GHOST TAX
GHOST TAX
SECURITY VAULT
Secure by architecture, not by promise. We publish our controls, our sub-processors, and our limitations. Trust is earned, not claimed.
Unlike tools that require OAuth access to your SaaS accounts or install agents on your network, Ghost Tax operates exclusively on billing exports you control. No credentials. No API connections. No agents. Your attack surface stays identical before and after the audit.
Download CSV/XLSX from your billing tools. You control exactly what data leaves your systems.
Encrypted TLS 1.3 upload to our vault. Files never touch our team's machines — automated pipeline only.
Deterministic rule engine processes data in an isolated container. No human reads your raw files.
Structured report with anomalies, scores, and recommendations. Raw data purged within 30 days.
Less access = less risk
The Zero-Knowledge protocol is an architectural choice, not a limitation. Your security posture remains unchanged.
All data encrypted at rest (AES-256) and in transit (TLS 1.3). Keys managed by AWS KMS with automatic rotation.
Raw uploaded files are automatically deleted 30 days after processing. Full deletion on request within 72 hours.
Every database query is filtered by organization. No user can access another organization's data, even with a valid session.
Every data access, export, and modification is logged. Audit logs exportable on demand for your compliance team.
All data stored in AWS us-east-1 (Virginia). No data leaves US jurisdiction. No international transfers.
security@ghost-tax.com. Response within 48 hours. Processing records and sub-processor list available on request.
Your Browser
Local calculation
TLS 1.3
In-transit encryption
Supabase Vault
AES-256 at rest
Analysis Engine
Isolated container
Your Report
Structured output
Every data point the system touches during the self-serve detection stage. No internal systems are accessed. No credentials are required.
Retention posture: User-entered data exists only for the duration of the server-side analysis session. No artifacts are stored after the response stream completes. Paid protocol outputs are delivered to the customer and retained only if the customer opts in. Environment secrets (API keys) are server-side only and never exposed to the client.
We list our limitations upfront. Every item below is on our roadmap with a target date.
Why we publish this list
Any vendor that claims SOC2 without proof is a red flag. We show you exactly where we are and where we're headed. Trust is built on verified controls, not badge graphics.
A Data Processing Agreement (DPA) compliant with GDPR is available on request at privacy@ghost-tax.com. We act as Data Processor under the meaning of the GDPR.
Input: Domain (public) → Exa Neural Search (public data) → Analysis Pipeline (21 phases, server-side) → Report (Supabase, AES-256) → Delivery (Resend). Retention: 90 days, automatic deletion. No client system data accessed.
Ghost Tax is a human decision support tool (Article 3, EU AI Act). It makes no autonomous decisions. All outputs are recommendations that the human decision-maker validates. This system does not fall within the high-risk categories defined in Annex III of the EU AI Act.
SOC 2 Type I audit in progress — expected Q3 2026. Full report available to enterprise prospects under NDA.
Questions about security?
Our security team responds within 48 hours. We'll walk through our architecture, controls, and compliance roadmap.