Equilibrium Consultants
Protecting Your Information Is Our Priority
1. Privacy Notice
Effective Date: April 28, 2025
Business Name: Equilibrium Consultants
At Equilibrium Consultants, we value your trust and take protecting your personal information seriously. This Privacy Notice explains how we collect, use, protect, and share your data.
Information We Collect
- Name, address, phone number, and email
- Social Security Number (SSN) or Employer Identification Number (EIN)
- Financial account numbers and tax-related documents
- Any other data you provide related to your tax or financial situation
How We Use Your Information
- Prepare your tax returns and related filings
- Communicate with you about your account
- Meet legal, regulatory, and compliance requirements
We do not sell or rent your personal information to third parties.
How We Protect Your Information
- Physical Security: Files stored in locked cabinets and offices
- Electronic Security: Password protection, encryption, firewalls, and two-factor authentication (2FA)
- Staff Training: Annual cybersecurity and privacy training
- Secure Communication: Encrypted email or client portals for sending and receiving sensitive information
Sharing Information
We only share your information:
- With your consent
- When legally required (e.g., IRS requests)
- With trusted service providers who agree to maintain strict confidentiality and security standards
Your Rights
You have the right to:
- Access your personal information
- Request corrections to your information
- Request deletion of your information, where applicable
To exercise any of these rights, contact us via our custom app powered by Accounta.com or email us at info@equilibriumconsultantsnj.com.
Contact Us
Business Name: Equilibrium Consultants
Contact Person: Katherine Scardaville, CEO
Email: info@equilibriumconsultantsnj.com
Phone: (732) 466-7035
2. Data Breach Response Plan
Effective Date: April 28, 2025
Business Name: Equilibrium Consultants
If we suspect or discover a data breach, we follow these steps immediately:
Step 1: Identify and Contain
- Disconnect affected computers and devices from the network.
- Secure physical locations if a physical breach (e.g., theft) occurs.
- Preserve evidence without altering the system further.
Step 2: Assess the Breach
- Determine what data was compromised (SSNs, bank info, client files).
- Estimate the number of individuals affected.
- Identify how the breach occurred (malware, phishing, insider threat, lost device).
Step 3: Notify Authorities
- Report the breach to:
- IRS Stakeholder Liaison (immediately)
- Local police (for theft or criminal acts)
- State agencies, if required (for data privacy laws)
Step 4: Notify Affected Clients
- Contact affected clients as soon as possible.
- Include:
- Description of the breach
- What information was involved
- Steps taken to protect their information
- What they can do to protect themselves (e.g., monitor accounts, credit freezes)
Step 5: Remediate and Improve
- Fix vulnerabilities (update software, change passwords, patch systems).
- Review and improve security policies.
- Conduct retraining for staff if needed.
Step 6: Document Everything
- Record all actions taken: investigation, notifications, responses, and improvements.
3. Data Breach Emergency Checklist
For Internal Use Only
| Step | Action | Completed (✔) |
|---|---|---|
| 1 | Secure IT systems and physical files immediately | |
| 2 | Identify type and scope of breach | |
| 3 | Contact IRS Stakeholder Liaison | |
| 4 | Notify local law enforcement | |
| 5 | Notify affected clients in writing | |
| 6 | Offer guidance to clients (e.g., credit monitoring) | |
| 7 | Patch vulnerabilities | |
| 8 | Review and update security policies | |
| 9 | Conduct staff retraining (if necessary) | |
| 10 | Document the breach, actions taken, and lessons learned |
