Privacy Policy

Last Updated: January 16, 2026

Sales Tax Vault ("we," "our," or "us") is committed to protecting your privacy and the security of your data. Data safety is paramount to our platform. This Privacy Policy explains how we collect, use, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Name and email address
  • Company name
  • Password (stored securely hashed, never in plain text)

Data You Store

You may choose to store the following types of information, all of which is encrypted:

  • State tax filing information and sales tax IDs
  • Department of Revenue login credentials
  • Banking information for tax payments
  • Documents such as registration certificates, notices, and tax returns
  • Exemption certificates and related customer information
  • Tech stack and system integration information

Automatically Collected Information

We automatically collect:

  • IP address and browser type
  • Usage data and access times
  • Device information

2. How We Use Your Information

We use your information to:

  • Provide and maintain the Service
  • Process payments and manage subscriptions
  • Send service-related communications
  • Respond to support requests
  • Improve and optimize the Service
  • Comply with legal obligations

3. Data Encryption and Security

Data safety is paramount to Sales Tax Vault. We employ comprehensive, industry-leading security measures to protect all your data:

All Data Encrypted at Rest

Every piece of data you store in Sales Tax Vault is encrypted using AES-256 encryption, the same standard used by banks and government agencies. This includes:

  • DOR Credentials: All usernames, passwords, PINs, and security questions are encrypted before storage
  • Banking Information: Account numbers, routing numbers, and payment details are fully encrypted
  • Documents: All uploaded files including registration letters, nexus studies, VDA agreements, and tax returns are encrypted
  • Exemption Certificates: Certificate PDFs and all associated customer data are encrypted
  • Filing History: All filing records, amounts, and confirmation documents are encrypted

Encryption in Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.2+ (Transport Layer Security). This ensures your data cannot be intercepted or read during transmission.

Additional Security Measures

  • Isolated Storage: Each account's data is stored separately with strict access controls preventing any cross-account access
  • Secure Authentication: Passwords are hashed using bcrypt with salt, making them unreadable even to us
  • Access Controls: Role-based permissions ensure users only access data they're authorized to see
  • Regular Security Audits: We conduct ongoing security assessments to identify and address vulnerabilities
  • Secure Infrastructure: Our servers are hosted in secure data centers with physical security, redundancy, and disaster recovery capabilities

4. Data Sharing

We do not sell, trade, or rent your personal information. We may share data only in these limited circumstances:

  • Service Providers: With trusted third parties who assist in operating our Service (e.g., payment processing via ChargeOver). These providers are contractually bound to protect your data.
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfer: In connection with a merger, acquisition, or sale of assets, with equivalent privacy protections maintained
  • With Your Consent: When you explicitly authorize sharing

5. Data Retention

We retain your data as follows:

  • Active Accounts: Data is retained while your account is active and remains encrypted at all times
  • Cancelled Subscriptions: Data is retained for 30 days after subscription expiration to allow for reactivation
  • Account Deletion: All data is permanently and securely deleted upon request
  • Backups: Backup data is encrypted and purged within 30 days of account deletion

6. Your Rights

You have the right to:

  • Access: View all data stored in your account at any time
  • Export: Download all your data in common formats (CSV, PDF) at any time
  • Correction: Update or correct your information
  • Deletion: Permanently delete your account and all associated data
  • Portability: Receive your data in a structured, commonly used format

7. Cookies

We use essential cookies to:

  • Maintain your login session securely
  • Remember your preferences
  • Ensure security (CSRF protection)

We do not use advertising or tracking cookies. We do not sell your data to advertisers.

8. Third-Party Services

We use the following third-party services:

  • ChargeOver: Payment processing and subscription management (PCI-DSS compliant)
  • Hostinger: Web hosting infrastructure

These services are carefully selected for their security practices and have their own privacy policies governing their use of your data.

9. Children's Privacy

Sales Tax Vault is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use after changes become effective constitutes acceptance.

11. Contact Us

For privacy-related questions or concerns, contact us at:

Taxiom LLC
Email: privacy@taxiom.com
Website: taxiom.com