Privacy Policy

EDMA Group – Privacy Policy

1. Scope

This Privacy Policy applies to the websites located at edmagroup.com and miguelsanda.com (including any subdomains), client portals, secure file upload features, and related online tools provided by EDMA Group (“EDMA,” “we,” “us,” or “our”). EDMA Group is a bookkeeping, payroll, and tax-ready financials consultancy serving the Charlotte Metro area (Fort Mill, South Carolina) and beyond.

Our services include monthly, quarterly, and annual bookkeeping; payroll platform migrations; tax cleanup and IRS support; industry-specific expertise in real estate, dental and medical practices (HIPAA-aware processes), crypto mining, forensic accounting, non-profits, and small businesses; cloud-based GAAP-compliant record-keeping; bi-lingual ( English/Spanish) support; and integration with QuickBooks Online and Xero. We generate management reports with insights, observations, and recommendations based on monthly and year-to-date financial results (books updated through the last day of the prior calendar month). We do not provide financial, tax, investment, or any other professional advice or representation.

All content on the Websites is for informational purposes only. No accountant-client, attorney-client, or any other professional relationship is formed by your use of the Websites, viewing content, or submitting inquiries. Professional services are provided only pursuant to a separate written engagement agreement.

We comply with applicable U.S. federal and South Carolina laws, including data-breach notification requirements, the South Carolina Age-Appropriate Design Code Act (where applicable), and FTC guidelines. The Websites are built with Django and may use cookies, analytics, and secure file uploads for financial documents.

2. Information We Collect

We collect the following categories of information:

  • Personal Information: Name, email address, company name, billing information, phone number, tax IDs, and any other identifiers you provide via contact forms or account registration.
  • Financial Data: Financial documents, transactions, invoices, bills, expenses, payroll data, and other accounting information you upload to client portals or share during an engagement (including via authorized QuickBooks Online or Xero integrations).
  • Technical & Usage Data: IP address, browser type, device information, activity logs, access times, and cookie data for analytics and security on edmagroup.com and miguelsanda.com.
  • Client Data: For engaged clients only, we process financial and personal data on your behalf under a separate engagement agreement.

We collect this information directly from you, automatically through your use of the Websites, or via authorized integrations (only for clients under engagement). miguelsanda.com is Miguel Sanda’s developer portfolio showcasing Python, Django, TypeScript, Rust projects, and the open-source Django Ledger (finance engine for Django). Open-source usage follows its separate license.

3. How We Collect Information

  • Through account registration, contact forms, or secure file uploads on the Websites.
  • Via integrations with QuickBooks Online or Xero (authorized only under a separate engagement agreement).
  • Automatically using Django cookies, web beacons, and analytics tools for functionality, security, and user experience.
  • From third-party sources, such as payment processors, only with your consent or as needed for service delivery.

4. How We Use Your Information

We use your information to:

  • Operate and improve the Websites, including client portals and secure file uploads.
  • Deliver professional services only under a separate engagement agreement (e.g., bookkeeping, report generation with insights/observations).
  • Process payments, manage subscriptions, and communicate updates.
  • Provide customer support and bi-lingual assistance (English/Spanish).
  • Detect, prevent, and investigate fraud, abuse, or security incidents.
  • Comply with legal, tax, auditing, or regulatory obligations.
  • Generate anonymized, aggregated insights for internal use (without identifying individuals).

We do not use your data for purposes incompatible with these or as financial/tax advice. No professional representation is formed by Website use.

5. Data Sharing and Disclosure

We share data only as necessary:

  • With trusted service providers under strict agreements (e.g., hosting providers, payment processors, QuickBooks Online/Xero for integrations under engagement).
  • With your explicit consent, such as sharing reports with your advisors (under engagement).
  • To comply with legal requirements, such as subpoenas, tax audits, or regulatory inquiries.
  • In connection with a merger, acquisition, or sale of assets (with notice where required).
  • To enforce our Terms or protect our rights, property, or safety.

We do not sell your personal information. For QuickBooks Online or Xero integrations (engaged clients only), data is shared as required for functionality, subject to their privacy policies. We comply with South Carolina data-breach notification laws and other applicable regulations.

6. Data Security

We implement robust security measures, including:

  • Encryption in transit (TLS) and at rest.
  • Access controls, multi-factor authentication, and role-based permissions.
  • Secure Django-based client portals and file uploads without storing sensitive credentials unnecessarily.
  • Regular security reviews and vulnerability assessments.
  • Data minimization and pseudonymization where feasible.

No system is 100% secure. We notify you of breaches as required by South Carolina and federal law. Notification does not constitute an admission of liability.

7. International Data Transfers

Data is primarily processed and stored in the United States. Transfers outside the U.S. (if any) comply with applicable laws using standard contractual clauses or other lawful mechanisms.

8. Your Rights

Depending on your location, you may have rights to:

  • Access, correct, or update your personal data.
  • Delete your data (subject to legal retention requirements, e.g., 7 years for U.S. tax/financial records).
  • Export your data in a portable format.
  • Object to or restrict processing.
  • Withdraw consent where applicable.
  • Opt out of marketing communications.

Contact support@edmagroup.com or support@miguelsanda.com to exercise these rights. We respond within 30 days (or as required by law). Spanish-language support is available upon request.

9. Data Retention

We retain personal and financial data as long as needed for the Websites, active engagements, or as required by law ( generally 7 years for financial records under IRS guidelines). Inactive accounts may be deleted after 12 months with notice.

10. Cookies and Tracking Technologies

We use essential and analytics cookies on edmagroup.com and miguelsanda.com for functionality and performance. You can manage preferences via browser settings or our cookie banner.

11. Children's Privacy

The Websites and services are not intended for individuals under 18. We do not knowingly collect data from minors. We comply with the South Carolina Age-Appropriate Design Code Act and federal COPPA where applicable.

12. Third-Party Links and Integrations

The Websites may link to or integrate with third-party services (e.g., QuickBooks Online, Xero). We are not responsible for their privacy practices. Review their policies separately.

13. Changes to this Policy

We may update this Privacy Policy. Material changes will be posted on the Websites with the new “Last Updated” date. Continued use constitutes acceptance.

14. Contact & Data Protection

EDMA Group
Fort Mill, South Carolina
support@edmagroup.com
support@miguelsanda.com

Spanish-language support is available upon request.

Last updated: March 24, 2026. This policy is provided for informational purposes only. Consult your own attorney for advice tailored to your situation.