🔐

Security & Compliance

Your financial data is protected by the highest industry standards.

Data Security

We implement bank-grade security measures to protect your sensitive financial information.

Transport Encryption

All data in transit is encrypted using TLS 1.3, the most secure protocol available.

Storage Encryption

Data at rest is encrypted using AES-256 encryption, the same standard used by banks.

Access Control

Role-based access control (Owner, Finance, CPA) ensures only authorized users see sensitive data.

Two-Factor Authentication

Optional 2FA with authenticator apps (Google Authenticator, Authy) adds an extra layer of security to your account.

Privacy & Compliance

PIPEDA Compliance

We comply with Canada's Personal Information Protection and Electronic Documents Act.

Canadian Data Centers

Customer data is primarily stored in Canadian data centers, aligned with PIPEDA requirements.

No Model Training

We do not use your data to train AI models without explicit opt-in consent.

Security Practices

Peer code review, static security analysis, dependency scanning, and quarterly internal security reviews. Security practices aligned with SOC 2 principles.

Reliability

High Availability Architecture

Multi-region cloud deployment with automatic failover. If one data center experiences issues, service continues automatically.

Automatic Backups

Regular automatic backups with multi-day retention ensure your data is always protected and recoverable.

Audit Logs

Complete audit trail of all actions for 6+ years retention.

AI Transparency

We believe in transparency about how AI is used in OPTAX.

What AI Does

Transaction classification, anomaly detection, tax optimization suggestions, and compliance checking.

What AI Does NOT Do

AI never automatically submits to CRA, never fabricates data, and never modifies transactions without your confirmation.

User Control

You can always override any AI suggestion. AI recommendations require human confirmation.