PRE-LAUNCH AirGapTax 2025 edition — pre-launch. Filing a 2025 return on extension? Join the waitlist and we'll notify you the moment it's available to buy. Get notified at launch →
AirGapTax
  • Features
  • Pricing
  • Download
  • Audit
  • Support
Join Waitlist

Privacy Policy

Effective: May 27, 2026
Provider: Digent LLC (Florida limited liability company)
Product: AirGapTax (the "Software")

The short version

AirGapTax runs on your computer. Your tax data never leaves your device. We don't collect telemetry, we don't run analytics, and we don't track you. The only data we hold is what's needed to sell you a license and deliver it to your inbox. That's the policy. The rest of this page is the long version.


1. What this policy covers

This Privacy Policy covers two things: the AirGapTax desktop application (the "Software") and the airgaptax.com website (the "Website"), both operated by Digent LLC. They have very different privacy profiles, so we address them separately throughout.


2. The desktop application — what it collects

Nothing. AirGapTax is offline-first desktop software. All tax computation runs locally on your device. There is no telemetry, no analytics, no usage tracking, no crash reporting, and no phone-home behavior of any kind.

Specifically:

  • Tax data — your income, deductions, forms, schedules, and every number you enter — stays on your device. It is never transmitted to Digent LLC or any third party.
  • The built-in AI assistant operates offline by default. No AI queries leave your machine unless you explicitly enable an external backend (see Section 3).
  • The local agent server operates on 127.0.0.1 (loopback) only. It does not listen on any network-facing interface and is not accessible from other devices.
  • License activation is performed offline using Ed25519 cryptographic signature verification. The Software does not contact any Digent LLC server to validate your license.
  • Machine fingerprint — a hardware-derived identifier used to bind your license to your device — is computed and stored locally. It is never transmitted to Digent LLC.

We cannot access your tax data because we never receive it. There is no server, no database, and no API endpoint on our side that accepts it.


3. Optional external AI backends — opt-in only

The Software supports optional connections to external AI services such as Groq, Ollama, or any OpenAI-compatible endpoint. These are disabled by default. If you choose to enable one:

  • Your AI chat messages are sent to the third-party service you configure. These messages may include tax context — such as adjusted gross income, refund amounts, deduction figures, or other data you discuss with the assistant.
  • Digent LLC does not receive, intercept, or store these messages. The connection is direct between your device and the service you chose.
  • Each external AI service has its own privacy policy. You are responsible for reviewing that policy before enabling the connection.
  • You can disable external AI backends at any time, reverting to fully offline operation.

We strongly recommend reviewing the data handling practices of any external AI service before sending it tax-related information.


4. The website — what we collect and why

When you visit airgaptax.com or purchase a license, we collect the minimum data required to process your order and deliver your license key. Here is exactly what we store and why:

  • Email address — to deliver your license key and provide purchase support.
  • License key — the key itself, generated at purchase time.
  • License tier — which edition you purchased (e.g., Standard, Professional).
  • Payment processor session ID — a reference to your checkout session at Stripe, PayPal, Dodo Payments, or BTCPay Server. We do not store your credit card number, bank account, or full payment details — the payment processor holds those.
  • Purchase date — when the transaction occurred.
  • Machine activation count — how many devices have activated your license (a number, not a device identifier).

We do not collect: your name (unless your email contains it), your mailing address, your phone number, your IP address (beyond what's in standard server logs — see Section 6), your browsing behavior, your device fingerprint via the website, or any tax data.


5. How we use your data

Your data is used for exactly three purposes:

  • License delivery — sending your license key to the email you provide at checkout.
  • Purchase support — looking up your order if you contact us about a license issue.
  • License enforcement — verifying that activation counts stay within your tier's limits.

We do not sell, rent, trade, or share your data with anyone for marketing purposes. We do not build profiles. We do not run behavioral analytics. We do not serve ads.


6. Third-party services

The Website uses the following third-party services. Each has access only to the data required for its specific function:

  • Stripe (primary payment processor) — processes credit/debit card payments. Stripe receives your payment information directly; we never see your full card number. Stripe's privacy policy.
  • PayPal (backup payment processor) — processes PayPal payments when selected or when primary processing fails. PayPal's privacy policy.
  • Dodo Payments (backup payment processor) — processes payments in certain regions or as failover. Dodo Payments' privacy policy.
  • BTCPay Server (backup payment processor) — processes cryptocurrency payments. BTCPay Server is self-hosted; no third-party payment company receives your data through this channel.
  • Cloudflare (website hosting and CDN) — the Website is hosted on Cloudflare Pages. Cloudflare processes requests at its edge and may log IP addresses and request metadata under its own policies. Cloudflare's privacy policy.
  • Fly.io (payment server hosting) — our payment server runs on Fly.io infrastructure. Fly.io processes server-side requests only; it does not interact with end users directly. Fly.io's privacy policy.
  • Resend (transactional email) — delivers license key emails from [email protected]. Resend receives your email address and the content of the license delivery email. Resend's privacy policy.
  • Backblaze B2 (download storage) — stores the Software installer files. Download URLs are signed and proxied through Cloudflare Workers; Backblaze sees the request but not your identity. Backblaze's privacy policy.

We do not embed third-party analytics scripts (no Google Analytics, no Mixpanel, no Hotjar, nothing). We do not embed social media tracking pixels. The only third-party scripts loaded on the Website are those required by the active payment processor during checkout.


7. Cookies

The Website uses essential cookies only — specifically, those required by the payment processor during the checkout flow and any session cookies needed for the purchase process. We do not use:

  • Tracking cookies
  • Analytics cookies
  • Advertising cookies
  • Third-party cookies beyond the active payment processor
  • Persistent cookies that survive beyond your browser session (except where the payment processor requires it)

Because we use only essential cookies, there is no cookie banner or consent prompt. Under GDPR and ePrivacy Directive, essential cookies do not require consent.


8. Transactional email

We send email to you for one purpose: license key delivery. This email is sent from [email protected] via Resend immediately after purchase.

We do not send marketing emails. We do not currently operate a newsletter or mailing list. If we add one in the future, it will be strictly opt-in — we will never add you to a marketing list based on your purchase.

If you contact us at [email protected], we will use your email to respond. We will not add you to any list as a result.


9. Data retention

  • License database records (email, license key, tier, session ID, purchase date, activation count) — retained for as long as your license is active. If you request deletion, we will delete your record, which will also invalidate your license.
  • Server logs (Cloudflare, Fly.io) — retained according to each provider's standard retention period, typically 30 to 90 days. We do not extend or archive these logs.
  • Support email correspondence — retained for as long as reasonably needed to resolve your issue, then deleted.
  • Payment processor records — retained by Stripe, PayPal, Dodo Payments, or BTCPay Server under their own retention policies. We cannot delete records held by payment processors on your behalf; you should contact them directly.

10. Data security

The license database is a SQLite database on our payment server (Fly.io), not a cloud database service. Access is restricted to the payment server process. All connections to the Website and payment server are encrypted via TLS. Payment data is handled entirely by the payment processor — we never receive, process, or store credit card numbers or bank account details.

No system is perfectly secure. We take reasonable measures to protect the data we hold, but we cannot guarantee absolute security.


11. Your rights — requesting access or deletion

You can request a copy of all data we hold about you, or request that we delete it, by emailing [email protected] from the email address associated with your purchase. We will respond within 30 days.

If you request deletion, we will delete your license database record. This will invalidate your license key — we cannot delete your record while keeping your license active, because the record is the license. We will confirm deletion in writing.

We cannot delete data held by third-party payment processors (Stripe, PayPal, etc.) on your behalf. You should contact them directly using the links in Section 6.


12. California residents — CCPA

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you additional rights:

  • Right to know — you may request a list of the categories and specific pieces of personal information we have collected about you. See Section 4 — that list is exhaustive.
  • Right to delete — you may request deletion of your personal information. See Section 11 for how.
  • Right to opt out of sale — we do not sell your personal information to anyone. There is nothing to opt out of.
  • Right to non-discrimination — we will not treat you differently for exercising your CCPA rights.

To exercise any of these rights, email [email protected] with the subject line "CCPA Request." We will verify your identity by confirming details of your purchase and respond within 45 days.

In the 12 months preceding this policy's effective date, the categories of personal information we collected are: identifiers (email address) and commercial information (purchase date, license tier). We did not collect biometric data, geolocation data, internet activity data, sensory data, professional data, education data, or inferences drawn from any of the above.


13. Users outside the United States — GDPR

AirGapTax is not specifically targeted at residents of the European Union or European Economic Area. However, if you are located in the EU/EEA, we respect your rights under the General Data Protection Regulation (GDPR):

  • Lawful basis — we process your data under Article 6(1)(b) (performance of a contract — delivering the license you purchased) and Article 6(1)(f) (legitimate interest — preventing license fraud).
  • Right of access — you may request a copy of your data.
  • Right to rectification — you may request correction of inaccurate data.
  • Right to erasure — you may request deletion (see Section 11).
  • Right to data portability — you may request your data in a machine-readable format.
  • Right to object — you may object to processing based on legitimate interest.
  • Right to lodge a complaint — you may file a complaint with your local data protection authority.

Data is stored on servers in the United States (Fly.io, Cloudflare). By purchasing a license, you acknowledge that your data will be transferred to and processed in the United States. We do not currently rely on Standard Contractual Clauses or other EU-approved transfer mechanisms, as we do not actively target EU residents.

To exercise any GDPR right, email [email protected] with the subject line "GDPR Request." We will respond within 30 days.


14. Children's privacy

AirGapTax is tax computation software intended for adults who prepare their own tax returns. We do not knowingly collect personal information from children under the age of 13 (or under the age of 16 in the EU/EEA). If we learn that we have inadvertently collected data from a child, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at [email protected].


15. Data breach notification

In the event of a data breach affecting your personal information, we will:

  • Notify affected users by email within 72 hours of confirming the breach.
  • Describe what data was affected, what we know about how it happened, and what steps we are taking.
  • Notify relevant regulatory authorities as required by applicable law (including GDPR supervisory authorities if EU/EEA residents are affected).

Given the limited data we hold (email, license key, tier, session ID, purchase date), a breach of our license database would not expose tax data, financial data, or payment card information — because we don't have any of that.


16. Do Not Track

We do not track you in the first place, so there is no behavioral change when your browser sends a Do Not Track signal. The result is the same either way: no tracking.


17. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "Effective" date at the top of this page. If we make material changes — particularly any change that expands data collection or introduces new third-party data sharing — we will make reasonable efforts to notify existing license holders by email before the change takes effect.

Your continued use of the Software or Website after the updated policy takes effect constitutes your acceptance of the changes. If you do not agree with a change, your remedy is to stop using the Website; the desktop Software will continue to function offline regardless.


18. Contact

Digent LLC (a Florida limited liability company)
Registered Agent: Northwest Registered Agent LLC
7901 4th St N, Ste 300
St. Petersburg, FL 33702
[email protected]

Last updated: 2026-05-27

AirGapTax Tax computation software, not tax advice.
Features Pricing Download Audit Support Privacy Terms of Service
© 2026 Digent LLC. AirGapTax is a product of Digent LLC. All rights reserved. All sales final.