Security

Security as a feature, not an afterthought.

You hold other people’s most sensitive numbers. Petal is built so that trust is provable, not promised, from the model layer up to the client portal.

Controls

How Petal protects your firm

Never trained on your data

Your clients’ information is never used to train a model. Full stop.

Zero data retention

Petal runs on Claude with zero data retention at the model layer.

Per-tenant encryption

Every firm’s data is encrypted at rest with keys scoped to that tenant alone.

SOC 2 Type II

Built to the controls of a SOC 2 Type II program, independently examined.

OTP-gated portal

Clients reach their documents through a one-time-code portal, never a shared link.

Cryptographic audit chain

Every output is tied to its source and the preparer who approved it, tamper-evident.

How we think about trust

A tax practice runs on confidence: the client’s that their data is safe, and the preparer’s that every number can be defended. We treat both as engineering problems, not marketing ones.

Petal records what it did and why, attaches a source to every figure, and stops to ask for your judgment on the calls that need it. The audit-defense file builds itself as you work, so the day an exam opens, the substrate is already there.

See Petal under your firm's controls

Book a demo