Security & Compliance
Your financial data is protected with privacy-aware safeguards and access controls.
Data Security
We implement secure transport, access controls, and internal security reviews to protect sensitive financial information.
Transport Encryption
Sensitive data is protected in transit using secure transport.
Storage Encryption
Sensitive stored data is protected with cloud-provider safeguards and access controls.
Access Control
Role-based access control (Owner, Finance, CPA) ensures only authorized users see sensitive data.
Two-Factor Authentication
Optional 2FA with authenticator apps (Google Authenticator, Authy) adds an extra layer of security to your account.
Privacy & Compliance
Canadian Privacy Principles
Our privacy program is designed around Canadian privacy principles for collection, use, and disclosure.
Canadian Tax Workflows
OPTAX is designed for Canadian tax preparation workflows and related record-keeping needs.
No Model Training
We do not use uploaded tax, banking, document, or chat content to train public AI models.
Security Practices
Peer code review, static security analysis, dependency scanning, and recurring internal security reviews.
Reliability
High Availability Architecture
Cloud deployment with operational monitoring and recovery practices.
Automatic Backups
Regular automatic backups with multi-day retention support operational recovery.
Audit Logs
Audit trails are retained for compliance and support needs, with tax records kept up to 7 years where required.
AI Transparency
We believe in transparency about how AI is used in OPTAX.
What AI Does
Transaction classification, anomaly flags, readiness checks, and review questions.
What AI Does NOT Do
AI never automatically submits to CRA, never fabricates data, and never modifies transactions without your confirmation.
User Control
You can always override any AI suggestion. AI recommendations require human confirmation.