Privacy Policy

Effective Date October 29, 2024

About This Policy

This policy provides notice of our information collection and use practices by DAVID OESTERLE PLLC dba ProfitWise CPA, and its affiliates (together,” “us,” or “we”). It applies to information that we collect from you when you interact with us. This applies to both online and offline information collection, including your use of any websites or subdomains operated by us. Your use of this platform indicates you agree to our collection, use, and disclosure of your information as described in this Privacy Policy.

Could DAVID OESTERLE PLLC Have Your Information?

DAVID OESTERLE PLLC connects with individuals for many different reasons. Those interactions may result in us directly or indirectly gaining access to information about you. By identifying the category or categories of your relationship with DAVID OESTERLE PLLC, set out below, you will be able to easily understand what categories of information we may collect about you, our purpose for collecting your information, and whether we share your information with others.

Employment

  • As a Principal or Partner
  • As an Employee
  • As a Contractor or Intern As an Applicant or Prospective Applicant for employment at DAVID OESTERLE PLLC
  • As a result of a DAVID OESTERLE PLLC Employee or Applicant’s disclosure (for instance, emergency contact, tax dependent, reference)

Our Clients

  • As an Individual Client of DAVID OESTERLE PLLC
  • As an Employee of a Corporate Client of DAVID OESTERLE PLLC
  • As a result of an interaction you had with a DAVID OESTERLE PLLC Client

General Public Interactions

  • As a visitor to DAVID OESTERLE PLLC websites
  • As a participant at a DAVID OESTERLE PLLC event, training program, or conference
  • As a participant or guest at a DAVID OESTERLE PLLC hosted public event

Categories of Information We Collect

Depending on your relationship with DAVID OESTERLE PLLC, we may collect specific categories of information about you. Below is a description of these categories, each followed by a list of the relationship group(s) (i.e., the groups noted above) with respect to which we may collect that category of information.

Personal Identifiers and Demographic Information

This includes state and federally protected classes of individual information, contact information such as your name, phone number, and email, and other types of general information that may be used to identify you.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions
  • Location Data

This category include things like your city, state, country and time zone. Although not often collected by DAVID OESTERLE PLLC location data may also include the global latitude and longitude of your location.

Client Relationship Information

This includes information that we may request from you or you may choose to provide for our records about you as a client and the services we provide you. This may include things such as your business contact information, your background/history, services you have obtained from us, unique identification numbers associated with you, and other information our client servers may gather about you to serve you better, such as family members’ names.

  • Our Clients

Health Information

The types of information in this category may include dietary or allergy restrictions, disabilities, items related to your insurance or insurance claims, information found in medical charts such as date of admittance, diagnosis and prescriptions, and other health information.

Our access to your health information most often comes from dietary and allergy restrictions you provide us when you attend a catered event. Additionally, your health information may be provided to us either directly from you, your employer or in connection with a client as part of providing tax, audit or consulting services where required for the services provided (such as an audit of hospital billing records).  We also have health information related to our employees’ use of our insurance plan.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions

Biometric & Bodily Information

Not to be confused with Health Information, this category refers to types of information such as DNA, photographs, audio/visual recordings, and various bodily scans like facial or fingerprint scans. It also includes sensory information that may be used to identify you.

We have a limited amount of Biometric & Bodily Information. We may have photographs either provided by you or for security purposes and building access. Additionally, we have audio/visual recordings for training and conference events, and at your choosing, you may provide us with fingerprint and facial scans to access certain physical or electronic environments or to showcase innovative technologies we may offer as your service provider.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions

Internet or Network Activities

This category includes information we gather when you interact with our websites or systems, such as IP (internet protocol) address, search history, completion of web forms, session IDs, as well as other site usage information gathered through cookies hosted on our website. Our Cookie Policy will provide you with more information about our cookies and how we use them to enhance your experience and better serve you.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions

Location Data

This category include things like your city, state, country and time zone. Although not often collected by RSM, location data may also include the global latitude and longitude of your location.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions

Employment Information

This category includes any information related to your previous and current employment. This includes your employer, compensation, title, and information found on W2s and other similar types of tax documents. Additionally, we may have information for direct deposits, information contained in your resume and cover letter, IDs for company-issued equipment, and any information related to your application or employment at DAVID OESTERLE PLLC.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions

Education Information

This category includes information such as where you attended school, degrees you obtained, areas of study, graduation date, scholarships awarded, school email and grade point average (GPA). Usually, we have this information because you applied for a position with PROFITWISE CPA or you otherwise provided the information directly to us. Occasionally, we provide audit services to educational institutions where we may have access to your educational information.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions

Internal Corporate Information

This category refers to the information that DAVID OESTERLE PLLC may have in the course of performing our internal business and financial operations. This may include information about our Service Providers and 3rd Party vendors’ employees, business contacts including billing contacts, address and location, and services provided.

  • DAVID OESTERLE PLLC Corporate Relationship

Inference Data

Inference data refers to any assumptions, conclusions and assertions we may come to about someone, such as predispositions, preferences, risk level and risk tolerance, and abilities and characteristics. These inferences are based on information from the above categories.

  • Employment
  • Our Clients
  • DAVID OESTERLE PLLC Corporate Relationship
  • General Public Interactions

Business Purposes for Information Use

Keeping in mind your relationship with DAVID OESTERLE PLLC and the categories of information we collect based on that relationship,

We may use your categories of information for Business Development, Marketing and Event Management. This business purpose includes activities like and similar to:

  • Lead Generation
  • Travel and Expense Reporting
  • Marketing campaigns by mail or email or through our website
  • Hosting internal conferences and training for Clients and Employees
  • Hosting and sponsoring external events for our employees, clients, and the general public

We may use your categories of information to Provide Our Clients with Services. This business purpose includes activities like and similar to:

  • Client Services & Invoicing
  • User Registration & Access Rights Monitoring
  • Tax Preparation & Filings
  • Outsourced Business Services

We may use your categories of information so we can Manage our Client Relationship with You. This business purpose includes activities like and similar to:

  • Event Management & Registration
  • Client On-/Off-boarding & Communication Outreach
  • Physical Building Access to DAVID OESTERLE PLLC offices
  • Credit Review and Background Screening
  • Contract Engagement, Engagement Letters, and Other Contractual Obligations

We may use your categories of information to Comply with DAVID OESTERLE PLLC’s Legal, Professional and Regulatory Obligations. This business purpose includes activities like and similar to:

  • Data Subject Access Request Processing
  • Background Screenings
  • Data Loss Prevention and Security Monitoring
  • Professional Certifications and Ethical Compliance
  • Payroll Processing, Reporting, and Administration
  • Personnel and Incident Investigations & Litigation Matters
  • Regulatory & Government Compliance Matters
  • Government Requests and Subpoena Responses
  • Corporate Insurance Management

We may use your categories of information to ensure we are Fulfilling Our Obligations to Our Employees as their Employer. This business purpose includes activities like and similar to:

  • Credit Review and Background Screening
  • Services for Alumni Partners and Principals
  • Employee Insurance, Benefits, and Leaves of Absence
  • Personnel Compensation, Travel, and Expense Reporting & Reimbursement
  • Employee Management, Lifecycle & Records

We may use your categories of information to ensure the Physical and Electronic Security of PROFITWISE CPA. This business purpose includes activities like and similar to:

  • Mobile Device Management System
  • Network Monitoring & Online Intrusion Detection
  • Physical, Technical, and Administrative Security Reviews
  • Digital User Registration & Access Monitoring
  • Video Surveillance & Building Access Monitoring

We may use your categories of information as part of our process for Manage our Service Providers and 3rd Party Vendors. This business purpose includes activities like and similar to:

  • Order Processing
  • Vendor Payment Reconciliation
  • Accounts Receivable & Payable Processing
  • Vendor Assessments & Security Evaluations
  • Vendor Agreement negotiations, executions, and implementations

We may use your categories of information to Perform our Internal Business Operations. This business purpose includes activities like and similar to:

  • Real Estate Management & Development
  • Strategic Enhancements & New Service Development
  • Building, Office and Day to Day Business Operations
  • Systems Implementation & Support Services
  • Insurance, Tax, and Payroll Preparation & Filing

Please note, we use all categories as otherwise permitted by law or as we may notify you. If your consent is required by law, we will obtain your consent prior to the use and/or collection of your information.

Our Sources of Information & How We Collect Information

We collect categories of information in a few different ways.

You or Your Legal Representative / Authorized Agent is our main source when collecting your information in all of the categories above.  We collect your information through a variety of different methods:

  • Emails
  • In Person
  • Over the Phone
  • Employment Applications
  • Electronic Files (e.g. pdfs, word docs, ppt.)
  • Scholarship Applications
  • Charitable Contributions
  • Event Registration Forms
  • Web Forms, including Data Subject Access Requests
  • Paper Documents

Our Clients are another source for collecting your information in all of the categories above. We collect your information through several different methods:

  • Emails
  • In Person
  • Over the Phone
  • Workspace Collaboration Sites
  • Electronic Files (e.g. pdfs, word docs, ppt.)
  • Integrations, APIs, File Transfer Sites.
  • Database and Data Warehouse Access
  • Event Registration Forms
  • Paper Documents

Our Website Cookies and your interaction with our website is an additional source for collecting your information for four of the categories above: Personal Identifiers and Demographic InformationInternet or Network ActivitiesLocation Data, and Inference Data. We collect your information through a few different methods:

  • Pixels
  • Tags
  • Tracking Cookies
  • Marketing Cookies
  • Analytic Cookies

Our Cookie Policy will provide you with more information about our cookies and how we use them to enhance your experience and better serve you.

Our Business Partnerships, Service Providers & 3rd Party Vendors are another source for collecting your information in all of the categories above. We collect your information through several different methods:

  • Email
  • In Person
  • Over the Phone
  • Event Sponsorship Forms & Rosters
  • Contracts, including Service Agreements and Statements of Work
  • Web Forms
  • User Account Portals
  • Electronic Files (e.g. pdfs, word docs, ppt.)
  • Paper Documents
  • Integrations, APIs, File Transfer Sites

Educational Institutes, Professional & Government Licensing Groups and your interaction with these groups is an additional source for collecting your information for six of the categories above: Personal Identifiers and Demographic InformationBiometric Bodily InformationLocation DataEmployment Information, Educational Information, and Inference Data. We collect your information through a few different methods:

  • Email
  • In Person
  • Over the Phone
  • User Account Portals
  • Paper Documents
  • Web Forms
  • Electronic Files (e.g. pdfs, word docs, ppt.)

Publicly Available Sources another source for collecting your information for six of the categories above: Personal Identifiers and Demographic InformationClient Relationship InformationBiometric Bodily InformationLocation DataEmployment InformationEducational Information and Inference Data. We collect your information through a few different methods:

  • Social Media
  • Websites (such as professional networking sites & online searches)
  • Online Professional Forums
  • Magazine, Newspaper, Blogs, and Other Reporting Media
  • White Papers and Other Peer Review Publications

 

We Combine Information

We combine information we collect from you on the website with information we receive from you in person, by email, or by other forms of communication. We also combine information you provide with information we obtain from third parties, service providers, and our affiliates.

When We Share Information with Others

On an as needed and case by case basis, we may share all categories of information above with third parties, service providers, and others as described here:

We share information with our affiliates.

This includes current and future affiliates and other related. We will share this information for our business purposes, business and service development and enhancement strategies, and to otherwise engage in the activities described in this Privacy Policy.

We share information with vendors and service providers. We share personal information with vendors who provide services to us. Refer to the above chart, Categories of Information We Collect, to see the types of information that may be relevant to you.

Our Service Providers are categorized in at least one of the following categories based on the services they provide DAVID OESTERLE PLLC:

  • Business & Finance Operational Services (such as travel reimbursement, payroll processing, recruitment, AR/AP processing, or other similar services)
  • Legal, Compliance and Advisory Services (such as  attorneys, financial advisors, external consultants, or other similar services)
  • Education & Professional Development Services (such as training, professional licensing, continuing professional education or other similar services)
  • Telecommunication & Mobile Services (such as telephone systems and inter office messaging services)
  • Network, Datacenters & Infrastructure Services (such as internet, intranet, email, software and system architecture)
  • Marketing, Events & Communication Services (such as hosted events, hotel & catering services, sporting events, newsletters, email marketing and other similar services)

We share information with government and regulatory authorities. We share information with government and regulatory authorities in the course of providing services to you, such as preparation of tax returns.

We share information if we must in order to comply with law or to protect our legal interests. We may share information we collect about you to respond to a court order or subpoena. We may share information in response to a government agency or investigatory body request. This may include sharing information with the US or Canadian government. We may share information if necessary to prevent physical harm or financial loss. We may share information we collect when we are investigating potential fraud or other illegal activity.

We share information with any successor to all or part of our business. If all or part of our business is sold, we will share information as a part of that transaction.  If there is a merger or acquisition, we will also share your information. We will also share information as part of a financing or bankruptcy.

We share information as permitted by law and for other reasons we may describe to you.

You Have Certain Choices

We provide you with the following options about how we use information:

Everyone

You can opt out of receiving our emails. You can change your mind if you signed up to receive email newsletters, alerts or other marketing emails. To unsubscribe, click the link located at the bottom of our marketing emails.  If you opt out of receiving marketing messages, you will still get non-marketing messages. If you object to our use of your information for direct marketing purposes, please email us at DataPrivacy@ProfitWiseCPA.com

You can control cookies and tracking tools. Click here to learn more about how we use cookies and other tracking tools.

We Use Reasonable Security Measures

We use standard and reasonable security measures. The Internet is not 100% secure. We cannot promise that your use of our sites or apps will be completely safe. We encourage you to use caution when using the Internet.

We keep personal information as long as it is legally required, necessary or relevant for the practices described in this Privacy Policy, including the purpose for which we originally collected your information.

Where We Store Information

You understand and agree that we may transfer, process and store your information to the US, Canada, India, the United Kingdom, or other countries. Our affiliates or other third party service providers may also transfer, process, or store your information in the US or other countries. Our sites and businesses are subject to US laws, which may not afford the same level of protection as those in your country.

Third Party Links and Tools

We may link to other sites or apps or have third party services on our platforms that we do not control. If you click on a third party link, you will be taken to a platform we do not control. This policy does not apply to the privacy practices of that website or platform. Read other companies’ privacy policies carefully. We are not responsible for these third parties. Our site may also serve third party content that contains their own cookies or tracking technologies. We do not control the use of those technologies.

Information Collection from Children

Our sites and apps are meant for adults. We do not knowingly collect personally identifiable information from children under 13 without permission from a parent or guardian. If you are a parent or legal guardian and think your child has given us information, you can email or write to us. Use the address information in the contact us section below.

We May Update this Policy

From time to time we may change our privacy policies. We will notify you of any material changes to our Policy as required by law. We will also post an updated copy on our website. Please check our site periodically for updates.