Privacy and Data Usage Policy

Last Updated 3. June 2026 This policy reflects our commitment to responsible data stewardship, transparency, and maintaining trust with all stakeholders. This policy describes how Toepfer & Associates, PLLC (“Company,” “we,” “us,” or “our”) collects, uses, shares, and protects personal data in compliance with applicable U.S. federal laws and recognized data protection principles, including lawfulness, fairness, and transparency. This policy applies to all users, customers, employees, and partners whose personal data we process. We adhere to the following principles: Lawfulness, Fairness, and Transparency. Personal data is processed only for legitimate purposes, in a fair manner, and with clear notice to individuals about how their data is used. Purpose Limitation: Data is collected for specified, explicit purposes and not used in ways incompatible with those purposes. Data Minimization: Only the minimum data necessary for the intended purpose is collected and processed. Accuracy: We take reasonable steps to ensure data is accurate and kept up to date. Storage Limitation: Personal data is retained only for as long as necessary to fulfill its intended purpose or meet legal obligations. Integrity and Confidentiality: We apply appropriate technical and organizational safeguards to protect data from unauthorized access, loss, or misuse. We may collect personal data through: direct interactions (e.g., account registration, forms, contracts), automated technologies (e.g., cookies, analytics tools), and third-party sources (e.g., business partners, service providers). The types of data collected may include name, contact information, IP address, device identifiers, usage data, and transaction details. Use of Personal Data: We process personal data to provide and improve our services, fulfill contractual obligations, communicate with users and respond to inquiries, ensure system security and prevent fraud, and comply with legal and regulatory requirements. We use tracking technologies (including Google tracking). We use cookies and similar tracking technologies, including Google Analytics and related Google services, to: analyze website traffic and user behavior, improve service performance and user experience, and support security and fraud detection. Google services may collect IP addresses, device identifiers, and browsing activity in accordance with Google’s privacy policies. Users may manage or disable cookies through browser settings, though some features may be impacted. We may share personal data with service providers and vendors, including cloud and storage platforms such as Microsoft Azure, Google Cloud, and Tinacms, which process data on our behalf under the terms of use of those respective platforms. We may also share data with business partners when necessary to provide services or fulfill contractual obligations. We may also share data with legal authorities when required by law, regulation, subpoena, or legal process under applicable U.S. federal laws or the laws of any state. We may also share data as part of corporate transactions in connection with mergers, acquisitions, or asset transfers. Personal data may be stored on secure third-party servers and cloud platforms, including Microsoft, Google, and Tinacms infrastructure. All third-party access is limited to the minimum data necessary and subject to confidentiality and security obligations. We do not use personal data for purposes beyond those disclosed without obtaining appropriate authorization where required. We take data protection seriously and require prompt reporting of suspected incidents. To report a suspected data breach or misuse email: info@toepferconsultin.com. Your report should include a description of the event, the approximate date and time of the occurrence, the type of data involved, any other relevant details, and contact information for follow-up. We comply with applicable U.S. federal data protection and privacy laws, including requirements related to consumer protection, cybersecurity, and data breach notification. Where state-specific laws apply, we will also adhere to those requirements as necessary. We reserve the right to update this policy periodically. Updates will be posted with a revised “Last Updated” date. Continued use of our services constitutes acceptance of any changes.