Privacy Policy

Last updated: April 5, 2026

1. Who We Are

Wrenworth Tax ("Wrenworth," "we," "us") operates the wrenworthtax.com platform — an AI-powered tax intelligence platform for consumers and tax professionals. This Privacy Policy explains how we collect, use, protect, and share your information.

2. Information We Collect

Account Information: Name, email address, phone number, and password when you create an account.

Tax Information: Filing status, income sources, business entities, tax documents, transactions, and other tax-related data you provide or upload. This may include sensitive information such as Social Security Numbers (SSN) and Employer Identification Numbers (EIN).

Usage Data: How you interact with the platform, including pages viewed, features used, and session duration.

Device Information: Browser type, operating system, IP address, and device identifiers.

3. How We Use Your Information

  • Prepare and file your tax returns
  • Provide year-round tax monitoring and deduction tracking
  • Calculate estimated tax payments and audit risk assessments
  • Power Rico, our AI tax assistant, to answer your questions
  • Match you with Enrolled Agents when you request professional help
  • Send tax deadline reminders and alerts (with your consent)
  • Improve our platform and develop new features

4. How We Protect Your Information

  • Encryption: All data is encrypted at rest (AES-256) and in transit (TLS 1.3)
  • SSN/EIN Tokenization: Social Security Numbers and Employer Identification Numbers are tokenized immediately upon ingestion and never stored in plaintext
  • Row-Level Security: Database-level access controls ensure you can only access your own data
  • Security Headers: HSTS, Content Security Policy, X-Frame-Options, and other security headers are enforced on all pages
  • Infrastructure: Hosted on Supabase (SOC 2 Type II certified) and Vercel (SOC 2 Type II certified)

5. What We Never Do

  • We never sell your personal or financial data to anyone
  • We never train AI models on your tax returns or financial data
  • We never share your data with third parties without your explicit, granular consent
  • We never store your SSN or EIN in readable form

6. Consent and Control

We use a granular consent system that gives you control over every data action. During sign-up and at any time in Settings > Privacy, you can:

  • Grant or revoke consent for data processing, email/SMS communications, EA sharing, and anonymized benchmarks
  • Each consent is independently controllable — granting one does not grant others
  • Consent changes take effect immediately
  • All consent actions are logged in an immutable audit trail

This consent system is designed to comply with IRC §7216, which governs the use and disclosure of tax return information.

7. Data Sharing with Tax Professionals

If you request help from an Enrolled Agent, CPA, or Tax Attorney through our marketplace, we share only the data relevant to your engagement — and only after you explicitly consent. The practitioner can only see data you've authorized. You can revoke this access at any time.

8. Third-Party Services

We use the following third-party services to operate the platform:

  • Supabase — Database and authentication (SOC 2 Type II)
  • Vercel — Application hosting (SOC 2 Type II)
  • Anthropic (Claude) — AI processing for Rico tax assistant (data processed in-session only, not retained for training)
  • Plaid — Bank account connectivity (when enabled by user). Plaid's privacy policy is available at plaid.com/legal

9. Data Retention

Tax returns, documents, and transaction data are retained for 7 years from the filing date, consistent with IRS record-keeping recommendations and the statute of limitations for substantial omissions (IRC §6501(e)). After 7 years, data is automatically purged unless you request earlier deletion.

10. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data (subject to retention requirements)
  • Export your data in a portable format
  • Revoke any consent at any time

California residents have additional rights under the CCPA/CPRA, including the right to know what data is collected, opt out of data sales (we don't sell data), and request deletion.

11. Contact Us

For privacy questions, data requests, or concerns:

Email: privacy@wrenworthtax.com