Data protection in the tax sector – why it is crucial and how BrinerTax ensures it

Insecure practice: emails and cloud services

In practice, sensitive tax documents are often still sent by email – although this is the equivalent of a digital postcard transfer. Emails can be sent to the wrong recipient by mistake or intercepted by phishing attacks. What’s more, they are usually sent unencrypted.

There are also problems with storage: data is often stored unencrypted on local servers or in cloud services whose locations and access options are unclear. If cloud providers such as Apple, Microsoft or Google are used, the servers are often located abroad – and the providers themselves usually have access to the stored data, as the decryption keys are also located on their servers.

Although these providers do not access the data on their own authority , they can be forced to do so by authorities, particularly in the USA (US CLOUD Act; see analysis by the Federal Office of Justice). The uncertainty surrounding data protection law in the USA is now also widely recognized in Switzerland – examples such as the discussions surrounding the introduction of Microsoft 365 in the Lucerne administration (see zentralplus) or the storage of patient data at Zurich University Hospital show that even public institutions are struggling with this problem (see 20 Minuten).

What Big Tech knows about us

What large technology companies know about every single person is worrying – as impressively shown in the NZZ Format documentary “Your data on the internet – the end of privacy?“. Ultimately, it is up to us to decide what data we disclose – and who we entrust it to.

In the tax sector, sensitivity is the rule, not the exception.

Secure handling of tax data

Sensitive tax data should never be sent by email. Likewise, such data should never be stored unencrypted.

When cloud solutions are used, it is crucial that the data is encrypted with zero-knowledge encryption – in other words, that the provider itself does not have access to the decryption key. This is the only way to prevent third parties – even the cloud operator – from accessing the data. Examples of such providers are Tresorit or Proton.

Less critical information that does not contain business secrets or personal data does not have to be protected in the same way. The decisive factor is that the protection is appropriate to the risk.

Tax rulings and tax returns: particularly sensitive

Tax rulings – i.e. the binding tax assessment of a planned transaction by the tax authorities – often contain confidential information on strategies, restructuring, investment plans or future projects. If such documents fall into the wrong hands, this can cause considerable economic costs or have a negative impact on the company’s reputation.

Tax returns of private individuals also contain highly sensitive information about assets, accounts, shareholdings or investments. Wealthy individuals in particular have a legitimate interest in ensuring that this data remains protected – not only from the public, but also from potential theft or attempted fraud.

Cases in other countries show that this danger is real: In the USA and France, crypto investors have already been kidnapped after their assets became public knowledge. Fortunately, such cases have so far been unknown in Switzerland – but they underline the importance of handling tax data responsibly.

Conclusion: How BrinerTax guarantees data security

Protecting sensitive information is a top priority at BrinerTax.

• Encrypted storage: All confidential data is stored exclusively in encrypted form – either locally or in the cloud with Swiss providers such as Tresorit and Proton, both with zero-knowledge architecture.
• Secure data rooms: Each client receives their own secure data room for the duration of the project or client relationship – more secure than any email. → Watch the Tresorit Engage video
• Secure communication: BrinerTax only uses encrypted communication channels such as Whereby (video) or Signal (telephone/messenger) for meetings.
• No US cloud services: BrinerTax deliberately does not use any US-based cloud services and does not communicate via WhatsApp. If a client expressly requests such services, this will only be done after pointing out the associated security risk.

At a time of increasing cyber risks and unclear international data protection standards, data security is not a minor matter, but a question of professionalism.

When you work with BrinerTax, you can be sure
that your business secrets and personal data are secure – just as tax confidentiality actually requires.

BrinerTax – Enthusiastic. Committed. Personal.

Because trust begins with security.

Your path to predictable tax security

Plannable, secure, personal:
Choose the right package – strategy, compliance or head of tax – including portal, deadline control and ruling option.
👉 To the offers & packages

Or arrange a non-binding introductory meeting:
Free of charge, 30 minutes, in Basel by phone or video conference
👉 To the introductory meeting
I look forward to working with you to develop the optimal tax strategy.

FAQ – Frequently asked questions about data protection in the tax sector