Our SSN Policy: We Never Store It
This is the most important part of our privacy policy. Your Social Security Number is the most sensitive piece of information on your tax forms.
Your Social Security Number is NEVER stored on our servers.
What Happens When You Enter Your SSN
Why We Do This
Even if our servers were ever compromised, your SSN would not be at risk because we simply don't have it. Every time you need to view or download your tax forms, you'll enter your SSN fresh, and we'll fill it in dynamically.
What This Means For You
- You'll need to enter your SSN each time you generate your forms
- We cannot recover your SSN if you forget it (we don't have it)
- Your form data is stored, but PDFs are generated fresh each time you request them
- This is intentional—it's the safest approach for your sensitive data
Information We Collect & Store
Account Information
When you create an account, we collect and store:
- Email address
- Password (encrypted, we cannot see it)
- Name
Tax Form Data
To generate your tax forms, we collect and store:
- Personal information (name, address, date of birth)
- Immigration status and visa information
- University/college details
- Income information from W-2s, 1099s, and other documents
- Tax treaty eligibility information
- State residency information
- Travel history for substantial presence test
Generated Tax Forms
We generate the following tax forms on-demand (these are NOT stored on our servers):
- Form 1040-NR
- Form 8843
- Schedule 1, Schedule A, Schedule NEC, Schedule OI
- State tax forms (if applicable)
Important: PDF forms are generated fresh each time you request them using your stored form data. We do not store the generated PDFs themselves—only the data needed to recreate them. Your SSN is filled in dynamically and never stored.
Information We Do NOT Collect
- Social Security Numbers (SSN) - never stored, used only in-memory
- Bank account or financial account numbers
- Credit card or UPI information (payments processed by Razorpay/PayPal)
- Copies of your physical documents (W-2s, passport, etc.)
- Generated PDF files (created on-demand, not stored)
How We Use Your Information
We use your information exclusively to:
We Never:
- Sell your data to third parties
- Share your information with advertisers
- Use your data for marketing purposes (unless you opt in)
- Allow third parties to access your personal information
Data Security
Encryption
- All data transmission uses TLS/HTTPS encryption
- Database is encrypted at rest (Supabase infrastructure)
- Passwords are securely hashed (we cannot see your password)
Infrastructure Security
- Hosted on Supabase (PostgreSQL) with built-in security features
- Row Level Security (RLS) policies to protect your data
- Secure authentication via Supabase Auth
- HTTPS enforced on all connections
Access Controls
- Database access is restricted and logged
- Your data is isolated from other users via RLS policies
- Admin access requires authentication
Data Retention
Your Tax Form Data
We retain your tax form data (the information you entered, not the PDFs themselves) for 7 years (IRS Recommended). This allows you to regenerate your forms at any time. You can request deletion at any time.
Generated PDFs
We do not store generated PDFs. Forms are created on-demand each time you request them. This means there are no PDF files sitting on our servers—we only store the data needed to generate them.
Account Information
We retain your account information for 7 years (IRS Recommended). If you delete your account, we will delete all associated data within 30 days.
Analytics Data
Anonymous, aggregated analytics data may be retained indefinitely as it cannot be linked to individual users.
Your Rights & Controls
Access Your Data
You can view all the information we have about you by logging into your account.
Download Your Data
You can download all your tax forms and account information at any time.
Delete Your Data
You can delete your account and all associated data at any time from your account settings. Deletion is permanent and cannot be undone.
Correct Your Data
You can update your personal information at any time through the app. If you need to correct information on already-generated forms, you'll need to regenerate the forms.
Third-Party Services
We use the following third-party services:
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Database & Authentication | Account data, form data (encrypted) |
| Razorpay | Payment processing (India) | Email, payment method (we never see your card/UPI) |
| PayPal | Payment processing (International) | Email, payment method (we never see your card) |
| Vercel/AWS | Hosting | Request logs, IP address |
We do not share your tax form data or personal information with any third parties.
Changes to This Policy
We may update this privacy policy from time to time. If we make significant changes, we will notify you via email and/or a prominent notice in the app before the changes take effect.
Contact Us
If you have any questions about this privacy policy or how we handle your data, please contact us:
Email: support@f1taxreturn.com
We typically respond within 48 hours.
Data Handling Summary
| Data Type | Collected | Stored | Encrypted | Retention |
|---|---|---|---|---|
| SSN | N/A | Stays in your browser & discarded immediately | ||
| 7 years (IRS Recommended) | ||||
| Password | Never stored (Encrypted) | |||
| Personal Info | 7 years (IRS Recommended) | |||
| Tax Form Data | 7 years (IRS Recommended) | |||
| Generated PDFs | N/A | Generated on-demand, not stored | ||
| Payment Info | N/A | Handled by payment provider |
This privacy policy is effective as of January 2026.