Introduction
At Taxbordr - International Tax Advisors, Lda, we value your privacy. This Policy explains how we handle the data we collect from you via https://taxbordr.com, Gmail, Google Drive, paid intake forms, Stripe checkout, and the Taxbordr client portal. We comply with all applicable privacy legislation, which means:
We clearly state the purposes for processing personal data through this privacy statement.
We limit the collection of personal data to what is necessary for legitimate purposes.
We seek your explicit consent to process your data when required.
We implement appropriate security measures to protect your data and require the same from third parties processing data on our behalf.
We respect your right to access, correct, or delete your data whenever you'd like.
If you have any questions or wish to know what data we keep about you, please get in touch with us.
Purpose, Data, and Retention Period
We do not sell personal data.
Contact Through Phone, Mail, Email, WhatsApp, and Webforms Data: name, address, email, phone number, IP address, geolocation, professional or employment-related information, employment history, commercial information including records of products or services purchased, obtained, or considered, message content, attachments, form responses, meeting requests, and signature. Basis: Consent or legitimate interest. Retention: 12 months after service termination unless legal, tax, or professional obligations require longer.
Payments Data: name, billing address, email, phone number, tax identification or VAT details, payment amount, currency, payment status, Stripe checkout identifiers, receipt references, invoice or fatura details, and client country. Card details are handled by Stripe and do not pass through Taxbordr. Basis: Legal obligation. Retention: 12 months after service termination unless legal, tax, accounting, or chargeback obligations require longer.
Client Portal, Paid Intake, and Account Access Data: account status, paid access status, service selected, post-sale intake answers, uploaded file references, operational portal records, security logs, and access audit records. Basis: Contract performance, legitimate interest, or legal obligation. Retention: 12 months after service termination unless legal, tax, security, or professional obligations require longer.
Gmail, Google Drive, and Meetings Data: email correspondence, meeting recordings or transcripts when enabled, meeting summaries, Drive document metadata, and files shared with Taxbordr for service delivery. Basis: Contract performance or legitimate interest. Retention: 12 months after service termination unless legal, tax, or professional obligations require longer.
Newsletters Data: email. Basis: Consent. Retention: 12 months after service termination or until you unsubscribe.
Supporting Services or Products Data: name, address, email, phone number, professional or employment-related information, employment history, commercial information, education information, passport number, driver's license, signature, social security number, marital status, tax records, bank account information when needed for tax filings or refunds, and other information you provide for advisory or filing work. Basis: Legal obligation or contract performance. Retention: 12 months after service termination unless legal, tax, or professional obligations require longer.
Compiling and Analyzing Statistics for Website Improvement Data: internet activity information including page views, referral source, browser/device signals, and consented interaction signals used to improve the website. Basis: Consent. Retention: 12 months after service termination.
Offering Personalized Products and Services Data: geolocation, IP address, name, address, email, phone number, website interaction data, commercial information, professional or employment-related information, marital status, date of birth, signature, and service preferences. Basis: Consent or legitimate interest. Retention: 12 months after service termination.
Registering an Account Data: name, address, email, phone number, portal access status, and authentication metadata. Basis: Consent or contract performance. Retention: Until service termination unless security or legal obligations require longer.
We only share or disclose this data to processors for the following purposes:
Google Workspace (Ireland/USA): Gmail correspondence, Google Drive document storage, Google Meet, meeting transcripts or summaries when enabled, and operational collaboration
Google (Ireland/USA): Consented analytics and marketing services
Stripe (EU/USA): Hosted checkout, payment processing, payment status, receipts, and chargeback support. Card details are handled by Stripe and not by Taxbordr.
Cloudflare (USA/EU): Website hosting, Workers, D1 operational records, client portal delivery, security, and content delivery
Microsoft Clarity (USA/EU): Consented website analytics and session recording
Meta (USA): Marketing, WhatsApp messaging transition support, and conversion measurement
HubSpot (Ireland): Legacy CRM and WhatsApp transition records until decommissioning
TOConline (Portugal): Invoicing, accounting, and fatura support
Autoridade Tributaria e Aduaneira (Portugal): Legal obligation
Cookies
Our website uses cookies. For more information about cookies, please refer to our Cookie Policy.
Disclosure Practices
We disclose personal information if required by law, court order, or in response to a law enforcement agency, to the extent permitted under other law provisions, to provide information or for an investigation on a matter related to public safety.
Suppose our website or organization is taken over, sold, or involved in a merger or acquisition. In that case, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.
We have concluded a Data Processing Agreement (DPA) with Google. Google may not use the data for any other Google services, and we block the inclusion of full IP addresses.
Security
We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed. The security measures we use consist of the following:
Login security
DKIM, SPF, DMARC, and other specific DNS settings
(START)TLS/SSL/DANE encryption
HTTP Strict Transport Security and related security headers and browser policies
Website hardening/security features
Vulnerability detection
Third-party Websites
This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your data reliably or securely. We recommend that you read the privacy statements of these websites before you use them.
Amendments to this Privacy Policy
We reserve the right to amend this privacy statement. You should consult it regularly to be aware of any changes. We will also let you know whenever possible.
Accessing and Modifying Your Data
Please don't hesitate to contact us if you have any questions or want to know which personal data we have about you. You can contact us using the information below. You have the following rights:
Right to know: You have the right to know why your data is needed, what will happen to it, and how long it will be retained.
Right of access: You can access the data we know.
Right to rectification: You have the right to supplement, correct, delete, or block your personal data whenever you wish.
Right to withdraw consent: When processing is based on consent, you can withdraw that consent.
Right to object: You can object to the processing of your data, and we will comply unless there are justified grounds for processing.
To exercise these rights, please contact us using the details below. We may need to verify your identity before acting on a request.
Submitting a Complaint
If you are not satisfied with how we handle your personal data, you have the right to submit a complaint to the Portuguese data protection authority.
Information for Children
Our website and services are not intended to attract children and we do not knowingly collect personal data from children under the age of consent in their country of residence.
Contact Details
Taxbordr - International Tax Advisors, Lda Avenida da Liberdade 36, 2nd Floor, 1250-145 Lisbon, Portugal Portugal Website: https://taxbordr.com Email: info@taxbordr.com