Privacy Policy

Last updated: May 2026

The short version: We collect what we need to do your taxes. We don't sell it. We don't train AI on it. We don't share it with your platforms. You can delete everything whenever you want.

1. Who we are

ChillFile, Inc. is a tax preparation software company incorporated in the United States. We build tools to help independent creators and freelancers organize their income, track deductions, and file taxes with confidence.

When this policy says "ChillFile," "we," "us," or "our," it refers to ChillFile, Inc. and any subsidiaries or affiliated entities operating the ChillFile service.

2. What we collect

We collect information you provide directly: your name, email address, tax identification number, income records, business expenses, and bank or payment account data you choose to connect. We also collect basic account metadata such as your login timestamps and subscription status.

When you use the platform, we automatically collect usage data — pages visited, features clicked, error logs, and device/browser information — to keep the service running reliably. We do not collect information about the nature or content of the platforms you earn income from beyond what is required to calculate your tax liability.

We never scrape your social media profiles, purchase follower counts, or store any personally identifiable information about your subscribers or fans.

3. How we use your data

Your financial data is used solely to provide the ChillFile service: categorizing income, calculating estimated taxes, preparing tax forms, and (if you opt in) connecting you with a licensed CPA for professional filing. We use your email address to send transactional messages like tax deadline reminders and receipt confirmations.

We may use anonymized, aggregated usage patterns to improve the product — for example, understanding which features are most used or where users get confused. This data cannot be traced back to any individual user.

We do not use your data to train machine learning models, build advertising profiles, or sell insights to third parties under any circumstances.

4. How we protect your data

All data is encrypted in transit using TLS 1.2 or higher and encrypted at rest using AES-256. Our infrastructure is hosted on SOC 2 Type II compliant cloud providers, and we conduct regular security audits with independent third parties.

Access to your data by ChillFile employees is strictly limited. Only authorized personnel with a documented business need can access user data, and all such access is logged and reviewed.

In the event of a data breach that affects your personal information, we will notify you and applicable regulatory authorities within 72 hours of becoming aware, as required by applicable law.

5. Who we share data with

We share your data only with the service providers necessary to operate ChillFile: cloud infrastructure, payment processors, and (if you use the CPA add-on) our vetted network of licensed tax professionals. All third-party processors are bound by data processing agreements that prohibit them from using your data for any purpose other than fulfilling their contracted service.

We never sell your data to data brokers, advertisers, or other companies. We do not share your data with the content platforms you earn income from. We do not share your data with financial institutions beyond what you explicitly authorize for open-banking connections.

6. Legal requests

If we receive a subpoena, court order, or other legal demand for your data, we will review it carefully and notify you before complying unless we are legally prohibited from doing so or there is a credible threat to someone's safety. We will only produce the minimum data required by the specific legal demand.

We publish a transparency report annually disclosing the number and type of legal requests we receive. We will challenge overly broad or improper requests through available legal channels.

7. Your rights

You have the right to access, correct, export, or delete your personal data at any time from your account settings. Deletion requests are processed within 30 days and result in permanent removal from our systems and all subprocessors, except where retention is required by law (for example, tax records we are legally obligated to keep).

Depending on where you live, you may have additional rights under laws like the CCPA (California) or GDPR (European Union). If you are a resident of a jurisdiction with specific privacy rights, those rights apply to you in full. Contact us at privacy@chillfile.com to make any data request.

8. Cookies

We use a small number of strictly necessary cookies to keep you logged in and maintain your session. We do not use third-party advertising cookies or cross-site tracking pixels. No cookie data is shared with advertisers.

We use first-party analytics (session counts, feature usage) that are scoped to our own domain and cannot be used to track you across other websites. You can disable non-essential cookies in your account settings at any time.

9. Data retention

We retain your account data for as long as your account is active and for up to 7 years after account closure, consistent with IRS recordkeeping requirements for tax documents. You may request deletion of non-tax data (preferences, usage logs, communications) at any time.

If you cancel your subscription, your data remains accessible in a read-only state for 90 days so you can export it. After 90 days, it moves to secure archival storage for the legally required retention period before being permanently deleted.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and display a prominent notice in the app at least 14 days before the changes take effect. Continued use of ChillFile after the effective date of changes constitutes acceptance of the updated policy.

We will never retroactively change how we use data you have already submitted without your explicit consent. Historical versions of this policy are available upon request.

Adult-Creator Addendum

This addendum applies to users who earn income from adult content platforms and supplements the Privacy Policy above.

Non-discrimination

ChillFile does not discriminate against users based on the legal nature of their income sources. The same service, pricing, and support standards apply to all users regardless of the industry or platform they earn income from.

Income-source confidentiality

We treat the specific platforms you earn income from as sensitive personal information. The names of adult content platforms are never shared with third parties, employers, or other external entities. Within our system, platform names are stored in a segregated, access-controlled database separate from general account data.

CPA partner NDA requirements

Any CPA in our network who accepts adult-creator clients must sign an enhanced Non-Disclosure Agreement covering income-source confidentiality before accessing your financial data. We verify these NDAs annually and terminate network relationships with any CPA found to have violated confidentiality obligations.

Banking-risk transparency

We are aware that some financial institutions maintain policies that may affect accounts associated with adult content income. We will proactively inform you of any known banking restrictions relevant to your situation and will never transmit income-source descriptions to financial institutions beyond what is legally required for tax reporting.

Complaints

If you believe your rights under this addendum or the general Privacy Policy have been violated, please contact us at privacy@chillfile.com. We will acknowledge your complaint within 48 hours and provide a substantive response within 14 days. If you are unsatisfied with our response, you have the right to escalate to your applicable data protection authority.

Privacy questions? Reach our privacy team at privacy@chillfile.com. We aim to respond to all inquiries within 2 business days.