Call Now Book Now
Catalyst CPA
Call Now Book Consultation

Our Privacy Policy

Privacy Policy

Effective date: September 24, 2025
Website: https://catalyst-cpa.com
Business: Catalyst CPA (“Catalyst,” “we,” “us,” or “our”)

This Policy describes how we collect, use, disclose, and protect personal information when you visit or interact with our website. We are based in California and do not sell or share personal information for cross-context behavioral advertising. Additional notes are provided for visitors outside the U.S.

1) Who we are & how to contact us

Business name: Catalyst CPA
Website: https://catalyst-cpa.com
Email: privacy@catalyst-cpa.com
Postal address: 13114 Yellowwood St, Moreno Valley, CA 92553

2) Information we collect

We collect information you provide directly and information automatically collected by our site.

2.1 Information you provide

  • Contact details and message content submitted via forms (e.g., name, email, phone, company, free-text message).
  • Preferences you choose (e.g., whether to receive communications).

2.2 Information collected automatically (first-party analytics)

We operate first-party, in-house analytics hosted on our server to understand site usage and improve content. We do not use third-party ad trackers.

  • Identifiers: randomly generated session ID, IP address (stored in binary form) and a salted hash of the IP.
  • Device & browser: user agent string, general device type (desktop/mobile), screen/viewport size.
  • Usage & interaction: pages visited, timestamps, engaged time (when the page is actually visible), scroll-depth milestones, which headings/sections were viewed (e.g., H1–H3), clicks on links (including whether a link was outbound), and landing/exit pages.
  • Referrer & campaigns: referring domain (when provided by your browser) and UTM parameters present in the URL.
  • Approximate location: country, region, city (and approximate latitude/longitude) derived from IP via a geolocation service. Accuracy is not street-level.
  • Precise location (optional): Only if you grant permission in your browser, we may receive precise latitude/longitude from your device. You can deny or revoke this permission at any time in your browser/OS settings.

Signals we respect: If your browser sends Global Privacy Control (GPC) or Do Not Track (DNT), our analytics honors those signals by disabling non-essential tracking for that visit.

Admins excluded: Logged-in site administrators/editors are excluded from analytics.

3) Cookies and similar technologies

  • We set a first-party session cookie to recognize your visit during a short window of activity.
  • If you opt out of analytics, we set a first-party opt-out cookie to remember your choice.
  • We use a safe Referrer-Policy: strict-origin-when-cross-origin so we see the referring domain but generally not the full URL when you arrive from another site.

We do not use third-party advertising cookies or cross-site trackers.

4) Why we collect this information (purposes)

  • Operate, secure, troubleshoot, and improve the website.
  • Understand content performance and user experience.
  • Measure the effectiveness of our own, first-party marketing.
  • Detect and prevent abuse and maintain service integrity.
  • Respond to your inquiries and provide requested services.

Legal bases for EU/UK visitors

  • Legitimate interests for essential analytics and site improvement using privacy-protective measures.
  • Consent for optional features (e.g., precise geolocation) or where local law requires consent before setting non-essential cookies.

5) Data retention

  • Analytics/events: retained for 90 days, then automatically deleted.
  • Contact form submissions: retained as long as reasonably necessary to respond and for recordkeeping, unless you request deletion and we are not legally required to keep them.

6) Sharing and disclosure

We do not sell personal information. We also do not share personal information for cross-context behavioral advertising.

We may disclose limited data to:

  • Service providers (e.g., managed hosting, security, error monitoring) under contracts that restrict use.
  • IP geolocation provider (e.g., ipapi.co) to derive coarse location from IP; they receive your IP and return approximate location.
  • Legal/compliance when required by law or to protect rights, safety, and security.

7) Your choices & controls

Opt out via link If you clear cookies or switch browsers/devices, repeat the opt-out.
  • GPC/DNT: If your browser sends Global Privacy Control or Do Not Track, we honor it and disable non-essential analytics.
  • Precise location: Your browser will ask before sharing precise location. Decline to deny sharing; you can revoke permission later in your browser/OS settings.

8) Your privacy rights

Your rights depend on where you live. Subject to legal limits, you may have the right to access, correct, delete, object to or restrict certain processing, withdraw consent (e.g., for precise location), and (EU/UK) data portability.

California residents (CCPA/CPRA)

  • Know the categories of personal information we collect and the purposes for which we use it.
  • Access specific pieces of personal information we maintain about you.
  • Delete personal information, subject to legal exceptions.
  • Correct inaccurate personal information.
  • Non-discrimination for exercising your rights.

We do not sell or share personal information for cross-context behavioral advertising. If our practices change, we will update this Policy and provide appropriate opt-out mechanisms, including honoring GPC signals where applicable.

To exercise rights, email privacy@catalyst-cpa.com. We may need to verify your identity. You may use an authorized agent.

9) International visitors

We operate in the United States. If you access our site from outside the U.S., your information may be processed in countries with different data-protection laws. Where required, we implement appropriate safeguards.

10) Security

We use reasonable and appropriate safeguards designed to protect personal information, including HTTPS, access controls, and data minimization. No method of transmission or storage is 100% secure.

11) Children’s privacy

Our website is not directed to children under 13 (or the equivalent age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided information, contact us and we will remove it.

12) Third-party links

Our site may link to other websites. Their privacy practices are governed by their own policies, not this one.

13) Changes to this Policy

We may update this Policy from time to time. The “Effective date” above shows when the latest changes took effect. If changes are material, we will provide a more prominent notice.

14) Transparency about our analytics implementation

  • A small, first-party script records session events (page views, engaged time, scroll depth, section views, link clicks).
  • We store IP (binary) and a salted hash, user agent, referring domain, UTM tags, and the events listed above.
  • We derive coarse geo (country/region/city and approximate lat/long) from IP via a geolocation lookup.
  • We honor GPC/DNT and provide an opt-out cookie.
  • We retain analytics for 90 days then delete them automatically.
  • Precise device location is collected only with your explicit permission.

15) Contact

Email: privacy@catalyst-cpa.com
Address: 13114 Yellowwood St, Moreno Valley, CA 92553