Privacy Policy

Your privacy and data security are our top priorities

Effective Date: August 6, 2025 | Last Updated: August 6, 2025
Quick Summary

We collect only usernames and encrypted passwords - no email addresses required. Your tax documents are analyzed anonymously by AI, then permanently deleted. We never sell your data and comply with all federal and state privacy laws. Mandatory 2FA ensures maximum security.

1. Information We Collect

1.1 Account Information (Minimal Collection)
Anonymous Account System

TaxCheckMe AI operates on a privacy-first, username-only system. We deliberately do NOT collect email addresses to ensure complete anonymity.

  • Required: Username, encrypted password, 2FA secret key
  • NOT Collected: Email addresses, real names, phone numbers
  • Payment Info: Processed by Stripe (we don't store card details)
  • Purpose: Account creation, authentication, payment processing only
1.2 Tax Document Data (Temporary Processing Only)
Temporary Processing Notice

Tax documents are processed temporarily and automatically deleted. Personal identifiers are removed before AI analysis begins.

  • Document Types: Tax returns (1040, 1120, etc.), W-2s, 1099s, supporting schedules
  • Data Extracted: Income amounts, deductions, filing status, tax calculations (anonymized)
  • Personal Identifiers: Names, SSNs, addresses (immediately stripped before AI analysis)
  • Processing: Documents processed locally, never shared with third parties
  • Deletion: Original files automatically deleted within minutes of analysis completion
1.3 Technical Information
  • Usage Data: IP address (logged temporarily), browser type, session duration
  • Security Logs: Login attempts, 2FA verification events, suspicious activity
  • Performance Data: Page load times, error rates, system performance metrics
  • 2FA Data: TOTP secret keys (encrypted), backup codes (hashed)

2. How We Use Your Information

2.1 Service Delivery
  • Process and analyze tax documents using AI technology
  • Generate personalized tax optimization recommendations
  • Provide customer support and technical assistance
  • Process payments through Stripe (no email required)
  • Authenticate users via mandatory 2FA system
2.2 Security and Compliance
  • Protect against fraud, abuse, and security threats
  • Comply with legal obligations and regulatory requirements
  • Maintain audit trails for compliance purposes (without personal identifiers)
  • Investigate and prevent unauthorized access
  • Enforce mandatory 2FA security requirements

3. Data Anonymization and AI Processing

Privacy-First AI Analysis

Before any AI analysis begins, we remove all personally identifiable information from your tax data. Our AI systems never see names, Social Security numbers, or addresses - only anonymized financial figures.

3.1 Anonymization Process
  • Step 1: Document uploaded with bank-level encryption
  • Step 2: Personal identifiers (names, SSNs, addresses) automatically removed
  • Step 3: Only numerical tax data sent to AI for analysis
  • Step 4: AI generates optimization recommendations based on anonymous data
  • Step 5: Original document permanently deleted from our systems
3.2 AI Provider Safeguards
  • Data Minimization: AI providers only receive anonymized tax figures
  • No Training Use: Your data is never used to train AI models
  • API-Only Access: AI providers cannot store or retain your data
  • Multiple Providers: Consensus system prevents single-point privacy failures

4. Data Sharing and Third Parties

We Do NOT Share Your Data

We never sell, rent, or share your personal information with third parties for marketing purposes. Period.

4.1 Limited Third-Party Services
  • Payment Processing: Stripe processes payments (no personal tax data shared)
  • AI Analysis: Anonymized data only, never personal identifiers
  • Cloud Infrastructure: Digital Ocean provides secure hosting
  • No Marketing Partners: We don't share data with advertisers or marketers

5. Data Retention and Deletion

Automatic Data Deletion

Tax documents are automatically deleted immediately after analysis. Analysis results are retained only for your account access, with no personal identifiers attached.

5.1 Deletion Schedule
  • Tax Documents: Deleted within 5 minutes of successful analysis
  • Temporary Files: Cleared every hour via automated processes
  • Analysis Results: Retained indefinitely for your account (anonymized)
  • Payment Records: Retained as required by law (7 years for tax-related services)
  • Account Data: Retained until account deletion or 5 years of inactivity
5.2 Account Deletion
  • User-Initiated: Delete your account anytime from profile settings
  • Complete Removal: All data permanently deleted within 30 days
  • No Recovery: Deleted accounts cannot be recovered (privacy by design)
  • Legal Compliance: Some anonymized records retained as required by law

6. Security Measures

6.1 Mandatory Two-Factor Authentication
Required Security Feature

All TaxCheckMe AI accounts MUST use Two-Factor Authentication. This is not optional and significantly enhances account security beyond industry standards.

  • TOTP Authentication: Time-based codes via Google Authenticator, Authy, etc.
  • Backup Codes: Secure recovery codes provided during setup
  • No SMS Option: More secure than SMS-based 2FA
  • Account Protection: Prevents unauthorized access even with password compromise
6.2 Technical Security
  • Encryption: Bank-level AES-256 encryption for all data
  • HTTPS: All communications encrypted in transit
  • Secure Hosting: Digital Ocean with enterprise security features
  • Regular Audits: Security assessments and penetration testing
  • Access Controls: Strict employee access limitations

7. Your Privacy Rights

7.1 Access and Control
  • Account Access: View and update your username and security settings
  • Data Export: Download your analysis reports and account data
  • Account Deletion: Permanently delete your account and all data
  • 2FA Management: View 2FA status, generate new backup codes
7.2 No Email Communications
Communication Limitation

Since we don't collect email addresses, we cannot send you notifications, updates, or marketing emails. All communications happen within the platform.

  • Platform Notifications: Important updates displayed when you log in
  • No Email Marketing: We literally cannot send you marketing emails
  • Security Alerts: Displayed in your account dashboard
  • Support Communications: Handled through support ticket system

8. Legal Compliance

8.1 Regulatory Standards
  • IRS Publication 4557: Compliance with tax return preparer requirements
  • FTC Safeguards Rule: Enhanced security for financial data
  • State Privacy Laws: Compliance with applicable state regulations
  • GDPR Principles: Privacy by design and data minimization
8.2 IRS Resources & Scam Protection
Be Aware of Tax Scams

Every year, the IRS publishes a list of the top tax scams that target unsuspecting taxpayers. We encourage all users to stay informed and vigilant.

TaxCheckMe AI is not affiliated with the IRS, but we strongly support its mission to protect taxpayers and encourage responsible tax practices.

9. Children's Privacy

Our Service is not intended for individuals under 18 years old. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will post the updated policy on our platform and update the "Last Updated" date. Since we don't collect email addresses, we cannot notify you directly of changes. Please review this policy periodically for any updates.

11. Contact Information

Privacy Questions and Requests

Email: admin@taxcheckme.ai

Response Time: We respond to privacy requests within 10 business days

Our Privacy Promise

TaxCheckMe AI was built from the ground up with privacy as the foundation. Our username-only, mandatory 2FA system with automatic data deletion isn't just a feature - it's our core philosophy. Your privacy isn't just protected, it's engineered into every line of code.

Return to Dashboard

Document Version: 2.0 | Effective: August 6, 2025 | Last Updated: August 6, 2025
This Privacy Policy reflects our username-only, mandatory 2FA architecture and complies with IRS Publication 4557, FTC Safeguards Rule, and applicable state privacy laws.