What happens to your clients' documents.

What does the AI actually read in my clients' documents?

Form type and tax year. It identifies “this is a W-2 for 2024” or “this is a 1099-NEC for 2023.” SSNs, dollar amounts, account numbers, employer names are never read, never stored, never transmitted. The classifier is purpose-built for the two fields it needs and has no access path to the rest of the document content after classification.

What happens to the emails my clients send?

We store three things: sender address, subject line, and the attached files. The email body is discarded immediately on receipt and never written to disk. If your client types “hope you're well,” that sentence is gone within seconds. We don't read it. We can't recover it. Nobody can subpoena it because it doesn't exist.

Where is the data stored?

US-only. Cloudflare R2, US West North America region. No data is routed through or stored outside the United States. Your firm's data is isolated. It does not share infrastructure with any other firm's data. Each firm has its own storage bucket scoped by firm ID.

What if inbox.tax gets hacked or shuts down?

Every document access is logged with a timestamp, the IP that accessed it, and which preparer on your account. You'd get a full audit trail of what was accessed and when. If inbox.tax ever shuts down, you can export all your documents before any wind-down. We will not trap your data. Export is a standard ZIP of original files plus a CSV of the classification metadata.

Can you use my client data for anything?

No. Your client list, your documents, your firm's data: none of it is used for training, analytics, aggregation, or sale. Not now, not if we raise funding, not ever. That constraint is structural, not a policy we could quietly update. The classifier model is run as an isolated process per firm; its outputs are not pooled, compared, or used to improve the model.

Who can see my clients' files?

You and the people on your firm's account. No inbox.tax employee reads document content. The AI classifier runs as an automated process. It identifies form type and discards everything else. There is no human review of your clients' tax documents. Engineering access to production storage is logged and requires explicit approval from you before any debugging session that would touch firm data.

Do you have SOC 2?

No SOC 2 yet. We are pre-launch and building with SOC 2 controls from day one. The audit cycle takes 6 to 12 months and we plan to start it once we have steady-state production traffic. In the meantime we publish exactly what we do and don't do (this page) and you can email me directly for anything that's not covered: hi@inbox.tax.

What about HIPAA, GLBA, IRS Pub 4557?

Tax preparer obligations under IRS Pub 4557 and the FTC Safeguards Rule (GLBA) apply to you, not to inbox.tax directly. We are built to support your compliance: per-firm isolation, full audit logs, encrypted at rest and in transit, US-only storage, no employee read access. We are happy to sign a vendor security questionnaire and provide our SOC 2 readiness documentation on request.