Skip to main content
memo.tax

Privacy

Privacy Policy

Last updated: May 2026

memo.tax (“we,” “us”) is operated from Ontario, Canada. This policy explains what personal information we collect, how we use it, and your rights under the federal Personal Information Protection and Electronic Documents Act (PIPEDA).

This is a plain-language policy. If anything is unclear, email privacy@memo.tax.

1. Information we collect

Account information

When you sign up, we collect your email address and a bcrypt hash of your password (we never store your plaintext password). You may optionally provide a name.

Query content

When you submit a tax question, we store the question text, the generated answer, and the retrieved source citations in our cache and your account’s query history. We use this to:

  • Serve cached answers on identical future questions (saves you time and reduces our model costs)
  • Show you your own past queries
  • Improve retrieval and prompt quality (in aggregate, never linked back to you publicly)

Do not enter personal information about clients in your questions. Questions should be in research-format (e.g., “How does s. 84.1 apply to…”) not fact-pattern-with-names.

Usage data

We log standard operational data: request timestamps, response times, error rates, and rough geographic origin (country/region from IP). We do not use third-party advertising trackers, behavioural retargeting, or session-replay tools.

Analytics

We use Google Analytics 4 on public pages (the homepage and the legal/compliance pages) to understand aggregate traffic patterns. IP anonymisation is enabled. Analytics is not active on signed-in pages (the app, query history, account settings) — your tax-research activity is not tracked by Google Analytics. To opt out across all sites, install the Google Analytics opt-out browser add-on.

Cookies

memo.tax sets two categories of cookies:

  • Essential — memo_session (HttpOnly, Secure, SameSite=Lax). Your signed-in session. Required for the app to work.
  • Analytics — _ga and _ga_<ID>. Set by Google Analytics on public pages only. Used to count visits and approximate user counts.

No advertising cookies. No third-party retargeting cookies.

2. Why we collect it

  • To provide the service (account, queries, answers)
  • To process payments (when you subscribe to a paid plan, via Stripe)
  • To respond to support requests
  • To detect abuse and protect the service
  • To improve retrieval quality and corpus coverage

3. Sub-processors and cross-border transfers

memo.tax relies on third-party providers for the technical operation of the service. The categories of provider we use are:

  • AI model and embedding provider — processes question text to generate answers and compute retrieval embeddings. Operates in the United States.
  • Cloud hosting provider — runs our application server and database. Operates in Canada.
  • Edge CDN and DDoS protection provider — handles inbound traffic, TLS termination, bot mitigation. Operates globally with Canadian and U.S. points of presence.
  • Payment processor (Stripe) — collects billing information for paid plans. We never see your card number. PCI DSS Level 1. Operates in the United States. Stripe’s privacy policy.
  • Analytics provider (Google Analytics) — aggregate traffic counting on public pages only. IP anonymisation enabled. Not active on signed-in pages.
  • Bot challenge provider (Cloudflare Turnstile) — shown only on signup and login. A privacy-respecting CAPTCHA alternative; no advertising trackers.

Specific vendor names for the AI, hosting, and edge providers are available on request to qualified customers (enterprise procurement, regulatory inquiry) at privacy@memo.tax. We don’t publish them broadly to avoid inviting targeted attacks on our infrastructure.

Cross-border notice: Some sub-processors operate outside Canada (primarily the United States). By using memo.tax you consent to this transfer. Foreign governments may have legal access to your data under their laws — see the OPC’s cross-border guidance.

4. Retention

  • Account data: kept while your account is active. If you delete your account, we purge personal identifiers within 30 days; cached query content is anonymised but may be retained for service improvement.
  • Query history: kept as long as your account is active. You can delete individual entries from your account.
  • Cached answers: kept indefinitely (anonymised — not linked to your identity).
  • Operational logs: 90 days, then rotated.
  • Stripe billing records: retained per Stripe’s requirements and Canadian tax law (typically 7 years).

5. Your rights under PIPEDA

You have the right to:

  • Access your personal information — we’ll provide a copy within 30 days
  • Correct inaccurate information
  • Withdraw consent for processing (effectively, close your account)
  • Delete your account and have us purge identifiers
  • Complain to the Office of the Privacy Commissioner of Canada at priv.gc.ca

To exercise any of these, email privacy@memo.tax.

6. Security

How we protect your data is summarised on the Security page. In short: TLS in transit, encrypted disks at rest, bcrypt passwords, HttpOnly Secure cookies, rate limiting, security headers, audit logging.

7. Breach notification

If a breach creates a real risk of significant harm to you, we will notify the Office of the Privacy Commissioner of Canada and the affected individuals as required by PIPEDA. We will also keep a record of every breach for 24 months.

8. Changes to this policy

We’ll post material changes here and notify signed-in users by email at least 30 days before they take effect.

9. Contact

Privacy Officer: memo.tax (reachable at the address below)

Email: privacy@memo.tax

Mail: Available on request.

See also: Privacy · Terms · Security · Disclaimer · Accessibility · Compliance