What is Tax AI and how does it work?

Tax AI (Artificial Intelligence for taxes) uses advanced machine learning to provide instant tax research, document analysis, and professional guidance. Our Tax AI Assistant analyzes complex tax situations and provides authoritative answers with citations from multiple tax sources.

Is Tax Stack AI effective for professional tax assistance?

Tax Stack AI is a professional Tax AI Assistant designed specifically for CPAs, EAs, and tax professionals. Our AI tax software provides instant research, document analysis, and client management with authoritative citations from multiple tax sources.

How does AI tax software compare to traditional tax tools?

AI tax software like Tax Stack AI provides instant answers, automated document analysis, and intelligent research capabilities that traditional tools cannot match. Our Tax AI Assistant learns from multiple tax sources to provide more accurate and comprehensive guidance.

Data Processing Addendum

This Data Processing Addendum (including its Exhibits) (this "DPA") forms part of and is subject to the terms and conditions of the Terms and Conditions (the "Agreement") by and between you ("Customer") and Tax Stack AI, LLC ("Tax Stack AI"). This DPA applies only if you are accessing or using the Services as a User. Capitalized terms not defined in this DPA have the meanings given to them in the Agreement. If any language in this DPA conflicts with the Agreement, this DPA controls.

1. Definitions

1.1 Customer Personal Data:

Customer Data that qualifies as Personal Data and is Processed by Tax Stack AI on behalf of Customer under the Agreement.

1.2 Data Protection Laws:

Applicable privacy and data protection laws governing the Processing of Customer Personal Data, including, but not limited to:

Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs)
Privacy and Other Legislation Amendment Act 2024 (Cth)
California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act

1.3 Personal Data:

Has the meaning assigned under applicable Data Protection Laws.

1.4 Process/Processing:

Any operation performed on Personal Data, including collection, storage, use, disclosure, or destruction.

1.5 Security Incident(s):

Any breach resulting in accidental or unlawful destruction, loss, alteration, or unauthorized access to Customer Personal Data attributable to Tax Stack AI.

1.6 Services:

Services provided by Tax Stack AI under the Agreement.

1.7 Subprocessor:

Any vendor engaged by Tax Stack AI to Process Customer Personal Data.

2. Processing of Customer Personal Data

2.1 Documented Instructions:

Tax Stack AI shall Process Customer Personal Data only to provide the Services, in accordance with this DPA, the Agreement, and any mutually agreed instructions. If required by law to Process Customer Personal Data for other purposes, Tax Stack AI will notify Customer unless prohibited on grounds of public interest.

2.2 Authorization to Use Subprocessors:

Customer authorizes Tax Stack AI to engage Subprocessors, which may further engage other vendors.

2.3 Subprocessor Compliance:

Tax Stack AI shall:

Enter into agreements with Subprocessors imposing obligations consistent with this DPA.
Remain responsible for Subprocessors' compliance.

2.4 Right to Object to Subprocessors:

Tax Stack AI will notify Customer prior to engaging new Subprocessors via the account owner's email. Customer has 10 days to object in good faith.

2.5 Confidentiality:

All personnel authorized to Process Customer Personal Data are subject to confidentiality obligations.

2.6 Data Subject Requests:

Tax Stack AI will assist Customer in responding to requests from individuals exercising rights under applicable Data Protection Laws.

2.7 Data Protection Assessments:

Tax Stack AI will provide reasonable assistance for assessments, impact assessments, or prior consultations required under Data Protection Laws. Customer reimburses Tax Stack AI for significant costs incurred.

2.8 Demonstrable Compliance:

Tax Stack AI will provide information necessary to demonstrate compliance with this DPA.

2.9 California-Specific Terms (CCPA):

Tax Stack AI shall:

Comply with all CCPA obligations.
Not sell or share Customer Personal Data.
Process Customer Personal Data solely to provide the Services or as permitted by law.
Permit Customer to verify compliance upon request.

2.10 Service Optimization:

Tax Stack AI may Process Customer Personal Data for:

Improving Services.
Detecting or preventing Security Incidents.
Preventing malicious or illegal activity.

2.11 Aggregation and De-Identification:

Tax Stack AI may compile and use Aggregated and/or De-Identified Data for lawful business purposes, ensuring individuals cannot be identified.

3. Information Security Program

Tax Stack AI shall maintain reasonable administrative, technical, and physical safeguards as detailed in Exhibit A – Tax Stack AI Information Security Standards.

4. Security Incidents

Tax Stack AI will notify Customer without undue delay of any Security Incident and provide necessary details to assist Customer in compliance with applicable laws.

5. Data Deletion

Upon termination of the Agreement, Tax Stack AI will delete Customer Personal Data, except where retention is required by law. Backup or archival copies will be isolated and restricted.

6. Processing Details

Subject Matter: The Services.
Duration: Until the Agreement expires or terminates.
Categories of Data Subjects: Customer clients and other relevant individuals.
Nature and Purpose: Performance of the Services.
Types of Data: Customer Personal Data uploaded or provided to Tax Stack AI.

9. Account Data

Tax Stack AI may Process data about Customer's use of the Services ("Account Data") per its Privacy Notice. Account Data is not Customer Data.

10. Contact Information

Designated Points of Contact (POC):
Tax Stack AI: team@taxstackai.com

EXHIBIT A TO THE DATA PROCESSING ADDENDUM

Tax Stack AI Information Security Standards

These Tax Stack AI Information Security Standards (the "Information Security Standards") form part of the DPA. All capitalized terms that are not expressly defined in the Information Security Standards will have the meanings given to them in the DPA or the Agreement.

Tax Stack AI shall implement and maintain an information security program ("Information Security Program") that includes reasonable administrative, technical, and physical safeguards designed to protect Customer Personal Data. At a minimum, the Information Security Program shall include:

Authentication. Tax Stack AI shall maintain authentication measures including, as appropriate, multi-factor authentication for key systems that Process Customer Personal Data and industry standard passwords.
Encryption. Tax Stack AI shall encrypt Customer Personal Data in transit and at rest using industry standard encryption technologies.
Account Management and Access Controls. Tax Stack AI shall maintain account management and access controls.
Inventory and Management of Customer Personal Data and Information Systems. Tax Stack AI shall maintain an inventory of Customer Personal Data and the information systems used to Process Customer Personal Data. Tax Stack AI shall maintain approval processes designed to prevent the unauthorized connection of hardware and devices to Tax Stack AI's information systems that Process Customer Personal Data.
Secure Configuration of Hardware and Software. Tax Stack AI shall maintain controls designed to ensure the secure configuration of Tax Stack AI hardware and software that is used to Process Customer Personal Data.
Vulnerability Scans, Penetration Testing, and Vulnerability Disclosure and Reporting. Tax Stack AI shall carry out internal and external vulnerability scans, penetration testing, and vulnerability disclosure and reporting for key information systems used to Process Customer Personal Data.
Audit-Log Management. Tax Stack AI shall maintain controls for audit-log management.
Network Monitoring and Defenses. Tax Stack AI shall maintain controls for monitoring and defending its network.
Antivirus and Antimalware Protection. Tax Stack AI shall maintain antivirus and antimalware protections on Tax Stack AI personnel workstations.
Information System Segmentation. Tax Stack AI shall maintain controls designed to ensure segmentation of its information systems that Process Customer Personal Data.
Limitation and Control of Ports, Services, and Protocols. Tax Stack AI shall maintain controls designed to limit and control ports, services, and protocols used to Process Customer Personal Data.
Cybersecurity Awareness. Tax Stack AI shall maintain a cybersecurity awareness program designed to keep Tax Stack AI informed of changing cybersecurity threats and countermeasures.
Cybersecurity Education and Training. Tax Stack AI shall provide cybersecurity education and training to all Tax Stack AI personnel who have access to Tax Stack AI's information systems that Process Customer Personal Data.
Secure Development. Tax Stack AI shall maintain controls designed to ensure secure development.
Vendor Management. Tax Stack AI shall maintain oversight of Subprocessors.
Data Retention and Disposal. Tax Stack AI shall maintain data retention and disposal processes for Customer Personal Data.
Security Incident Management. Tax Stack AI shall maintain processes for the management of Security Incidents.
Business Continuity and Disaster Recovery. Tax Stack AI shall maintain industry standard business-continuity and disaster-recovery plans as it relates to the Processing of Customer Personal Data.