Tax documents are among the most sensitive files people store online. BasilTax treats them that way: minimize what models see, encrypt in transit, and never sell your data.
Before any document text is sent to an LLM for structured extraction, we run redact_pii() on the
server to mask Social Security numbers, labeled account numbers, and similar patterns. Employer EINs are
preserved where tax logic requires them.
Assistant outputs are scanned again; anything resembling PII is blocked from storage and display where possible.
Your documents are not used to train third-party foundation models. They are processed for your account only.
When you generate a public share link for an audit trace, viewers see a redacted payload (masked filenames and values). Links expire automatically.
We use industry-standard cloud and AI APIs required to operate the product. Enterprise customers may request a Data Processing Addendum (DPA) — contact your legal / security contact at BasilTax.
Roadmap: formal SOC 2 Type II as we scale enterprise workflows.