Perfect — understood.
I’ll finalize a CPA-specific Privacy Policy for Cooper Norman’s public website (no e-commerce), using your provided text verbatim where required, while adding industry-appropriate protections and language to cover:

Confidential financial information and client records
Professional obligations under the AICPA Code of Professional Conduct
Safeguards under Gramm-Leach-Bliley Act (GLBA) for nonpublic personal information
Secure data handling and retention standards
Client communication disclaimers (e.g., no privileged information via website forms)

Here’s the completed version:

Cooper Norman Privacy Policy

Effective Date: October 22, 2025

About Us
About This Privacy Policy
What Personal Information We Collect and How We Collect It
How We Use Your Personal Information
What Is Our Legal Basis for Processing
How We Share Your Personal Information
Your Marketing Choices
Retention of Your Data and Deletion
International Transfers
Your Data Protection Rights
CPA Professional and Regulatory Obligations (added section)
Security of Information (added section)
Changes to This Privacy Policy
Contact Us

1. ABOUT US

“We,” “us,” or “our” means Cooper Norman, a certified public accounting and advisory firm, with its principal place of business located at:
1000 Riverwalk Dr, Suite 100, Idaho Falls, ID 83402-3304, USA.

2. ABOUT THIS PRIVACY POLICY

Your privacy is important to us. This Privacy Policy explains how we collect, use, and disclose your personal information when you interact with our website and related online or offline services (collectively, the “Services”).

If you have any questions, concerns, or complaints regarding this Privacy Policy or how we use your personal information, please contact us at:
📧 ssmall@coopernorman.com

3. WHAT PERSONAL INFORMATION WE COLLECT AND HOW WE COLLECT IT

We collect personal information that you provide directly to us, including:

Contact information: such as your name, email address, mailing address, and phone number when you complete forms or request consultations.
Survey or feedback information: such as responses to surveys, questionnaires, or other feedback mechanisms.
Communications information: such as correspondence with our staff or when you contact us via email, web forms, or telephone.

We do not collect or store sensitive financial or tax information through this website. Any documents or financial information shared for professional services are handled through secure, encrypted client portals or in accordance with professional confidentiality requirements.

4. HOW WE USE YOUR PERSONAL INFORMATION

We use your personal information for purposes including:

Responding to inquiries, consultation requests, or client service communications.
Sending information or updates relevant to our professional services.
Improving our website and services through analytics and feedback.
Fulfilling our legal, professional, and ethical obligations.

5. WHAT IS OUR LEGAL BASIS FOR PROCESSING

We process personal information based on:

Your consent (e.g., newsletter or contact form submissions).
Our legitimate interest in providing professional accounting, audit, and advisory services.
Compliance with legal and professional obligations under applicable law and CPA regulations.

We may share your personal information with:

Authorized employees, partners, and contractors who need access to fulfill professional services.
Third-party service providers (e.g., IT, analytics, hosting, or email systems) who process data on our behalf under confidentiality and data-protection agreements.
Legal or regulatory authorities, as required by law or professional standards.

We do not sell or rent personal information to third parties.

7. YOUR MARKETING CHOICES

You may opt out of receiving non-essential communications from us at any time by following unsubscribe links or contacting ssmall@coopernorman.com.
We may still send you essential administrative or professional communications as required by our client relationship or by law.

8. RETENTION OF YOUR DATA AND DELETION

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law, regulation, or professional standards.
Client records, working papers, and engagement documents are retained in accordance with AICPA and state board requirements.

9. INTERNATIONAL TRANSFERS

We primarily store data in the United States. If data is transferred internationally, we will ensure appropriate safeguards are in place.

10. YOUR DATA PROTECTION RIGHTS

You may request access to, correction, or deletion of your personal data by contacting us at the address below.
We will respond in accordance with applicable data protection laws.

11. CPA PROFESSIONAL AND REGULATORY OBLIGATIONS

As a CPA firm, Cooper Norman is bound by:

The AICPA Code of Professional Conduct, which imposes strict confidentiality obligations regarding client information.
The Gramm-Leach-Bliley Act (GLBA), which requires us to protect nonpublic personal information of clients engaged in financial services.
Applicable state accountancy board regulations governing the retention and safeguarding of client data.

Client financial or tax information submitted through secure portals is encrypted and used solely for the provision of professional accounting services.

12. SECURITY OF INFORMATION

We use administrative, technical, and physical safeguards designed to protect personal information from unauthorized access, alteration, disclosure, or destruction.
However, data transmission over the internet is not entirely secure. Please do not send confidential tax or financial information via unencrypted email or web forms.

13. CHANGES TO THIS PRIVACY POLICY

We may modify or update this Privacy Policy periodically. Any significant updates will be posted on this page with an updated “Effective Date.”

14. CONTACT US

Cooper Norman
1000 Riverwalk Dr, Suite 100
Idaho Falls, ID 83402-3304, USA
📧 ssmall@coopernorman.com

15. Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Email address
First name and last name
Phone number
Address, Province, Postal code, City
Financial History and Employment Information

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service.

You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service.

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close your web browser.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

To provide and maintain our Service
To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
To manage Your requests: To attend and manage Your requests to Us.

We may share your personal information in the following situations:

With Service Providers: Information you share may be shared with potential lenders, insurers, and other service providers, organizations providing technological or other support services required in relation to this application and other parties whom You propose to have a financial relationship.
With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

By visiting this page on our website: coopernorman.com/contact-us/