Log inContact sales

ANHUR INC – Privacy Policy

Effective Date: [Insert Date]

Legal Contact: legal@anhurinc.com
Registered Entity: ANHUR INC, State of Texas, United States

1. Introduction and Scope

This Privacy Policy governs the collection, use, storage, disclosure, and transmission of Personal Information, including Personally Identifiable Information (PII), financial account data, employment records, uploaded documents, behavioral analytics, and other sensitive or regulated data.

1.1 Services Covered

  • Payroll and Bookkeeping: Payroll submission and automation systems, bookkeeping and bank statement categorization engines.
  • Bank Integrations: Bank connection and direct deposit integrations via Plaid, Teller.io, or others.
  • Other Services: Embedded forms, data intake workflows, document upload tools, recurring billing portals, cloud-hosted dashboards, and secure document storage services.

1.2 Agreement

  • User Consent: By accessing or using any part of the Services, you acknowledge that you have read, understood, and agree to be bound by this Policy. If you do not agree, you must cease use of all ANHUR systems immediately.

2. Right to Modify, Suspend, or Replace This Policy

ANHUR INC reserves the right to modify, amend, update, suspend, or replace this Policy at any time without notice for reasons including compliance with laws, regulatory requirements, operational changes, new partnerships, or security best practices.

2.1 Effective Date

  • Immediate Effect: Changes are effective immediately upon publication, and continued use constitutes acceptance.

3. Categories and Sources of Information Collected

3.1 Categories of Information

  • Personally Identifiable Information (PII): Full legal name, date of birth, Social Security Number, mailing address, email address, phone number, government-issued IDs (e.g., driver's license or passport).
  • Financial and Payment Information: Bank account and routing numbers, direct deposit setup details, W-2 and 1099 records, transaction metadata, balances, income verification documents, payment method tokens, credit/debit card information, voided checks.
  • Employment and Tax-Related Information: Employer Identification Number (EIN), job title, wage classification, dependent claims, state withholding elections, payroll period data, tax filing history or preferences.
  • Uploaded Documents: Files, scanned records, tax forms, bank statements, legal documentation, photos, invoices, written entries.
  • Device and Usage Information: IP address, browser type, operating system, time zone, device identifiers, geolocation (when permitted), page access logs, session duration, error logs, keystroke timing, interaction patterns, click behavior, mouse movements.
  • Derived or Aggregated Data: Anonymized or pseudonymized data sets derived from Personal Information, used for operational improvement, algorithmic training, and internal benchmarking.

3.2 Sources of Information

  • Direct Submission: Collected through web forms, applications, or file uploads.
  • Third-Party Partners: Received from partners like Plaid, Teller.io, Twilio, Plivo, Stripe, or bank processors.
  • Other Sources: Email or SMS-based communications, embedded intake forms, secure eSignature portals, publicly available government or commercial databases (where permitted by law).

3.3 Lawful Basis

  • Legal Grounds: Performance of a contract, compliance with legal obligations (e.g., IRS reporting, FinCEN registration), legitimate interests (e.g., fraud prevention, product improvement, billing efficiency), consent (where required for marketing or sensitive data).

4. Use of Information and Legal Purposes

4.1 Primary Uses

  • Service Facilitation: Facilitate payroll processing, tax, and financial records; calculate wages, deductions, and benefits; transmit tax returns; synchronize bank accounts.
  • Compliance Checks: Perform compliance checks under FinCEN MSB rules, AML, KYC, and KYB obligations.
  • Platform Improvement: Improve platform usability, conduct error analysis, enhance security features, and train internal models using anonymized/aggregated data.

4.2 Tax Filing Services

  • Service Description: Access to tax filing services through affiliated or contracted entities, including licensed providers and authorized filing agents.
  • Liability Disclaimer: ANHUR INC disclaims liability for inaccuracies, omissions, or penalties in tax returns. Clients are responsible for reviewing accuracy. ANHUR INC is not responsible for delays or rejections due to client submission errors, unreported income, incorrect dependent data, or uncommunicated changes in filing status.

4.3 Payroll Processing

  • Service Description: Provides payroll calculation, reporting, and payment services as an agent.
  • Liability Disclaimer: Not liable for late payments, penalties, or interest assessed by tax authorities due to client's failure to fund payroll tax accounts on time, including failed ACH transactions, incorrect banking details, or account lockouts. ANHUR INC disclaims responsibility for errors due to inaccurate or incomplete client data.

4.4 Compliance with Law

  • Applicable Laws: Data handled in accordance with federal laws (e.g., GLBA, FCRA), state laws (e.g., TDPSA), and data security frameworks (e.g., SOC 2 Type II, ISO/IEC 27001).

5. Data Sharing and Third-Party Access

5.1 Processors and Subprocessors

  • Third-Party Vendors: Data processed by vendors like Plaid, Teller.io, Twilio, Plivo, payment gateways, and cloud providers (AWS, Azure, Google Cloud). Each processor is bound by contractual obligations to maintain data confidentiality and security.
  • Liability Disclaimer: ANHUR INC is not liable for data breaches or misuse by third-party processors unless directly caused by ANHUR INC's gross negligence or willful misconduct.

5.2 Insurance Referral Partners

  • Service Description: Access to health insurance quotes or premium estimates through partners like NEXT Insurance. ANHUR INC may receive referral commissions.
  • Disclaimer: ANHUR INC does not sell or underwrite insurance, is not a licensed insurance agency, and is not liable for underwriting decisions, premium changes, claim denials, or regulatory issues. Client data is transmitted only when required, and participation is voluntary.

5.3 Legal and Regulatory Disclosures

  • Disclosure Conditions: Disclosure to law enforcement or regulatory authorities as required by subpoena, warrant, court order, or to enforce ANHUR INC's rights, investigate violations, or prevent fraud.

5.4 No Sale of Personal Data

  • Policy: ANHUR INC does not sell, license, lease, or exchange Personal Information for monetary or other consideration.

6. Data Retention and Storage

6.1 Retention Period

  • Retention Purpose: Personal Information, records, documents, communication logs, transaction metadata, employment records, tax documents, and payroll reports are retained indefinitely to maintain regulatory audit trails, reproduce prior filings, support customer service, dispute resolution, account reactivation, and comply with IRS, FinCEN, state labor agency, or Texas Comptroller recordkeeping requirements. Retention may exceed ten (10) years where necessary.

6.2 Storage Locations

  • Data Centers: Stored in secure data centers in Texas, Virginia, Ohio (United States), and Italy, Estonia (Europe), maintained under SOC 2 Type II, ISO 27001, and other industry standards.

6.3 Cross-Border Data Transfers

  • Transfer Policy: Data may be transferred to servers outside your jurisdiction, including the United States or European Union, using Standard Contractual Clauses (SCCs), Data Processing Agreements (DPAs), and security protocols aligned with NIST and ISO frameworks.

6.4 Data Deletion Requests

  • Request Process: Clients may request deletion of Personal Information, subject to verification. Deletion does not apply to data required for legal retention (e.g., IRS, FinCEN). Data may remain in backup systems for up to 180 days. ANHUR INC responds to requests within 30 business days unless prohibited.

7. Security Measures

7.1 Security Overview

  • Security Measures: ANHUR INC implements a comprehensive data security program to protect Personal Information against unauthorized access, disclosure, alteration, destruction, and misuse.

7.2 Third-Party Security Standards

  • Vendor Requirements: All third-party vendors and subprocessors are contractually required to maintain commercially reasonable safeguards consistent with ISO/IEC 27001, SOC 2 Type II, and to notify ANHUR INC of any security incidents involving client data.

7.3 Breach Responsibility and Indemnification

  • Liability Disclaimer: ANHUR INC is not liable for breaches, leaks, or compromises by third-party providers (e.g., Plaid, Teller.io, banks) unless caused by ANHUR INC's gross negligence or willful misconduct. Clients indemnify ANHUR INC for breaches due to malicious code, phishing, or client-side issues.

7.4 Audits and Monitoring

  • Audit Process: ANHUR INC conducts periodic security audits, penetration tests, and system assessments by internal or external parties to detect unusual activity, failed authentication attempts, or policy violations.

8. Cookies, Marketing, and Communications Preferences

8.1 Use of Cookies and Tracking Technologies

  • Purpose: Cookies, scripts, pixels, beacons, and tags are used for session management, authentication, user experience customization, performance analytics, tracking user behavior, and marketing attribution.
  • Consent: By using the Services, you consent to Cookies unless you opt out via browser settings. Disabling cookies may impair functionality.

8.2 Marketing Communications

  • Purpose: Emails, SMS, or other communications for service announcements, platform enhancements, promotions, third-party offers (e.g., insurance referrals), and required notifications.
  • Opt-Out: Opt out via unsubscribe links, user dashboard, or by contacting legal@anhurinc.com. Opting out does not affect essential or legally required communications.

8.3 Third-Party Campaigns

  • Policy: ANHUR INC may facilitate promotional offers from third parties. No Personal Information is sold, and data sharing is under strict confidentiality. ANHUR INC is not liable for third-party offer outcomes.

9. Children's Data, Your Rights, and Miscellaneous Provisions

9.1 Children's Data

  • Policy: ANHUR INC does not knowingly collect data from individuals under 13 without verified parental consent. Minor data submitted by parents or guardians is processed only as necessary. ANHUR INC is not liable for unauthorized minor data submissions and will delete such data if detected, unless legally required to retain.

9.2 Your Rights and Controls

  • Rights Description: Subject to laws (e.g., GLBA, CCPA, CPRA, TDPSA), you may request access, correction, deletion, or restriction of your Personal Information, or submit a complaint to a regulatory authority. Contact legal@anhurinc.com to exercise these rights.

9.3 Compliance Statements

  • Applicable Regulations: ANHUR INC complies with GLBA, CCPA, CPRA, TDPSA, SOC 2 Type II, ISO/IEC 27001, and uses Data Processing Agreements and model clauses for global data privacy compliance.

10. Policy Changes and Miscellaneous

10.1 Changes to This Policy

  • Policy: This Privacy Policy may be amended, revised, or replaced without notice at ANHUR INC's discretion. Changes are effective immediately upon posting, and continued use constitutes acceptance. Users are responsible for reviewing updates.

10.2 Miscellaneous

  • Entire Agreement: This Privacy Policy constitutes the entire understanding regarding the treatment of Personal Information and supersedes prior policies.
  • Conflict with Terms: In case of conflict with ANHUR INC Terms of Use, the Terms of Use govern.
  • Governing Law: This Policy is governed by the laws of Texas, with exclusive jurisdiction in Harris County, Texas.