Tariff Refund HQ

Privacy Policy

How we handle intake data, account data, and financial information in a practical, plain-English way.


Effective date: 2026-05-06

1) Scope

This policy applies to information collected through our website, intake forms, communications, and service workflows. Tariff Refund HQ is operated by AAZ Consulting Group, LLC, a Florida Limited Liability Company.

2) Information we collect

  • Contact information (name, work email, phone, company).
  • Intake information (entry details, filing context, notes, documents).
  • Commercial and billing information (invoices, payment status, limited transaction details).
  • Technical data needed for security, debugging, and service reliability (for example IP address, browser/device metadata, and basic server logs).
  • If you opt into analytics or marketing technologies, site usage signals and online identifiers from tools such as Google Analytics, Google Ads, Google Tag Manager, and NextRoll/AdRoll.
  • Communications with us (email, form submissions, support messages).

3) How we use information

  • Provide intake triage and service delivery.
  • Assess eligibility, deadlines, and operational requirements.
  • Communicate about your request, account, and service updates.
  • Process billing and maintain financial records.
  • Improve security, fraud prevention, and platform performance.
  • Measure and improve marketing campaigns only after applicable consent.
  • Comply with legal, regulatory, tax, and recordkeeping obligations.

4) Legal bases (where required)

We process data based on consent, contract/performance needs, legitimate business interests, and legal obligations, depending on the situation and applicable law.

5) Sharing and service providers

We do not sell personal information for money. We may share information with:

  • Infrastructure and database providers (including Supabase and hosting providers).
  • Payment, accounting, email, security, and support vendors needed to run operations.
  • Analytics and advertising vendors only after applicable consent, including Google and NextRoll/AdRoll.
  • Professional advisors (legal, compliance, audit) under confidentiality obligations.
  • Government or regulators when required by law, subpoena, or lawful process.
  • Successor entities in a merger, acquisition, financing, or asset sale.

6) Cookies, advertising, and privacy choices

Essential technologies needed to operate, secure, debug, and respond to requests may run without optional consent. Non-essential analytics and advertising technologies are blocked unless you opt in through our privacy choices tool.

If you opt into analytics, we may use Google Analytics to understand site performance. If you opt into marketing, we may use Google Ads, Google Tag Manager, and NextRoll/AdRoll to measure advertising performance, build audiences, and show relevant ads. If an approved form is connected to advertising collection, NextRoll may process online identifiers and may use a hashed version of an email address for advertising measurement and cross-device recognition.

We honor Global Privacy Control signals, including browser-level signals and Sec-GPC request headers, by suppressing non-essential analytics and marketing technologies. You can update choices any time through the Privacy Choices link in the footer. You can also use browser settings, mobile ad settings, and third-party opt-out tools such as the Network Advertising Initiative and Digital Advertising Alliance.

7) Data retention

We keep information as long as reasonably needed for intake, service delivery, legal/compliance obligations, dispute resolution, marketing measurement, and internal records. Retention periods vary by data type and legal requirements.

8) Security

We use administrative, technical, and organizational safeguards designed to protect personal information. However, no system is 100% secure, and we cannot guarantee absolute security.

9) Financial information

We use reasonable controls for billing and payment data and limit access to personnel and vendors with a business need. Full payment card data is handled by payment processors, not stored directly by us unless specifically stated.

Under our standard contingency model, fee calculations are tied to recovered funds as defined in the signed engagement agreement, including standardized treatment of costs and expenses. We retain financial records needed for accounting, compliance, and dispute resolution.

10) Your privacy rights

Depending on your state of residence, you may have rights to access, correct, delete, or obtain a copy of certain personal information, and to opt out of certain targeted advertising/profiling activities where applicable.

To submit a request, use our contact page. We may need to verify your identity before completing requests.

11) Children

This site is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

12) Cross-border processing

Information may be processed in the United States or other jurisdictions where our service providers operate, subject to applicable legal safeguards.

13) Updates to this policy

We may revise this policy from time to time. Changes are effective when posted with the updated effective date.

14) Contact

Privacy questions or requests: Contact us. Mailing address: 200 S Biscayne Blvd Floor 20, Miami, FL 33131. You can also review our Terms of Service.