Privacy Policy

Last updated: May 2026

1. Who we are

Taxero, LLC ("Taxero", "we", "us", or "our") operates taxero.ai and provides automated sales tax compliance services. Our registered address is on file with the State of Texas. For privacy inquiries, contact us at [email protected].

2. What we collect

We collect information you provide directly and data generated by your use of the service:

  • Account data: name, email address, business name, EIN/tax ID.
  • Sales data: transaction records you upload or connect via platform integrations (Amazon, eBay, Shopify, etc.).
  • Filing data: state registration details, sales tax returns, nexus positions.
  • Payment data: processed by Stripe — Taxero never stores full card numbers.
  • Usage data: log data, IP addresses, browser type, pages visited — used to operate and improve the service.

3. How we use your data

  • To provide, maintain, and improve the Taxero service.
  • To prepare and file your sales tax returns with state agencies on your behalf.
  • To monitor your nexus positions across all 50 states and send compliance alerts.
  • To communicate service updates, billing information, and support responses.
  • To comply with legal obligations and enforce our Terms of Service.

We do not sell your data to third parties. We do not use your data for advertising.

4. Data sharing

We share data only where necessary to deliver the service:

  • State tax agencies: we submit filings on your behalf using the credentials and authorization you provide.
  • Infrastructure providers: Supabase (database), Vercel (hosting), Railway (API), Resend (email). All under data processing agreements.
  • Payment processing: Stripe handles all payment data under their own PCI-compliant infrastructure.

5. Data security

We protect your data with AES-256 encryption at rest and TLS 1.3 in transit. Sensitive fields (SSN, driver's license numbers) are encrypted at the field level using AES-256-GCM before storage. Row-level security ensures no user can access another account's data. Audit logs are maintained for every access event.

6. Data retention

We retain your data for as long as your account is active and for a reasonable period afterward to meet legal and tax record-keeping obligations (typically 7 years for tax filings). You may request deletion of your account and associated data at any time by contacting [email protected]. Note that we may be required to retain certain filing records.

7. Your rights

Depending on your jurisdiction, you may have rights including:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of your data (subject to legal retention requirements)
  • Data portability
  • Opt-out of marketing communications

To exercise these rights, email [email protected].

8. Cookies

We use essential cookies to operate the service (authentication, session management). We use analytics cookies (PostHog) to understand how the product is used — this data is anonymized. You can disable analytics cookies in your browser settings.

9. Changes to this policy

We may update this policy as our service evolves. Material changes will be communicated via email to account holders. Continued use of Taxero after changes constitutes acceptance.

10. Contact

Questions about this policy? Email us at [email protected].