Privacy Policy
Last updated: March 17, 2026
Smack Tax LLC ("Smack Tax," "we," "our," or "us") operates the Smack Tax Lifeline application (the "App") and the website smacktax.com (the "Site"). This Privacy Policy describes how we collect, use, share, and protect your information when you use our App and Site.
By creating an account or using the App, you agree to this Privacy Policy. If you do not agree, please do not use the App.
1. Information We Collect
We collect the following categories of information to provide and improve the App's core functionality:
A. Account Information
- Data Types: Name, email address, user ID, authentication tokens.
- Purpose: Account creation, authentication, syncing data across devices.
- Collection Method: Provided by you during registration or via Sign in with Apple / Google Sign-In.
B. Location Data Precise
- Data Type: Precise GPS location (latitude/longitude).
- Purpose: Automatic mileage tracking to generate IRS-compliant mileage logs.
- Collection: Collected only when mileage tracking is active (manually started or auto-detected via Bluetooth). Location data is collected in the background with your explicit permission.
- Sharing: Location data is stored in your private, encrypted database. It is not shared with third parties, advertisers, or data brokers.
C. Financial Information
- Data Types: Income records, expense records, tax estimates, bank transaction data (when imported by you), subscription/purchase history.
- Purpose: Tax estimation, expense categorization, Schedule C generation, and core App functionality.
- Collection: Entered or imported by you. We do not automatically access your bank accounts — you manually import transaction files (CSV, OFX, etc.).
- Payment Processing: Subscription payments are processed by Stripe, Inc. We do not store, process, or have access to your full credit card or payment card numbers.
D. Photos and Documents
- Data Type: Receipt images, document photos.
- Purpose: AI-powered receipt scanning and expense categorization.
- Collection: Collected only when you choose to scan a receipt or upload a document within the App.
- Third-Party Processing: See Section 3 (AI-Powered Features) below for details on how receipt images are processed.
E. Device and Usage Information
- Data Types: Device model, operating system version, app version, crash logs, diagnostic data, Bluetooth device identifiers (for auto-start detection).
- Purpose: App stability, debugging, performance monitoring, and feature improvement.
- Collection: Collected automatically during App use.
2. Data Safety & Security
- Encryption in Transit: All data transmitted between the App and our servers uses HTTPS/TLS encryption.
- Encryption at Rest: All stored data is encrypted at rest using Google Firebase's industry-standard encryption (AES-256).
- Access Controls: Your data is isolated to your user account. No other users or Smack Tax personnel can access your financial data without your explicit permission or as required by law.
- Data Retention: We retain your data for as long as your account is active. Upon account deletion, all data is permanently removed (see Section 6).
3. AI-Powered Features & Third-Party Data Processing
Important: The App includes AI-powered features that send certain data to Google's Gemini AI service for processing. You will be asked for explicit consent within the App before any data is sent to Google. You may decline and continue using the App with full functionality — all AI-powered features can be performed manually instead. You may grant or revoke AI consent at any time in Settings → AI Data Processing.
The following subsections describe each AI-powered feature, exactly what data is transmitted, why, and what is returned:
The App uses Google Gemini AI to power several features. All AI features (except low-sensitivity location suggestions) require your explicit consent before any data is sent to Google. You will be prompted for consent within the App before first use, and you may revoke consent at any time in Settings → AI Data Processing.
A. Receipt Scanning
- What is sent: When you use the AI receipt scanner, the receipt image you photograph or upload is transmitted to Google's Gemini AI service via a Firebase Cloud Function.
- What is returned: Extracted text data including merchant name, transaction amount, date, time, payment method (cash/card/unknown), and suggested expense category.
- Why: To automatically extract and categorize receipt information, eliminating manual data entry.
B. Tax Concierge (AI Chat Assistant)
- What is sent: When you ask the Tax Concierge a question, only your message text is sent to Google Gemini AI. No personal financial data (income, expenses, mileage, bank transactions, or account details) is sent to Google through the Tax Concierge.
- What is returned: AI-generated answers to general tax and financial questions — IRS rules, deduction categories, filing requirements, quarterly payment deadlines, and business entity guidance.
- Why: To provide helpful tax knowledge and guidance without exposing your personal financial information to third parties.
- Privacy Safeguard: The Tax Concierge does not have access to your financial data. If you ask a question that requires your personal numbers (e.g., "how much should my quarterly payment be?"), the Concierge will direct you to the appropriate in-app tool (Tax Estimator, Dashboard, etc.) where your data is processed locally on your device.
- Sensitive Data Protection: As an additional safeguard, all text sent to Google AI is automatically scanned for sensitive patterns (Social Security numbers, EINs, bank account numbers, credit card numbers) and any detected patterns are redacted before transmission.
- Important: The Tax Concierge provides general informational guidance only and is not a substitute for professional tax advice. Do not enter sensitive personal information (SSN, bank account numbers, etc.) in the chat. See Section 9 (Disclaimer of Liability) below.
C. AI Tax Audit
- What is sent: Your income, expense, and mileage data for the selected tax year is sent to Google Gemini AI for review.
- What is returned: An AI-generated audit report identifying potential issues, missing deductions, and suggestions for improvement.
- Why: To help you catch errors and maximize legitimate deductions before filing.
D. Bank Statement Parsing
- What is sent: When you import a bank statement (PDF or CSV), the transaction text and document content may be sent to Google Gemini AI for intelligent parsing and categorization.
- What is returned: Structured transaction data (date, description, amount, category) and statement metadata (bank name, account type, period dates, balances).
- Why: To automatically parse and categorize bank transactions from various bank formats.
E. Toll Data Structuring
- What is sent: Raw toll transaction data (text descriptions, amounts, dates) from imported toll authority statements.
- What is returned: Structured toll records with normalized dates, amounts, and toll plaza locations.
- Why: To convert unstructured toll data into organized expense records.
F. Entity Sorting Guidance
- What is sent: Transaction descriptions and your business entity names/types.
- What is returned: Suggested entity assignments for transactions.
- Why: To help route expenses and income to the correct business entity.
G. Location Name Suggestions
- What is sent: GPS coordinates (latitude/longitude) when a trip ends at an unrecognized location.
- What is returned: A suggested business name or location label.
- Why: To auto-label trip destinations for your mileage log.
- Note: This is the only AI feature that does not require explicit consent, as it transmits only GPS coordinates (no personal or financial data) and has a local fallback.
Google's Data Use Policy
- Provider: Google LLC (Gemini AI API, accessed via Firebase Cloud Functions). Google processes this data as a data processor on our behalf.
- Data Retention by Google: Per Google's Cloud API Terms of Service, data submitted via the Gemini API is not used by Google to train its AI models. Google processes the data solely to provide the requested service. See Google Cloud Privacy Notice and Gemini API Terms of Service for details.
- Your Control: You must grant explicit consent within the App before any data (other than GPS coordinates for location suggestions) is sent to Google Gemini AI. You may revoke consent at any time via Settings → AI Data Processing. If you decline or revoke AI consent, all AI-powered features are disabled, but you can still use the App manually (add expenses by hand, review trips manually, etc.).
4. Third-Party Service Providers
We use the following trusted service providers to operate the App. Data is shared with these providers only as necessary to provide their respective services:
| Provider |
Purpose |
Data Shared |
| Google Firebase |
Authentication, database, hosting, analytics, crash reporting |
Account info, app data, device info, crash logs |
| Google Gemini AI |
Receipt scanning, Tax Concierge chat, AI tax audit, bank statement parsing, toll data structuring, entity sorting, location suggestions (with your consent — see Section 3) |
Receipt images, financial context (income/expenses/mileage summaries), bank statement content, toll data, transaction descriptions, GPS coordinates |
| Stripe, Inc. |
Subscription payment processing |
Payment method (processed by Stripe; we never see full card numbers) |
| Apple (Sign in with Apple) |
Authentication |
Apple user ID, name, email (as provided by Apple) |
| Google (Google Sign-In) |
Authentication |
Google user ID, name, email |
We do not sell, rent, or trade your personal information to third parties. We do not share your data with advertisers or data brokers.
5. Data We Do NOT Collect or Share
- We do not collect or store biometric data.
- We do not serve advertisements or share data with ad networks.
- We do not sell your personal information under any circumstances.
- We do not access your bank accounts directly — all bank data is manually imported by you.
- We do not use your data to build marketing profiles or track you across other apps or websites.
6. Account Deletion & Data Export
- Account Deletion: You may permanently delete your account and all associated data at any time via Settings → Delete Account within the App.
- Data Export: Before deletion, the App provides an option to export your data (trips, expenses, income records) so you retain a copy.
- What is Deleted: Upon account deletion, we permanently remove your account information, all trips, expenses, income records, receipt images, vehicle data, tax estimates, and all other user data from our servers. This action is irreversible.
- Web Deletion: You may also request account or data deletion via our website: Request Account Deletion.
⚠️ Tax Record Retention Notice: The IRS generally requires taxpayers to keep records supporting items on their tax returns for at least 3 years (and up to 7 years in certain situations). If you have used Smack Tax Lifeline data to prepare or support a filed tax return, we strongly recommend exporting your records before deleting your account. Smack Tax LLC is not responsible for any tax compliance issues arising from premature data deletion.
7. Your Rights & Choices
- Access: You can view all your data within the App at any time.
- Export: You can export your data (CSV format) from within the App.
- Deletion: You can delete your account and all data (see Section 6).
- AI Consent: You can grant or revoke consent for AI-powered features at any time in Settings.
- Location Permissions: You can enable or disable location tracking at any time through your device settings.
- Notifications: You can manage notification preferences through your device settings.
California Residents (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact us at support@smacktax.com.
European Residents (GDPR)
If you are located in the European Economic Area (EEA), you may have additional rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, erase, restrict processing, data portability, and object. Our legal basis for processing your data is contractual necessity (to provide the App's services) and your consent (for AI-powered features). To exercise your rights, contact us at support@smacktax.com.
8. Children's Privacy
The App is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will take steps to delete that information promptly.
9. Disclaimer of Liability
- Smack Tax Lifeline is a financial tracking and organizational tool. It is not a tax preparation service, accounting service, or licensed tax advisor.
- Tax estimates, deduction calculations, mileage logs, and Schedule C outputs provided by the App are for informational purposes only and should not be relied upon as professional tax, legal, or financial advice.
- You are solely responsible for verifying the accuracy of all data and for consulting a qualified tax professional before filing any tax return.
- Smack Tax LLC, its owners, officers, employees, and affiliates shall not be held liable for any errors, omissions, or inaccuracies in the App's outputs, nor for any tax penalties, fines, or liabilities that may result from reliance on the App's features.
- AI-powered features (including receipt scanning and categorization) are provided on an "as-is" basis. While we strive for accuracy, AI analysis may contain errors. You should review all AI-generated data for accuracy before using it for tax or financial purposes.
- Use of the App constitutes acceptance of these terms.
10. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, SMACK TAX LLC AND ITS OWNERS, OFFICERS, EMPLOYEES, AND AFFILIATES SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, OR ANY LOSS OF PROFITS, REVENUE, DATA, OR USE, ARISING OUT OF OR RELATED TO YOUR USE OF THE APP, WHETHER BASED ON WARRANTY, CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY, OR ANY OTHER LEGAL THEORY, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IN NO EVENT SHALL OUR TOTAL AGGREGATE LIABILITY EXCEED THE AMOUNT YOU HAVE PAID US IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM.
11. Indemnification
You agree to indemnify, defend, and hold harmless Smack Tax LLC, its owners, officers, employees, agents, and affiliates from and against any and all claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or in any way related to: (a) your use of the App; (b) your violation of this Privacy Policy; (c) your reliance on any data, calculations, or outputs provided by the App for tax filing or other financial purposes; or (d) your violation of any applicable law or regulation.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last updated" date at the top of this page and, where appropriate, through in-app notification. Your continued use of the App after any changes constitutes acceptance of the updated Privacy Policy.