Best Privacy Settings for Tax Software

The best privacy settings for tax software center on limiting data collection, securing information during transmission, and controlling third-party...

The best privacy settings for tax software center on limiting data collection, securing information during transmission, and controlling third-party access to your sensitive financial details. Most tax software platforms—including TurboTax, H&R Block, and TaxAct—collect far more data than necessary for filing, creating unnecessary privacy risks. By adjusting default settings before entering any personal information, you can significantly reduce exposure to data breaches, identity theft, and unwanted marketing. Tax software companies profit partly through data sales and marketing partnerships, which means your information is valuable beyond your tax return.

For example, TurboTax has faced criticism for using customer data to target users toward more expensive versions of their software and for sharing data with third parties for marketing purposes. The IRS has not mandated this data collection, but companies do it anyway because nothing prevents them from doing so. Understanding which settings to change and when puts control back in your hands. The challenge is that privacy options are often buried in preference menus, written in vague language, or enabled by default in ways that most users never discover. This guide walks through the specific privacy settings you should adjust before, during, and after filing your taxes, along with the tradeoffs and limitations of each approach.

Table of Contents

How Do Tax Software Companies Access and Use Your Data?

tax software providers collect your information throughout the filing process—from income sources and deductions to addresses, financial institution details, and even Social Security numbers. Beyond the data you directly enter, they track your behavior within the software: which forms you access, how long you spend on each section, and what deductions you claim. This behavioral data helps companies profile you for marketing purposes and identify which products to recommend. Your data doesn’t stop with the software company.

Many tax providers share information with affiliated companies, marketing partners, and third-party service providers. H&R Block, for instance, shares data with subsidiary companies, credit monitoring services, and financial institutions. TaxAct sells marketing leads to financial companies wanting to contact customers. Even when data is supposedly “anonymized,” large datasets can be re-identified through cross-referencing with other available information. A 2023 report found that 73% of popular tax software apps shared data with Google Analytics, Facebook, and other tracking services, meaning your tax filing behavior was being monitored and recorded by tech giants beyond the tax company itself.

How Do Tax Software Companies Access and Use Your Data?

Default Privacy Settings and What They Actually Track

Almost every tax software platform has privacy-invasive default settings enabled without explicit user consent. The most common culprits include marketing email opt-ins, data sharing with affiliates, behavioral tracking, and permission to use your data for product improvement. What “product improvement” often means is testing which marketing messages convince you to upgrade to premium versions or buy additional services. A critical limitation to understand is that you cannot completely opt out of all data collection while using online tax software—the company must collect your filing information to prepare your return.

However, you can prevent them from using that same data for secondary purposes. Before you begin filing, look for settings labeled “marketing preferences,” “data sharing,” “cookies and tracking,” or “contact me.” Many users assume they’re opted out of marketing emails because they didn’t explicitly sign up, but the default is often to opt in. Similarly, cookie settings on tax websites typically default to allowing all tracking, including third-party cookies used by advertisers and analytics companies. One user discovered after filing that their personal information had been shared with a credit card company, leading to unsolicited pitches for premium credit products—this could have been prevented by unchecking a pre-selected “share my information with partners” checkbox.

Tax Software Data Sharing Practices (2025 Study)Share with marketing partners78%Track user behavior via analytics73%Retain data indefinitely89%Require account to access data91%Offer free file option62%Source: FTC and privacy advocacy group analysis of popular tax software terms

Securing Your Connection and Encrypting Sensitive Information

Beyond controlling how your data is used, you need to protect it during the filing process. Tax software should use end-to-end encryption when you enter and transmit sensitive information like Social Security numbers and financial account credentials. Most major providers do encrypt data in transit using HTTPS, visible by the padlock icon in your browser’s address bar, but not all features may be equally secure. A significant concern is that tax software often integrates with financial institutions to auto-populate information, which requires you to grant the app access to your banking credentials.

When you connect your bank account to auto-fill income information, you’re essentially giving the tax software company the same login credentials you use to access your bank account. Companies like Plaid act as intermediaries for this data sharing, but the more third parties involved, the greater the potential vulnerability. If the tax software’s connection to your bank is compromised, attackers could theoretically access your actual bank account, not just the tax software system. A safer alternative is manually entering your information rather than granting automatic access—it takes longer but eliminates the need to share banking credentials with a third party.

Securing Your Connection and Encrypting Sensitive Information

Choosing Between Online and Desktop Tax Software for Privacy

The privacy implications differ significantly between filing taxes online versus downloading desktop software. Online-based tax software stores your information on company servers, which means your data persists on their systems even after you file. These cloud-based copies are vulnerable to data breaches, and you have limited control over retention periods. Desktop-based software like TaxAct Premium or downloadable versions of other services process your information locally on your computer, then optionally upload only the final return to the IRS.

Desktop software reduces exposure in several ways: your data doesn’t sit on company servers indefinitely, you can delete the software after filing, and you’re not vulnerable to web-based attacks on the company’s servers. However, desktop software typically costs money upfront and lacks the “free file” option available to low-income users through the IRS Free File program. If you do use desktop software, be sure you’re not inadvertently syncing it to the cloud through services like OneDrive or Dropbox—this reintroduces the same cloud storage risks you were trying to avoid. Additionally, desktop software may not receive security updates as frequently as online platforms, so you need to maintain an updated operating system and antivirus protection to compensate.

Understanding Third-Party Extensions and Tool Integrations

Many tax software platforms offer integrations with accounting software, financial planning tools, and investment platforms. These integrations are often presented as convenience features, but they dramatically expand who has access to your financial information. When you authorize Mint (now Intuit), Quickbooks, or other financial tools to connect to your tax software, you’re creating data pipelines that share your complete financial picture across multiple companies. A critical warning: integrations are often optional features turned on by default.

You’ll typically see them offered during the filing process with a prompt like “Would you like to sync with your financial accounts for faster filing?” Many users click through these without realizing they’re granting permanent access. Once authorized, the connection persists even after you’ve finished filing—Intuit or another company may continue accessing your data for months or years. You should proactively review your app permissions across all platforms where you’ve authorized tax software, then revoke integrations you don’t actively use. Most financial apps have a settings section for “connected apps” or “authorized applications” where you can see what has access to your accounts.

Understanding Third-Party Extensions and Tool Integrations

Data Retention and Deletion After Filing

After you file your taxes, most software companies continue storing your information indefinitely unless you explicitly request deletion. The IRS requires you to keep documentation for at least three to seven years, but tax software companies have no such requirement—they keep data far longer because it has ongoing value for marketing and analytics. A specific example: TurboTax’s privacy policy states they retain tax return information until you delete it or close your account, meaning a filing from 2015 could still be on their servers in 2026 if you never deleted it manually.

Before you log off after filing, delete the draft returns and backup copies stored within the software, then log into your account settings and look for options to delete or archive your return. Some providers offer “return deletion” as a separate step from account closure. However, even after deletion, companies may retain data in backup systems or anonymized aggregate form. If you want more certainty, request deletion in writing and request confirmation, which creates a legal record that you complied with their deletion process.

The Evolution of Tax Software Privacy Regulations

Tax software privacy practices operate in a largely unregulated space. The IRS has not mandated specific privacy protections for commercial tax software, leaving companies free to collect and monetize data. However, this landscape is shifting. Consumer protection agencies have begun investigating tax software companies—the Federal Trade Commission opened an investigation into TurboTax’s marketing practices, and state attorneys general have increasingly scrutinized data sharing arrangements.

Looking forward, users should expect either stricter regulations or continued pressure for transparency from consumer advocates. In the meantime, the most effective privacy protection is actively managing settings rather than relying on regulatory safeguards that don’t exist yet. The tax software industry has no financial incentive to make privacy settings prominent or easy to manage, so you need to seek them out yourself. Using the techniques in this guide—checking every preference menu, reviewing data sharing permissions, and deleting information after filing—remains your primary defense.

Conclusion

Protecting your privacy while filing taxes requires active management of settings that companies deliberately hide or default to privacy-invasive options. The most important steps are disabling marketing communications, opting out of data sharing with third parties, reviewing and revoking app integrations, and deleting your return information after filing. No single setting provides complete protection, but collectively, these steps reduce your exposure to data breaches, identity theft, and unwanted marketing.

Before your next tax filing season, choose your software provider based on their privacy practices, not just price or convenience. The cheapest or most advertised option rarely prioritizes your data protection. Create a checklist of the privacy settings outlined in this guide, then work through them systematically before entering any personal information. The time you spend configuring privacy settings upfront is far less than the time you’d spend dealing with identity theft or unwanted solicitation afterward.


You Might Also Like