maintained as part of an audit or advisory engagement are retained as set out in the engagement letter and as required by applicable professional standards (including AICPA workpaper retention requirements). These professional retention requirements may exceed the timeframes that would otherwise apply under this policy or under data-rights requests described in Section 7.
7.Your rights
If you are in California, the European Union, the United Kingdom, or another jurisdiction that grants you data rights, you have the right to:
- Access the data we hold about you
- Correct inaccurate data
- Delete data (subject to legal and professional retention obligations described in Section 6)
- Port your data to another provider
- Object to certain processing
Email privacy@chiarohq.com to exercise any of these rights. We respond within 30 days.
8.Cookies
chiarohq.com uses only essential cookies required for functionality. We do not use advertising cookies, and we do not embed third-party trackers.
9.International users
If you access chiarohq.com or the Service from outside the United States, information about you will be transferred to and processed in the United States. By using the site or the Service, you consent to this transfer.
10.Children
The Service is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact privacy@chiarohq.com and we will delete it.
11.Changes to this policy
We may update this policy from time to time. The “Effective” date above reflects the most recent update. Material changes will be communicated by email where we have your address, or by notice on the Service.
12.Contact
Questions about privacy: privacy@chiarohq.com