Legal
Privacy Policy
Last updated: April 3, 2026
This Privacy Policy describes how Tax2Books (“Company,” “we,” “us,” or “our”) collects, uses, and shares information about you when you use our accounting platform. We are committed to protecting your privacy and handling your data transparently.
1. Information We Collect
We collect the following categories of information:
Account Information
When you create an account, we collect your name, email address, password (stored as a cryptographic hash — never in plain text), and optional profile information. If you invite team members, we collect their email addresses.
Financial Data
Tax2Books stores the financial records you enter: journal entries, chart of accounts, bank transactions, vendor records, job records, and financial reports. This data belongs to you (see our Terms of Service).
Bank Connection Data
When you connect a bank account via Plaid, Plaid authenticates directly with your financial institution. Tax2Books receives only transaction data (date, amount, description, account) and does not receive or store your banking credentials.
Usage Data
We automatically collect information about how you use the platform: pages visited, features used, actions taken, and timestamps. This includes browser type, operating system, IP address, and device type.
Communications
If you contact us by email or through the platform, we retain the content of your communications to respond and improve the service.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Tax2Books platform
- Authenticate users and enforce role-based access controls within companies
- Process and display your financial data as directed by your use of the platform
- Send transactional emails (account confirmation, password reset, billing notifications)
- Send product updates and announcements (you may opt out at any time)
- Investigate and prevent fraud, unauthorized access, and abuse
- Comply with legal obligations and respond to lawful requests from authorities
- Analyze aggregate usage patterns to improve product features (we use anonymized data for this purpose)
We do not use your financial data to train AI or machine learning models. We do not sell your personal data.
3. Data Sharing and Disclosure
We do not sell, rent, or share your personal information or financial data with third parties for their marketing purposes.
We may share your information in the following limited circumstances:
- Service Providers: We share data with vendors who help us operate the platform (cloud hosting, email delivery, error monitoring). These vendors are contractually bound to protect your data and may not use it for any purpose beyond providing services to us.
- Legal Requirements: We may disclose information when required to do so by law, court order, or valid governmental request.
- Business Transfer: If Tax2Books is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you before your data is subject to a different privacy policy.
- With Your Consent: We may share your data with third parties when you have given us explicit consent to do so.
4. Third-Party Integrations
Plaid
Bank feed connections are powered by Plaid Inc. When you connect a bank account, you interact directly with Plaid's authentication flow. Plaid provides us with transaction data under their own privacy policy. You can review Plaid's privacy practices at plaid.com/legal.
Infrastructure
Tax2Books runs on cloud infrastructure providers. All data is stored within the United States. Data stored at rest is encrypted using AES-256. Data in transit is encrypted using TLS 1.3.
5. Data Security
We take data security seriously and implement industry-standard technical and organizational measures to protect your information:
- All data encrypted at rest using AES-256
- All data in transit encrypted using TLS 1.3
- Passwords stored as bcrypt hashes (never in plain text)
- Multi-factor authentication available for all accounts
- Role-based access controls enforced at the database level
- Immutable audit logs for all data access and modifications
- Regular security reviews and dependency audits
- Restricted employee access to production data
No system is completely secure. If you discover a security vulnerability, please report it responsibly to security@tax2books.com.
6. Data Retention
We retain your account information and financial data for as long as your account is active. When you delete your account:
- Your data remains available for 90 days to allow you to export any records you need
- After 90 days, your data is permanently deleted from our active systems
- Anonymized aggregate usage data may be retained for analytics purposes
- We may retain certain records longer if required by law (e.g., billing records for tax and audit purposes)
Audit log records may be retained for up to 7 years to meet recordkeeping requirements.
7. Your Rights
Regardless of where you are located, you have the following rights with respect to your personal information:
Access
Request a copy of the personal data we hold about you
Correction
Request correction of inaccurate or incomplete personal data
Deletion
Request deletion of your personal data (subject to legal retention requirements)
Export
Export all your financial data in standard formats at any time
Opt-out
Opt out of marketing communications while retaining transactional emails
Object
Object to certain types of data processing, including profiling
To exercise any of these rights, contact us at privacy@tax2books.com. We will respond within 30 days.
9. Children's Privacy
Tax2Books is not directed at children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you believe that a child under 13 has provided us with personal information, please contact us at privacy@tax2books.com and we will delete that information promptly.
10. California Privacy Rights (CCPA)
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA):
- The right to know what categories of personal information we collect and how we use it
- The right to know whether your personal information is sold or disclosed, and to whom
- The right to opt out of the sale of your personal information (we do not sell personal information)
- The right to request deletion of your personal information
- The right to non-discrimination for exercising your CCPA rights
To exercise your California rights, contact us at privacy@tax2books.com.
11. European Users (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):
- Legal Basis for Processing: We process your personal data on the basis of contract performance (to provide the service), legitimate interests (security and fraud prevention), and consent (marketing communications).
- Data Transfers: Your data is stored in the United States. When we transfer data from the EEA, we rely on Standard Contractual Clauses (SCCs) as the legal mechanism for cross-border transfers.
- Data Protection Officer: You may contact our privacy team at privacy@tax2books.com for GDPR-related inquiries.
- Supervisory Authority: You have the right to lodge a complaint with your local data protection supervisory authority.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and by posting a prominent notice on the platform before the changes take effect.
We encourage you to review this policy periodically. Your continued use of the service after the effective date of the revised policy constitutes your acceptance of the changes.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Tax2Books — Privacy Team
Email: privacy@tax2books.com
State of Florida, United States
We aim to respond to all privacy-related inquiries within 30 days.