Terms of Service

1. Agreement to Terms

These Terms of Service ("Terms") constitute a legally binding agreement between you ("User," "you," or "your") and Pumpkin LLC dba Pumpkin Business Services ("Company," "we," "our," or "us"), governing your access to and use of the Easy Client Docs platform, including all associated websites, applications, services, and features (collectively, the "Service").

By creating an account, accessing, or using the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms. If you do not agree to these Terms, you must not access or use the Service.

If you are entering into these Terms on behalf of a business or other legal entity, you represent that you have the authority to bind such entity to these Terms. In such case, "you" and "your" shall refer to such entity.

2. Description of Service

Easy Client Docs is a multi-tenant software-as-a-service (SaaS) platform designed for tax preparers and financial professionals. The Service provides:

• Secure document storage and exchange with clients
• Electronic signature collection and verification
• Custom form creation and client intake workflows
• Client portal access for document submission
• Identity verification and authentication features
• Team collaboration and role-based access controls

We reserve the right to modify, suspend, or discontinue any part of the Service at any time, with or without notice. We shall not be liable to you or any third party for any modification, suspension, or discontinuation of the Service.

3. Account Registration and Security

3.1 Account Creation

To use the Service, you must create an account by providing accurate, current, and complete information. You agree to update your account information promptly to maintain its accuracy. Providing false or misleading information may result in immediate account termination.

3.2 Account Security

You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You must:

• Create a strong, unique password that you do not use for other services
• Enable multi-factor authentication (MFA) when available and as required by your subscription plan
• Immediately notify us of any unauthorized access or security breach
• Never share your login credentials with unauthorized parties
• Log out of your account when using shared or public devices

We are not liable for any loss or damage arising from your failure to maintain adequate account security.

3.3 Identity Verification

Certain features of the Service, including electronic signature functionality, may require identity verification. You agree to provide valid government-issued identification and any additional documentation we may reasonably request. We reserve the right to refuse service if identity cannot be satisfactorily verified.

For e-signature workflows, signers may be required to provide photographic identification, which is captured and stored as part of the legal signing record. By using these features, you consent to this verification process and agree to inform your clients of this requirement.

4. Data Protection and Security

4.1 Encryption Standards

We employ industry-leading encryption technologies to protect your data:

• Data in Transit: All data transmitted between your devices and our servers is encrypted using Transport Layer Security (TLS) 1.3, the most current and secure protocol available.
• Data at Rest: All stored data, including documents, signatures, and personal information, is encrypted using AES-256 (Advanced Encryption Standard with 256-bit keys), a military-grade encryption standard.
• Key Management: Encryption keys are managed through a secure key management system with automatic rotation, hardware security modules (HSMs), and strict access controls.
• End-to-End Protection: Sensitive documents maintain encryption throughout their lifecycle, from upload through storage to delivery.

4.2 SOC 2 Type II Compliance

Our infrastructure and operations are designed to meet SOC 2 Type II compliance standards. This means:

• Security: Systems are protected against unauthorized access through multi-layered security controls.
• Availability: Services are available for operation and use as committed in service agreements.
• Processing Integrity: System processing is complete, valid, accurate, timely, and authorized.
• Confidentiality: Information designated as confidential is protected as committed.
• Privacy: Personal information is collected, used, retained, disclosed, and disposed of in conformity with our Privacy Policy.

Our hosting infrastructure is provided by SOC 2 Type II certified data centers that undergo continuous monitoring, regular third-party audits, and maintain comprehensive security certifications including ISO 27001 and PCI DSS.

4.3 Access Controls

We implement rigorous access control measures to protect your data:

• Role-Based Access Control (RBAC): Access to systems and data is granted based on job function and the principle of least privilege.
• Multi-Factor Authentication: All administrative and employee access requires MFA.
• Access Logging: All access to customer data is logged and monitored for unauthorized or suspicious activity.
• Regular Access Reviews: Employee access rights are reviewed quarterly and immediately upon role changes or termination.
• Physical Security: Data centers employ 24/7 security, biometric access controls, and video surveillance.
• Vendor Management: Third-party vendors with data access undergo security assessments and are bound by data protection agreements.

4.4 Security Monitoring and Incident Response

We maintain comprehensive security monitoring and incident response capabilities:

• 24/7 automated threat monitoring and intrusion detection
• Real-time security event logging and correlation
• Documented incident response procedures with defined escalation paths
• Regular penetration testing by independent security firms
• Vulnerability scanning and patch management programs
• Business continuity and disaster recovery plans tested annually

In the event of a security incident affecting your data, we will notify you in accordance with applicable laws and regulations, typically within 72 hours of discovery.

5. Data Removal, Deletion, and Account Termination

5.1 Your Right to Delete Data

You have the right to delete your data at any time, subject to the following provisions:

• Individual Documents: You may delete individual documents, client records, and form submissions through the Service interface. Deleted items are moved to a trash folder and permanently deleted after 30 days.
• Immediate Deletion: You may request immediate permanent deletion of specific data by contacting info@easyclientdocs.com.
• Bulk Deletion: Account administrators may export and delete all data associated with their account.

5.2 Account Deletion

You may request deletion of your account at any time. Upon receiving a deletion request:

• We will process your request within 7 business days.
• All personal data, documents, and account information will be scheduled for permanent deletion.
• You will receive confirmation when deletion is complete.
• Any active subscription will be canceled, subject to the billing terms outlined in Section 6.

5.3 Data Destruction After Termination

Upon account termination (whether by you or by us), we follow a comprehensive data destruction process:

• Grace Period: Following termination, you have 14 days to export your data before permanent deletion begins.
• Primary Data Deletion: Within 30 days of the grace period expiration, all primary data stores are purged of your information.
• Backup Retention: Encrypted backups may retain your data for up to 90 days for disaster recovery purposes, after which they are overwritten.
• Audit Logs: Anonymized audit logs and aggregated analytics may be retained for compliance and service improvement purposes.
• Legal Holds: Data subject to legal holds, regulatory requirements, or ongoing disputes may be retained until the hold is released.

For accounts terminated due to Terms violations, the grace period may be shortened or waived at our discretion.

5.4 Certificate of Destruction

Upon request, we will provide a certificate of data destruction confirming that your data has been permanently deleted from our systems. Requests for certificates should be sent to info@easyclientdocs.com.

6. Subscription, Billing, and Payment Terms

6.1 Subscription Plans

The Service is offered through various subscription plans with different features, storage limits, and pricing. Plan details are available on our website and may be updated from time to time.

6.2 Minimum Service Term

THE MINIMUM BILLING AND SERVICE TERM IS THIRTY (30) DAYS. This means that upon subscribing to any paid plan, you commit to a minimum of 30 days of service. Early cancellation within this period does not entitle you to a refund for the unused portion of the 30-day minimum term.

6.3 Billing Cycle

Subscriptions are billed in advance on a monthly or annual basis, depending on your selected plan. Your billing cycle begins on the date of your initial subscription and renews automatically unless canceled.

6.4 Payment Methods

We accept major credit cards, debit cards, and other payment methods as displayed during checkout. You authorize us to charge your selected payment method for all applicable fees. You are responsible for maintaining accurate and current payment information.

6.5 Failed Payments

If a payment fails, we will attempt to process the charge again and notify you of the issue. If payment cannot be collected after multiple attempts, your account may be suspended or downgraded. We are not responsible for any consequences resulting from service interruption due to payment failure.

6.6 Cancellation and Refunds

You may cancel your subscription at any time through your account settings. Upon cancellation:

• Your subscription will remain active until the end of the current billing period.
• No refunds will be issued for partial months or unused time, except where required by law.
• The 30-day minimum service term applies to all cancellations.
• Downgrading to a free plan (if available) is not a cancellation and does not qualify for any refund.

6.7 Price Changes

We reserve the right to change our prices. Any price changes will be communicated at least 30 days in advance and will take effect at the start of your next billing cycle. If you do not agree to the new pricing, you may cancel your subscription before the new rates take effect.

7. Acceptable Use Policy

You agree to use the Service only for lawful purposes and in accordance with these Terms. You shall not:

• Use the Service to store, transmit, or process any illegal content
• Attempt to gain unauthorized access to any systems or data
• Interfere with or disrupt the Service or servers
• Upload malicious code, viruses, or harmful files
• Use the Service for spam, phishing, or fraudulent activities
• Violate any applicable laws or regulations
• Infringe on the intellectual property rights of others
• Share your account credentials or allow unauthorized access
• Use automated tools to access the Service without permission
• Resell or redistribute the Service without authorization

Violation of this Acceptable Use Policy may result in immediate account suspension or termination.

8. Intellectual Property

The Service, including all content, features, and functionality, is owned by us and is protected by copyright, trademark, and other intellectual property laws. You may not copy, modify, distribute, sell, or lease any part of the Service without our written consent.

You retain all rights to the content you upload to the Service. By uploading content, you grant us a limited license to store, process, and display your content as necessary to provide the Service.

9. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL WE BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING WITHOUT LIMITATION, LOSS OF PROFITS, DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, RESULTING FROM:

• Your access to or use of or inability to access or use the Service
• Any conduct or content of any third party on the Service
• Any content obtained from the Service
• Unauthorized access, use, or alteration of your transmissions or content

OUR TOTAL LIABILITY FOR ANY CLAIMS ARISING OUT OF OR RELATED TO THESE TERMS OR THE SERVICE SHALL NOT EXCEED THE AMOUNT YOU HAVE PAID US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

10. Indemnification

You agree to indemnify, defend, and hold harmless Easy Client Docs, Pumpkin LLC, and their officers, directors, employees, agents, and successors from any claims, liabilities, damages, losses, and expenses arising out of or in connection with your use of the Service, your violation of these Terms, or your violation of any rights of another.

11. Dispute Resolution

Any disputes arising from these Terms or the Service shall first be attempted to be resolved through good-faith negotiation. If negotiation fails, disputes shall be resolved through binding arbitration in accordance with the rules of the American Arbitration Association. The arbitration shall take place in Monterey County, California, and the decision shall be final and binding.

You agree to waive your right to a jury trial and to participate in class action lawsuits against us.

12. Governing Law

These Terms shall be governed by and construed in accordance with the laws of the State of California, without regard to its conflict of law provisions. Any legal action or proceeding arising under these Terms will be brought exclusively in the federal or state courts located in Monterey County, California.

13. Modifications to Terms

We reserve the right to modify these Terms at any time. Material changes will be communicated via email or through the Service at least 30 days before they take effect. Your continued use of the Service after changes take effect constitutes acceptance of the modified Terms.

14. Severability

If any provision of these Terms is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary, and the remaining provisions shall remain in full force and effect.

15. Entire Agreement

These Terms, together with our Privacy Policy and Cookie Policy, constitute the entire agreement between you and us regarding the Service and supersede all prior agreements and understandings.

16. Contact Information

For questions, concerns, or notices regarding these Terms of Service, please contact us: