How EasyAcco handles your financial data
EasyAcco processes all tax calculations at the edge — your financial numbers never touch our servers. All estimations run entirely in your browser. We only store data when you explicitly choose to save it, and only after you authenticate with Google.
Every tax calculation runs client-side in your browser or at the Vercel edge. No calculation data is transmitted to or stored on our servers.
In Guest Mode, nothing is persisted beyond your local browser session. We have no record of your income, expenses, or tax figures.
Data is only saved to Supabase when you sign in and explicitly trigger a Save or Export action. You are always in control.
Where data is stored, it lives in Supabase — SOC 2 Type II compliant, encrypted at rest (AES-256) and in transit (TLS 1.3).
EasyAcco does not embed tracking pixels, analytics SDKs, or ad networks. Your browsing behaviour on this platform is not monetised.
Authentication is handled by Supabase Auth with Google OAuth 2.0. We never see or store your Google password.
Expenses, invoices, and mileage you enter are stored in your browser's IndexedDB, encrypted with an AES-GCM 256 device key generated on first use. The key is marked non-extractable— it cannot be read or exported, not even by this app's own code. Xero, QuickBooks, FreeAgent, and Sage all require server round-trips; we don't.
The trade-off: clearing site data or switching browsers loses access to the key, and therefore the data. Use Settings → Backup to export a passphrase-protected snapshot. The passphrase derives a separate key via PBKDF2 (310,000 iterations, SHA-256) — keep it somewhere safe; it cannot be recovered.
The Tax Advisory chat and the optional Suggest Category button on the Expenses page send the relevant text (your question, or the expense description and amount) to Google Gemini for a single response. Numeric totals, receipt images, and your full ledger are never transmitted. Receipt OCR runs entirely in your browservia Tesseract — the photo never leaves your device. If you prefer not to use AI features, simply don't click the Suggest button or open the Advisory tab — the rest of the app runs fully client-side.
Questions? Contact us at baradfiona14@gmail.com — or return to the dashboard.