Security & Privacy

Your Tax Information Deserves the Best Protection

We employ bank-level security measures to safeguard your sensitive data

256-Bit Encryption

We use the same encryption technology as major financial institutions to protect your data during transmission and storage.

Secure Data Centers

Your information is stored in Australian SOC 2 compliant data centers with 24/7 physical security and redundant systems.

Two-Factor Authentication

Add an extra layer of security to your account with optional 2FA, preventing unauthorized access even if your password is compromised.

Regular Security Audits

Our systems undergo routine penetration testing and security audits by independent cybersecurity experts.

Biometric Authentication

Use your device's fingerprint or face recognition for quick and secure access to your tax information.

Privacy Compliance

We strictly adhere to the Australian Privacy Act and maintain comprehensive data protection policies.

Our Security Measures in Detail

How we protect your information at every step

Advanced Account Protection

We've implemented multiple layers of authentication to keep your account secure:

Strong password requirements with regular expiration
Two-factor authentication via SMS or authenticator apps
Biometric authentication on compatible devices
Suspicious activity detection and alerts
Automatic session timeouts after periods of inactivity

You'll also receive email notifications about important account activities, such as password changes or login attempts from new devices.

Data Encryption & Transmission

Your data is protected both in transit and at rest:

TLS/SSL encryption for all data transmitted between your device and our servers
AES-256 encryption for all stored data
Secure API endpoints with token-based authentication
HTTPS-only access with HSTS enforcement
Encrypted backup systems with strict access controls

We never store sensitive information like tax file numbers in plain text and employ advanced key management systems.

Infrastructure & Network Security

Our technical infrastructure is built with security at its core:

Australian-based data centers with SOC 2 compliance
Multi-layered firewall protection and intrusion detection systems
Real-time monitoring for suspicious traffic patterns
Regular vulnerability scanning and patching
Redundant systems to prevent data loss and ensure availability

We employ a dedicated security team that responds to potential threats 24/7 and continuously improves our security posture.

Privacy Policy Summary

How we collect, use, and protect your personal information

Information We Collect

We collect information necessary to provide our tax services, including:

Personal identifiers (name, email, phone number, address)
Financial information required for tax return preparation
Authentication data to verify your identity
Device and usage information to improve our services

We never collect more information than necessary to provide our services.

How We Use Your Information

Your information is used solely for:

Preparing and lodging your tax returns
Providing customer support and answering inquiries
Improving our platform and user experience
Meeting regulatory and compliance requirements

We never sell your personal information to third parties for marketing purposes.

Your Privacy Rights

As an Australian service provider, we respect your rights to:

Access your personal information that we hold
Request correction of inaccurate information
Control the marketing communications you receive from us
Request deletion of your data (subject to legal retention requirements)

For a complete explanation of our privacy practices, please review our full Privacy Policy.

Security FAQ

Answers to common questions about our security measures

How is my tax data protected?

Your tax data is protected using multiple security layers. We employ 256-bit encryption (the same used by banks) for all data transmission and storage. Our systems are hosted in secure Australian data centers with physical security measures, and we implement strict access controls so that only authorized personnel can access your information when necessary for service provision.

What is two-factor authentication and how do I set it up?

Two-factor authentication (2FA) adds an extra security layer by requiring two forms of verification when you log in: something you know (password) and something you have (mobile device). To set up 2FA, log into your account, go to "Security Settings," and select "Enable Two-Factor Authentication." You can choose between SMS verification or using an authenticator app like Google Authenticator or Authy. We strongly recommend enabling this feature for maximum account security.

How long do you retain my tax information?

We retain your tax information for as long as necessary to provide our services and comply with legal requirements. For tax returns, the ATO requires taxpayers to keep records for five years from the date of lodgment. Accordingly, we maintain your tax documents for this period to assist with any ATO inquiries. You can request deletion of certain information (subject to legal retention requirements) through your account settings or by contacting our support team.

Has Taxo.au ever experienced a data breach?

No, Taxo.au has never experienced a data breach. We maintain a proactive security posture with continuous monitoring, regular security assessments, and a dedicated security team. In the unlikely event of a security incident affecting your data, we are committed to transparent communication and would notify affected users promptly as required by the Australian Privacy Act and other applicable regulations.

Do you share my information with third parties?

We only share your information with third parties in limited circumstances: (1) when necessary to provide our services (such as submitting your return to the ATO), (2) with service providers who help us operate our platform (all of whom are bound by strict confidentiality agreements), (3) if required by law or legal process, or (4) with your explicit consent. We never sell your personal information to third parties for marketing purposes.

What should I do if I suspect unauthorized access to my account?

If you suspect unauthorized access to your account, take these immediate steps: (1) Change your password immediately through the "Forgot Password" link if you can't access your account, (2) Enable two-factor authentication if you haven't already, (3) Contact our security team immediately at security@taxo.au or call 1300 TAXO AU, (4) Review your account activity and tax return status for any unauthorized changes, and (5) If you notice any fraudulent activity, also report it to the ATO and relevant authorities. Our security team will work with you to secure your account and investigate any suspicious activity.