← Back to TaxGather

Privacy Policy

Last updated: March 1, 2026

The Short Version

TaxGather is designed so that your financial documents never touch our servers. Your files go directly to your Google Drive. We process documents in real-time using AI and do not store your files, images, or financial data on our infrastructure.

What We Collect

  • Google Account Info: Your name, email address, and profile picture — used solely to identify your account and manage your session.
  • Usage Data: Anonymous analytics such as pages visited, feature usage, and error logs. We do not track your document contents.
  • Payment Information: If you subscribe to a paid plan, payment is processed by Stripe. We never see or store your credit card number.

What We Do NOT Collect

  • Your tax documents (W-2s, 1099s, receipts)
  • Your financial data or transaction details
  • The contents of your Google Drive files
  • Your Google Sheets data

Your documents are uploaded directly from your device to your own Google Drive using Google's APIs. TaxGather acts as a pass-through processor — we read the document to extract and categorize data, then write the results to your Google Sheet. We do not retain copies.

Google API Permissions

When you sign in, we request the following Google permissions:

  • Google Drive (drive.file): To create and manage the TaxGather folder and files in your Drive.
  • Google Sheets (spreadsheets): To create and update your tax document spreadsheet.
  • Gmail (gmail.readonly): Optional — requested only when you enable the Gmail auto-scan feature to find receipts in your email. This scope is not included in the initial sign-in and is never used unless you explicitly activate the feature.

You can revoke these permissions at any time from your Google Account settings.

AI Processing

We use AI services (Anthropic's Claude and Google's Gemini) to categorize your documents. Document content is sent to the AI service for processing and is not stored or used for training by the AI provider, per our data processing agreements. Processing happens in real-time and no document data is retained after categorization.

Data Security

  • All connections use HTTPS/TLS encryption
  • We use HTTP Strict Transport Security (HSTS)
  • Sessions are encrypted and expire automatically
  • We implement Content Security Policy (CSP) headers
  • No financial data is stored on our servers

Data Retention

Since your documents live in your Google Drive, you control retention. If you delete your TaxGather account, we remove your account record from our system. Your Google Drive files and spreadsheets remain yours — we cannot access or delete them.

Third-Party Services

  • Google: Authentication, Drive storage, Sheets
  • Stripe: Payment processing
  • Anthropic / Google AI: Document categorization AI
  • Vercel: Application hosting
  • Sentry: Error monitoring (no financial data sent)

We Do Not Sell Your Data

We do not sell, rent, or share your personal information with advertisers or data brokers. Period.

Children's Privacy

TaxGather is not designed for use by anyone under the age of 18.

Changes to This Policy

We may update this policy from time to time. We will notify registered users of significant changes via email. The "Last updated" date at the top reflects the most recent revision.

Contact

Questions about privacy? Email us at privacy@taxgather.com.

© 2026 TaxGather. All rights reserved.