Parks Projects NJ Privacy & Security Policy

1. Commitment to Security

Parks Projects NJ and Parks Projects Tax Resolution are committed to protecting the confidentiality, integrity, and availability of client data. We recognize that handling sensitive financial and tax information requires the highest standards of security. Our practices are designed to safeguard personal, business, and financial information from unauthorized access, disclosure, alteration, or destruction.

2. Data Collection & Storage

  • Minimal Data Collection: We only collect information necessary to provide services and meet compliance requirements.

  • Secure Storage: Client data is stored using encrypted systems compliant with IRS Publication 1075, Gramm-Leach-Bliley Act (GLBA), and industry best practices.

  • Access Control: Access to data is restricted to authorized staff on a need-to-know basis. All accounts are protected by role-based permissions and multi-factor authentication (MFA).

3. Website Security

  • Encryption: All web traffic is encrypted using SSL/TLS certificates (HTTPS).

  • Form Submissions: Contact and intake forms are protected with SSL encryption; uploaded documents are stored securely with restricted access.

  • Monitoring: The website is monitored for vulnerabilities, malware, and unauthorized access attempts.

  • Updates & Patches: CMS, plugins, and integrations are regularly updated to maintain the highest level of protection.

4. Data Transmission & Sharing

  • Encrypted Communication: All sensitive documents are transmitted using secure, encrypted channels.

  • Third-Party Providers: When third-party tools are used (e.g., payment processors, cloud storage, accounting platforms), we only work with vendors who maintain SOC 2, ISO 27001, or equivalent certifications.

  • No Unauthorized Sharing: Client data is never sold or shared with unauthorized third parties.

5. Internal Controls & Employee Responsibilities

  • Confidentiality Agreements: All staff and contractors must sign confidentiality and data security agreements.

  • Training: Employees undergo regular security and compliance training, including IRS requirements under the Annual Filing Season Program (AFSP).

  • Device Security: Company devices are password-protected, encrypted, and subject to automatic lockout policies.

  • Incident Response: Staff are trained to identify and report security incidents promptly.

6. Client Responsibilities

To maintain security, clients are expected to:

  • Submit documents only through approved secure channels.

  • Notify us immediately of suspicious activity or unauthorized communications claiming to be from Parks Projects NJ.

  • Maintain personal security measures, such as updated software and secure passwords.

7. Incident Response

In the event of a suspected or confirmed data breach:

  1. The incident will be contained and investigated immediately.

  2. Impacted systems will be isolated and assessed.

  3. Clients and regulatory bodies will be notified in accordance with applicable laws (e.g., IRS, FTC, state breach notification laws).

  4. Remediation steps will be taken to prevent recurrence.

8. Regulatory Compliance

Our security practices align with:

  • IRS Publication 1075 (Safeguarding Federal Tax Information)

  • Gramm-Leach-Bliley Act (GLBA) for financial institutions

  • FTC Safeguards Rule

  • State privacy and data protection requirements (New Jersey and applicable jurisdictions)

9. Policy Review & Updates

This Security Policy is reviewed annually and updated as necessary to reflect changes in laws, technology, and best practices.

10. Contact

For questions regarding this Security Policy or to report a concern:

  • Email: info@parksprojectsnj.com