Security at TaxJar

Tens of thousands of customers trust TaxJar to keep their data safe. We take your security and privacy seriously and go beyond industry standards to secure our solutions.


Compliance/privacy certifications & regulations


SOC 2 (Type II)
HIPAA Compliant
GDPR Compliant
Cloud Security Alliance

Security features






Data encryption

All customer data hosted in our environment is encrypted both at-rest and in-transit using AES256 encryption, TLS encryption, and SHA2 signatures.



Incident response

Our comprehensive Incident Response & Breach Notification Process includes specific steps to identify, triage, monitor, and remediate security incidents.



Product security

We ensure that security is incorporated from the start of a project and continued throughout the software development lifecycle.



Access control management

We strictly adhere to principles of least privilege and employ permission sets and access that reflects job roles.



Security monitoring

We extensively monitor for unusual activity. Our Cloud SIEM is integrated with AWS security analytics to help us aggregate logs, alerts, and other activity into a cohesive single source of truth.



Vulnerability management

We conduct external network vulnerability scans, web application scans (DAST and SAST) as well as annual penetration testing.

Security compliance

TaxJar has achieved SOC 2, Type 2 compliance through an independent audit.

Read the blog post

Questions about security?

Have a question, concern or comment about TaxJar security? Please contact our security team.

Contact our security team