Back to TaxTidyTaxTidyTaxTidy

Privacy Policy

Last updated: March 27, 2026

Disclaimer

TaxTidy provides tools for receipt organization and expense tracking. TaxTidy is not a CPA, tax advisor, or financial professional. Nothing in this application constitutes tax advice. Consult a qualified tax professional for tax-related decisions.

TaxTidy ("we," "our," or "us") is operated by Gravity Culture Coaching LLC. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information when you use the TaxTidy application and website (collectively, the "Service").

1. What We Collect

We collect the following types of information:

  • Account Information— Your email address, name, and business details provided during registration and onboarding.
  • Receipt and Financial Data— Photos of receipts you upload, extracted financial data (vendor, amount, date, category), and expense records you create or import.
  • Bank Statements— PDF bank statements you choose to upload for transaction matching.
  • Usage Data— Pages visited, features used, device information, IP address, and browser type to improve the Service and diagnose issues.
  • Chat History— Conversations with Fin, our AI tax assistant, stored to provide cross-device continuity.

2. How We Use Your Information

  • OCR Processing— Receipt images are processed by AI models to extract vendor names, amounts, dates, and categories.
  • AI Categorization— Expense data is analyzed by AI to suggest IRS deduction categories and identify potential deductions.
  • Tax Calculations— Your expense data is used to generate audit readiness scores, tax summaries, and quarterly estimates.
  • Service Improvement— Usage data helps us understand how the Service is used so we can improve features and fix issues.
  • Communications— We send transactional emails (receipts, exports) and optional notifications (weekly summaries, tax deadline reminders) via your provided email.

3. Third-Party Processors

We share data with the following third-party processors, strictly for service delivery:

  • Google (Gemini)— Powers Fin, our AI tax assistant. Chat messages and relevant expense context are sent to Google for response generation.
  • OpenAI (GPT-5.4)— Processes receipt images for OCR extraction, expense categorization, and statement transaction categorization.
  • Stripe— Handles payment processing for Pro and CPA subscriptions. We do not store your credit card information; Stripe handles this directly.
  • Supabase— Provides authentication, database storage, and file storage for your account data, expenses, and receipt images.
  • Cloudflare R2— Serves static assets and receipt image storage via content delivery network.
  • Sentry— Captures error reports and performance data to help us diagnose and fix issues. Error reports may include anonymized usage context.
  • Resend— Delivers transactional and notification emails on our behalf.

4. Data Retention

  • Receipt Images (Free tier)— Stored for 60 days. You will be prompted to download your PDF tax report (with receipt images) before expiry.
  • Receipt Images (Pro & CPA tiers)— Stored indefinitely while your subscription is active.
  • Expense Records— Retained until you delete them or delete your account.
  • Account Data— Retained until you request account deletion via Settings.
  • Audit Logs— Retained for 90 days for security purposes after account deletion.

5. Your Rights

Under the CCPA (California) and GDPR (European Union), you have the following rights:

  • Access— Download a complete archive of your data via Settings > Data & Privacy > "Download Full Data Archive."
  • Deletion— Delete your entire account and all associated data via Settings > Data & Privacy > "Delete Account." This action is permanent and cannot be undone.
  • Portability— Export your expense data as CSV via Settings > Data & Privacy > "Export All Data."
  • Correction— Edit your profile, business information, and expense records at any time within the application.
  • Opt-Out— Disable notification emails via Settings > Notifications.

6. Security

We use industry-standard security measures to protect your data, including 256-bit AES encryption for data at rest, TLS 1.3 for data in transit, and row-level security policies in our database ensuring you can only access your own data.

7. Children

TaxTidy is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Continued use of the Service after changes constitutes acceptance.

9. Contact

If you have questions about this Privacy Policy or your data, contact us at:

Gravity Culture Coaching LLC
Email: privacy@taxtidy.app