FirmDoor markFirmDoor
LoginSign Up
Privacy

Privacy Policy

This page explains how FirmDoor collects, uses, stores, and shares information in connection with the FirmDoor mobile app, web portal, and related support services.

Effective date: May 9, 2026Last updated: May 9, 2026

Introduction

FirmDoor respects user privacy. This Privacy Policy explains how we collect, use, store, and share information when firm-side users, clients, and invited users access the FirmDoor web platform, mobile application, and related support services.

We provide workflow tools for CPA firms and their clients, including account access, task management, document collection, comments, chat, acknowledgements, notifications, and related operational support.

Information we collect

Depending on how the service is used, we may collect account and profile information, company information, client information entered by firm users, task details, document metadata, uploaded files, acknowledgements, comments, chat messages, authentication and security information, and device, application, or log information generated during use of the service.

  • Account and profile information such as names, email addresses, phone numbers, role assignments, and login credentials or verification details.
  • Firm and company information such as company name, billing or contact information, addresses, and workspace configuration details.
  • Client information entered by firm users, including business names, contact details, and onboarding information needed to provide service access.
  • Task, document, acknowledgement, comment, and chat content submitted through the platform.
  • Authentication, security, and audit information such as sign-in events, verification attempts, permission-related activity, and operational logs.
  • Uploaded files and documents provided by firm users or clients in connection with tasks or document workflows.

How we use information

We use collected information to provide and operate the service, authenticate users, secure accounts, enable client onboarding and communication, manage tasks and documents, respond to support requests, troubleshoot issues, and protect the platform, our users, and our legal rights.

  • Provide, maintain, and improve the FirmDoor service.
  • Authenticate users, support account recovery, and help protect account security.
  • Enable client onboarding, comments, chat, notifications, and acknowledgements.
  • Support document and task management workflows between firms and clients.
  • Respond to support inquiries and investigate suspected misuse, fraud, or security incidents.
  • Comply with applicable law, resolve disputes, and enforce our agreements.

File storage

Uploaded files and documents may be stored using cloud object storage infrastructure selected by FirmDoor. File metadata and related workflow records may also be stored in supporting application databases and logs as needed to operate the service.

Third-party services and subprocessors

We rely on third-party service providers to help deliver the service. These providers may handle information on our behalf for hosting, infrastructure, storage, authentication, monitoring, and email delivery.

  • Cloud infrastructure, database, and object storage providers, including DigitalOcean infrastructure used for application data and file storage.
  • Authentication and session management services, including Better Auth.
  • Error monitoring and diagnostic tooling, including Sentry, when enabled for application monitoring.
  • Transactional email delivery providers, including Resend, for support, invitation, or security-related emails.

Data sharing

FirmDoor does not sell personal data. We share information only as needed to provide the service, comply with law, protect the rights and security of the platform and its users, or work with service providers that support our operations under appropriate obligations.

Data retention

We retain information for as long as reasonably necessary to provide the service, maintain business and security records, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods may vary based on the type of data, contractual requirements, and operational needs.

Security

We use reasonable administrative, technical, and organizational measures designed to protect information against unauthorized access, loss, misuse, or alteration. However, no method of transmission over the internet or electronic storage is guaranteed to be 100% secure.

Your questions and requests

Users may contact FirmDoor regarding privacy questions, data requests, account concerns, or support issues at [email protected]. We may need to verify identity and account ownership before responding to certain requests.

Children

FirmDoor is not intended for children under 13, and we do not knowingly design the service for use by children.

Updates to this policy

We may update this Privacy Policy from time to time to reflect changes in the product, business operations, legal requirements, or service providers. When we do, we will update the effective date or last updated date shown on this page.