Legal
Privacy
The short version. The full POPIA manual and the PAIA section-51 documentation are available on request — email support@taxup.app. Last updated: May 2026.
What's in the file we hold on your firm and its clients
Two layers. For the firm: your business contact details, your SAIT practitioner number, the staff invited to the organisation. For each client your firm onboards: contact details, 13-digit South African ID, SARS tax reference number, the bank-statement PDFs your firm uploads, and the categorised transaction rows we lift out of those PDFs.
We never request your client's eFiling password or online-banking credentials. Both stay on the client's keyboard, not ours. TaxUp generates the income statement; your firm files the return through its existing channels.
The exact servers your row touches
Your account data lives in a Neon Postgres footprint (currently eu-central-1 while Neon's South African region opens up), with the application + functions hosted on Vercel. The sensitive columns (ID number, tax number, transaction amounts, descriptions, counterparties) are encrypted at the column level with app-layer AES-256-GCM. A database dump on its own is meaningless without the master key — and the master key sits in Vercel project secrets, not in the source repo.
Statement PDFs: read once, dropped within a day
Bank-statement PDFs you upload are read in-request and dropped from memory the moment the parse finishes. We don't persist the raw file anywhere — there's no inbox, no scratch bucket. The derived transaction rows are what live on; the originating PDF stops at the function boundary.
The firm-wide audit log — what it captures
Every action your staff take inside the workspace lands in a sealed log scoped to your firm: which client was opened, which transaction was categorised, which override was saved, with timestamp, actor, and a chained hash. The log is read-only by design — updates and deletes raise an exception at the database, not a silent overwrite.
TaxUp itself doesn't submit anything to SARS. Your firm files returns through its existing eFiling channel using your own SAIT practitioner number; the audit log is evidence of how the underlying books were produced.
The parties downstream of TaxUp
We hold the categorised transactions and the income statements your firm produces. The downstream parties are infrastructure, not business logic:
- Vercel — application + serverless functions; logs scrubbed of PII.
- Neon — Postgres database (currently eu-central-1; SA region when available).
- Resend — transactional email (sign-in codes, account notifications). Message bodies retained 30 days for delivery diagnostics, then deleted.
- OpenAI — bank-statement OCR fallback for image-only PDFs and the long-tail of categorisation the rule engine doesn't catch. Only the transaction description and amount are sent; no ID numbers, no names, no account numbers. OpenAI's commercial API explicitly excludes data sent through it from training.
- Sentry — error monitoring, configured to scrub financial amounts and identity fields from every captured event.
- Paystack — payment processing (South Africa).
Each one is bound by a data-processing agreement that mirrors these same commitments.
How long we keep each layer
Statement PDFs: minutes to hours — read in-request, dropped on parse completion. No persistent copy.
Derived transactions, returns, audit logs: five years from submission — the SARS record-keeping requirement under the Tax Administration Act.
Account profile data (name, email, ID, tax number): held while your subscription is active and for five years after, so the audit trail across submitted years remains complete.
What POPIA Sections 23 and 24 entitle you to
You have the right to request a copy of the personal information we hold on you (Section 23), correct anything wrong (Section 24), delete your account (subject to the SARS five-year retention duty for submitted returns), and object to processing. Email support@taxup.app and we'll respond inside 30 calendar days.
The same surfaces are available inside the app under Data & privacy for one-click download and scheduled deletion.
If something leaks
In the event of a breach affecting your personal data, we notify you and the Information Regulator of South Africa within 24 hours of confirmation.
Information Officer
Under POPIA, TaxUp's Information Officer is the founder, reachable at support@taxup.app. The Information Officer's name and the operating entity will be updated here once the Pty Ltd is incorporated.