Skip to content
A MyAIAccountant
Start free trial

Legal

Privacy Policy

Last updated: 2026-04-23

1. Who we are

MyAIAccountant ("we," "us," "our") provides multi-LLC real estate accounting software at myaiaccountant.xyz and myaiaccountant.xyz. This Privacy Policy describes how we collect, use, disclose, and protect personal information.

2. Categories of personal information we collect

  • Identifiers: name, email, phone, account credentials, IP address.
  • Commercial information: subscription tier, billing history, payment-method tokens (we never store full card numbers).
  • Financial information (sensitive): bank account names, transaction history (read-only via Plaid), property and entity information you enter, tax-form data you upload or generate.
  • Internet activity: pages visited, features used, device + browser metadata.
  • Inferences: AI-generated transaction categorizations, suggested tax treatments.

We do not collect biometric data, geolocation, government-issued IDs, or social-security numbers (unless you voluntarily input them in a Form 8825 line item that requires one).

3. Sources of personal information

Directly from you (sign-up forms, settings, support correspondence). From service providers (Plaid for bank data; Stripe for billing; analytics providers; authentication providers). Automatically through our Service (cookies, log files, usage analytics).

4. Why we collect it

To provide the Service (account creation, transaction sync, AI categorization, tax-pack generation). To bill you. To support you. To detect fraud or abuse. To improve the Service. To comply with legal obligations (including the Gramm-Leach-Bliley Act, FTC Safeguards Rule, and applicable state laws).

5. Service providers we share with

  • Plaid — bank-data aggregation. Plaid handles your bank credentials; we never see them.
  • Stripe — payment processing.
  • Anthropic / OpenAI — AI categorization and document generation. Inputs are sent for processing under each provider's data-processing terms; we configure providers to not retain or train on customer data where they offer that option.
  • Coolify / Hetzner — hosting infrastructure.
  • Postmark / Resend — transactional email.
  • Sentry / PostHog — error tracking and product analytics.

Each provider is bound by a written agreement requiring them to use your personal information only as necessary to provide their service to us.

6. We do not sell or "share" personal information

We do not sell personal information. We do not "share" personal information for cross-context behavioral advertising as defined under the California Consumer Privacy Act (CCPA/CPRA). We honor the Global Privacy Control (GPC) signal as an opt-out.

7. Your privacy rights

Depending on your jurisdiction, you have the right to:

  • Know what personal information we have about you.
  • Request a copy in a portable format.
  • Correct inaccurate personal information.
  • Delete personal information (subject to legal exceptions).
  • Opt out of any sale or sharing (we do not engage in either).
  • Limit our use of sensitive personal information.
  • Designate an authorized agent to exercise rights on your behalf.
  • Not be retaliated against for exercising rights.

To exercise any right, email privacy@myaiaccountant.xyz. We respond within 45 days.

Notice to California residents: Under California Civil Code §1798.83 ("Shine the Light") you may request information about disclosures of personal information to third parties for direct-marketing purposes. We do not engage in such disclosures.

8. EU/UK/Swiss residents (GDPR / UK GDPR / Swiss FADP)

Lawful bases: Article 6(1)(b) (contract performance), Article 6(1)(c) (legal obligation), and Article 6(1)(f) (legitimate interest in operating and securing the Service). For EU-resident users, you may lodge a complaint with your local supervisory authority. Cross-border transfers from the EU rely on the EU Standard Contractual Clauses (Module 2) where required.

9. Children

The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information we will delete it.

10. Retention

We retain personal information for as long as your account is active and for up to seven (7) years thereafter to comply with tax record-retention requirements. You may request earlier deletion subject to legal-hold or regulatory exceptions.

11. Security

We maintain a written information security program aligned with the FTC Safeguards Rule and the AICPA SOC 2 Trust Services Criteria. Controls include AES-256 encryption at rest, TLS 1.3 in transit, multi-factor authentication for production access, designated qualified individual responsible for security, annual penetration testing, biannual vulnerability assessments, service-provider oversight, and a written incident response plan.

No method of transmission or storage is 100% secure. In the event of a security incident affecting more than 500 customers, we will notify the FTC within 30 days as required.

12. Cookies and tracking

See our Cookie Policy for details on cookies, web beacons, and similar technologies. We honor the Global Privacy Control (GPC) signal.

13. Third-party links

The Service may link to third-party websites. We are not responsible for their privacy practices. Review their policies before providing personal information.

14. Changes to this Policy

We may update this Policy. Material changes will be communicated by email at least 30 days before they take effect.

15. Contact

Email privacy@myaiaccountant.xyz or write to: MyAIAccountant, Attn: Privacy, c/o legal@myaiaccountant.xyz.