Security

Security built into
every layer.

TaxMind protects sensitive financial information using enterprise-grade infrastructure, encryption, and operational controls — the same standards that banks themselves rely on.

Principles

Six commitments we won't compromise on

Encryption by default

AES-256 at rest. TLS 1.3 in transit. Every byte, every connection, every service boundary.

Least-privilege access

No engineer can read customer data by default. Time-boxed, audited elevation only when explicitly justified.

Continuous monitoring

Behavioral anomaly detection, log aggregation, and 24/7 on-call coverage for security events.

Secure infrastructure

Hardened, isolated environments. Reproducible builds, signed artifacts, immutable deploys.

Responsible disclosure

Public security policy with a researcher-friendly process and bounties for verified findings.

Auditable by design

Every privileged action emits an immutable audit log retained for seven years.

Infrastructure

Controls in place today

AES-256 encryption at rest
TLS 1.3 transport security
SOC 2 Type II aligned controls
Read-only banking permissions
Automated monitoring systems
Multi-region infrastructure redundancy
Hardware security modules for key custody
PCI DSS aligned payment handling
GDPR-compliant data residency
SOC 2
Type II report

Audited annually by an independent firm. Report available under NDA.

GDPR
EU-compliant

Customer data is processed and stored within the EU. DPA available on request.

ISO 27001
Roadmap 2026

Certification work currently in progress with our information security partner.

Found a security issue?

We work directly with the security research community. Report findings to security@taxmind.ai and we'll acknowledge within 24 hours.

Talk to our security team →