top of page

Privacy Policy

TAXIFI – PRIVACY POLICY

 

Last Updated: March 2, 2026 

 

Taxifi AI Inc. (“Taxifi” “Company”, “our”, “we” or “us”) has created this Privacy Policy (“Privacy Policy”) to set out how we collect, use, and disclose information about identifiable individuals and information which can be used to identify an individual (“Personal Information”) through our Website (defined below) and in the course of providing our products, software (“Products”) and services (collectively, all of the foregoing the “Services”).

 

Privacy is of great importance to us. We do not actively collect Personal Information for the purpose of selling or marketing that Personal Information to third parties. In other words, we do not sell customer lists. Personal Information may be collected about users and visitors to the Website, as well as our customers and their end users who interact with our Services.  By visiting our website located at www.taxifi.ai, including subpages, (collectively, the “Website”), or using the Services in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy and you hereby consent to the collection, use and disclosure of your Personal Information in accordance with this Privacy Policy.  If you are using services operated by one of our customers, then the collection, use and disclosure of your Personal Information may be subject to that customer’s relevant privacy policy (including how it may reference this Privacy Policy), and Taxifi will be entitled to collect, use and disclose your Personal Information in accordance with that customer’s privacy policy (including how it may reference this Privacy Policy) and Taxifi’s rights under applicable law and Taxifi’s rights pursuant to Taxifi’s contract with that customer.  

 

  1. OVERVIEW

 

  1. Lawful processing. We process your Personal Information only to the extent necessary for the purposes described in this Privacy Policy. We set out below the type of Personal Information we collect and how we use such Personal Information. Except as set forth in this Privacy Policy, your Personal Information will not be used for any other purpose without your consent. You may withdraw your consent to our processing of your Personal Information at any time. However, withdrawing consent may result in your inability to continue using the Services.

 

  1. Scope.  This Privacy Policy covers the activities of Taxifi but does not apply to the practices of companies that we do not own or control, including our customers and third parties that may resell Taxifi products and services and any services offered by other companies or other sites linked from our Services.   You are responsible for ensuring that you have obtained the necessary authorizations and consents for any Personal Information you make available to us for use in accordance with this Privacy Policy, in particular, our customers represent and warrant to Taxifi that they have the necessary rights under applicable law or have obtained the necessary consents from each end user whose Personal Information is provided by that customer to Taxifi in order to allow Taxifi to use, disclose and otherwise process such Personal Information for the purposes described in this Privacy Policy in the manner described in this Privacy Policy.



 

  1. COLLECTION AND USE OF PERSONAL INFORMATION 

    1. What we Collect.  Set out below are the ways in which we may collect Personal Information:

  • Personal Information We Collect from our Customers. We may collect business contact information of individuals who work for our customers (i.e. businesses or professionals that use the Service to prepare, manage, or support tax filings in order to communicate with those customers about their business relationship with Taxifi.  We may also collect payment credentials or related information from our customers in order to allow those customers to pay Taxifi for Services procured by such customers or in order to remit to such customers their share of transaction fees collected from end users.

  • Personal Information Collected in the Course of the Services.  We may collect Personal Information about our customers’ end users through web forms and other communications methods used by the Services.  The Personal Information provided by end users consists of their name, address, phone number, identification documentation, occupation and proof of address and any other Personal Information required to meet regulatory requirements for our customers (some of whom may be money service businesses).  End users will also submit payment information to us.  In some instances, end user information may be collected by our customers and provided to the Taxifi.  If a customer has a privacy policy that applies to its end users, then that privacy policy shall take precedence over this privacy policy, and subject to our obligations under applicable law and our contractual arrangements with the applicable customer, we will comply with that privacy policy.

  • Tax Information. To provide the Services, including preparing and filing your tax return and related forms, we may collect and use information about you such as your identity and contact details (for example name, date of birth, address, email, phone number, and SIN), your tax profile (for example marital status and dependent information), and your income, deductions, credits, and supporting documents (for example tax slips, receipts, prior year return details, and Notices of Assessment). If you have business, self employment, rental, or GST/HST reporting, we may also collect relevant business and financial details such as business identification information, revenue, expenses, assets, and transaction records. With your authorization, we may access and import tax information from the Canada Revenue Agency and, if you choose to connect financial accounts, collect account and transaction data needed to categorize income and expenses and complete your return. We may also collect information you provide through questionnaires or customer support communications that is necessary to deliver the Services.

  • Bank Account Information. We may collect bank account information, such as account numbers, transit and institution numbers, account type, as well as transaction information in order to provide the Services.

  • Device information. We may collect information about devices you use to access the Services and information about how you use the Services, such as your IP address and which websites you visited before accessing our Services.

  • Logs. Our servers automatically record information created by your use of our Services to help us diagnose and fix technical issues, and to improve the overall quality and user experience of our Services. Logs may include information such as your IP address, browser type, operating system, details of how you used our Services (such as the functions you asked our Services to perform), diagnostic information related to the Services (such as crash activity reports), the referring web page, pages visited, location, your mobile carrier, device and application IDs, search terms, and cookie information.

  • Cookies. We use technologies like cookies and pixel tags to gather information about how you are interacting with the Services, which may include identifying your IP address, browser type, and referring page.

  • Employee and Contractor Candidate Information. When we seek candidates for potential jobs or contracting engagements with Taxifi, we collect information that those candidates choose to provide to us when applying, which may include contact information, education and employment history, credentials, place of residence and other information the candidate believes to be relevant.  For people who become our employees or contractors, we will typically retain the information provided by those candidates in the application process along with additional information to manage their employment or contractor relationship with us, including, without limitation, information related to income tax reporting and withholding and enrollment in Taxifi benefit plans (in each case, to the extent applicable for the relevant relationship).

 

  • Marketing Information. From time to time, we may conduct surveys or hold contests or other events and in connection with such surveys, contests, or events, we may collect information you elect to provide about yourself, such as your name, email address, telephone number, organization name and address; and general information about the company for whom you work.  In addition, we may use third-party service providers to collected business-related information about your employer such as its name, size, and publicly available revenue in connection with potentially offering the Services to your employer.

 

  • Taxifi Suppliers and Partners.  Taxifi collects business contact information of individuals who work for our suppliers and other partners to communicate with those suppliers and partners about their business relationship with the Company.

 

  1. Use of Personal Information. We may use your Personal Information and Usage Information in a manner that is consistent with this Privacy Policy and the context of our relationship with you. We will use your Personal Information and Usage Information collected through the Services for the following purposes:

 

  1. verify end user’s identities for the purposes of know-your-customer laws and regulations; 

  2. provide, operate, maintain and improve the Services;

  3. send technical notices, updates, security alerts and support and administrative messages;

  4. complete transactions (including end user transactions), and send related information to the relevant transaction participants, including confirmations and invoices;

  5. respond to comments, questions, and requests and provide customer service and support;

  6. communicate with you and provide news or information about us;

  7. investigate and prevent fraudulent transactions, unauthorized access to the Services, and other illegal activities;

  8. monitor and analyze trends, usage, and activities in connection with the Services, including generating aggregated and anonymized statistics;

  9. conduct business and contractual relationships that we have with various persons and companies (such as customers, suppliers, partners and employees); 

  10. for other purposes which we will notify you about and seek your consent; and 

  11. as otherwise specifically described in this Privacy Policy.

 

  1. STORAGE LOCATION AND TRANSFER OF PERSONAL INFORMATION

Taxifi processes and stores its data, including Personal Information, on servers located in Canada and the United States. Taxifi also transfers data to third-party service providers, including the third-party service providers described on our Sub-Processors webpage, as set out in Exhibit “A” (“Sub-Processors”). You agree to this transfer, storing or processing of your Personal Information in Canada and United States. You acknowledge and agree that your Personal Information may be accessible to law enforcement and governmental agencies in Canada and the United States under lawful access regimes or court order.

 

  1. DISCLOSURE OF PERSONAL INFORMATION WITH THIRD PARTIES

 

  1. Service Providers and Business Partners. We may from time to time employ third parties to perform tasks for us and we may need to share Personal Information (including account information) with them to perform those tasks. Unless we tell you differently, such third parties do not have any right to use the Personal Information we share with them beyond what is necessary for them perform the relevant tasks for us. The third parties we currently engage include third-party companies and individuals employed or contracted by us to provide certain capabilities within the Services and for certain general business functions, including the provision of database management, payment processing and customer relationship management tools, including the Sub-Processors.

 

  1. Business Transfers. If our business (or substantially all of our assets) are acquired by a third party, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be made available or otherwise transferred to the new controlling entity, where permitted under applicable law.  Your Personal Information may also be transferred in connection with due diligence for any such transactions.  In all cases, if any such transactions occur, your Personal Information will remain subject to the restrictions and protections set forth in this Privacy Policy.

 

  1. With Your Consent. If we need to use or disclose any Personal Information in a way not identified in this Privacy Policy, we will notify you and/or obtain consent as required under applicable privacy laws.

 

  1. As Required by Law. We may disclose your Personal Information to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. Further, we may disclose Personal Information when we believe in good faith that such disclosure is required by and in accordance with the law. 

 

We also reserve the right to access, read, preserve, and disclose any information as we reasonably believe is necessary to:

 

  • satisfy any applicable law, regulation, legal process or governmental request (including in pursuant to subpoenas, civil investigative demands, or similar processes); enforce our contracts or user agreements, including investigation of potential violations hereof; and

  • detect, prevent, or otherwise address fraud, security, or technical issues. 

 

The above may include exchanging information with other companies and organizations for fraud protection, spam/malware prevention, and know-your-customer purposes. Notwithstanding the general terms of this policy, the collection, use, and disclosure of Personal Information may be made outside of the terms of this Privacy Policy to the extent provided for in any applicable privacy or other legislation in effect from time to time, or pursuant to court orders (including in respect to depositions, interrogatories, subpoenas, civil investigative demands, and other court or regulatory-mandated discovery processes).

 

  1. RETENTION

 

We will keep your Personal Information for as long as it remains necessary for the identified purpose or as required by law, which may extend beyond the termination of our relationship with you.   Personal Information in respect to financial transactions is retained for at least five years by Taxifi for financial compliance and to meet regulatory requirements.  We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, account recovery, or if required by law. All retained Personal Information will remain subject to the terms of this Privacy Policy.  

 

  1. ACCESS, CORRECTION AND ACCURACY

 

You have the right to access the Personal Information we hold about you in order to verify the Personal Information we have collected in respect to you and to have a general account of our uses of that Personal Information. Upon receipt of your written request, we will provide you with a copy of your Personal Information, although in certain limited circumstances, and as permitted under law, we may not be able to make all relevant Personal Information available to you, such as where that Personal Information also pertains to another individual. In such circumstances we will provide reasons for the denial to you upon request. We will endeavor to deal with all requests for access to and modifications of Personal Information in a timely manner.

 

We will make every reasonable effort to keep your Personal Information accurate and up to date, and we will provide you with mechanisms to update, correct, delete or add to your Personal Information as appropriate. As appropriate, this amended Personal Information will be transmitted to those parties to which we are permitted to disclose your Personal Information. Having accurate Personal Information about you enables us to give you the best possible service.

 

  1. CHANGES TO THIS PRIVACY POLICY

This Privacy Policy is effective as of the date stated above. We may amend this Privacy Policy from time to time. Processing of Personal Information we collect is subject to the Privacy Policy in effect at the time such Personal Information is collected, used or disclosed as this Privacy Policy may subsequently be updated in accordance with this Section 9. If we make material changes or changes in the way we use Personal Information, we will notify you by posting an announcement on our Website or via the Services or sending you an email prior to the change becoming effective. By accessing the Website or using the Services after we make any such changes to this Privacy Policy, you are deemed to have accepted and agree to be bound by such changes. Please refer back to this Privacy Policy on a regular basis. 

 

  1. ADDITIONAL INFORMATION

 

Questions regarding this Privacy Policy or Taxifi’s privacy practices should be directed to our Privacy Officer:

 

Email: info@taxifi.ai



 

 

EXHIBIT “A”

SUB-PROCESSORS

 

To support Taxifi in delivering the Services, Taxifi engages third-party service providers as sub-processors. 

This page identifies our sub-processors, describes where they are located, lists the services they provide to us and identifies the type of Personal Information processed.

Our business needs may change from time to time and Taxifi will periodically update this page to provide notice of additions and removals to our list of sub-processors.

 

Vendor 

Legal entity

Vendor category

Service provided

Corporate headquarters

Data that may be processed

TaxCycle

Xero Software (Canada) Ltd. (TaxCycle)

Finance

Tax preparation and electronic filing software (Canadian tax returns)

Canada (Calgary, AB)

Tax return data, personal identifiers (name, address, SIN), income and deduction details, uploaded tax documents

Stripe

Stripe, Inc.

Finance

Payment processing (cards, bank payments), invoicing and subscriptions (if enabled)

USA (San Francisco, CA) and Ireland (Dublin)

Payment data (tokenized card details), billing/contact info, transaction identifiers, fraud and risk signals

Auth0

Okta, Inc. (Auth0)

Security Software

Authentication and identity management (login, MFA, session management)

USA (San Francisco, CA)

User identifiers (email/username), authentication events, IP address/device metadata, security logs; credentials handled per Auth0 configuration

AWS

Amazon Web Services, Inc.

IT infrastructure

Cloud hosting, storage, databases, backups, logging and monitoring

USA (Seattle, WA)

All platform data stored in your AWS environment (application data, files, logs, metadata)

Plaid

Plaid Inc.

Finance

Financial account connectivity (bank linking, balances and transactions) and identity services (if enabled)

USA (San Francisco, CA)

Financial account connection data, account and routing details (as applicable), balances, transaction history, identity verification data (if used)

Vercel

Vercel Inc.

IT infrastructure

Web application hosting, deployment, CDN/edge delivery and logs

USA (San Francisco, CA)

Web/app request metadata (IP, user agent), logs, build artifacts, and any content routed through hosted apps

 

Last Updated: March 2, 2026 

bottom of page