Trust
How we protect your data
Your tax-return inputs, brokerage holdings, and payment details are the most sensitive things you can hand a piece of software. Here is, in plain terms, how we keep them safe.
Read-only broker access via Plaid
When you connect a US brokerage, we use Plaid to read your investment holdings and transactions — the positions, security identifiers, and balances needed to compute your PFIC and foreign-tax-credit numbers. That is a read-only data connection: we never initiate transfers and Atamatax never moves money in or out of your account.
Your broker login never reaches us. Your brokerage username and password go directly to Plaid — we do not receive, see, or store them. You stay in control of the connection and can ask us to disconnect a broker and delete its data at any time (see below).
Encrypted in transit and at rest
Every connection to Atamatax and to our sub-processors is encrypted in transit with TLS 1.2+. Sensitive fields — Plaid access tokens, social-security numbers, and similar secrets — are additionally encrypted at the application layer with AES-256-GCM before they ever reach the database, so they are stored as ciphertext rather than plain text.
Production database access is restricted to two server-side keys, and those service-role keys never reach the browser. Tax-return data and encrypted brokerage tokens live in a US-hosted Postgres database; backups are retained encrypted for up to 30 days.
Payments handled by Stripe
When you finalise your return, Stripe processes the payment. We receive only the resulting Checkout Session id and the amount — we never see or store your card number.
We never sell your data
We do not sell your personal information to advertisers, data brokers, or any third party. The only parties who touch your data are the sub-processors that run the service (such as Supabase, Vercel, Stripe, Plaid, and Resend), each acting under its own data-processing agreement.
Delete your data whenever you want
You can request a copy of your data, ask us to correct it, or ask us to delete it. Email support@atamatax.com from the address on file and we respond within 30 days. Account credentials are deleted within 90 days after you ask us to close your account. Full details are in our Privacy Policy.
If something goes wrong
No system is perfect. If we discover a security incident affecting your data, we will notify you within 72 hours of confirming the incident and publish a post-mortem on the same domain.
Security researcher? Read our responsible-disclosure policy and report an issue: Report a security vulnerability →