Redact client financials without handing them to a server.
Black out SSNs, account and routing numbers on photographed statements, receipts and ID scans — the pixels are destroyed, the file stays in your browser, and you get a certificate for the file.
The duties on every piece of client data.
One professional standard, one tax-specific statute, and one federal safeguards rule.
A member in public practice shall not disclose any confidential client information without the specific consent of the client. (AICPA Confidential Client Information Rule, §1.700.001)
IRC §7216 makes the knowing or reckless disclosure of taxpayer return information a criminal matter for preparers, and the FTC's Safeguards Rule requires financial institutions — including many tax and accounting firms — to maintain a written security program over customer information. Uploading a photographed W-2 or bank statement to a third-party tool puts that data somewhere you no longer control.
What an uploaded statement can expose.
Full identity on one page
A single statement or 1040 can carry an SSN, account and routing numbers, and a home address — everything needed for account takeover, sitting on a vendor's disk.
§7216 & FTC exposure
Mishandling taxpayer information carries statutory penalties; an FTC Safeguards lapse is an enforcement matter. A processor breach can become your disclosure event.
Engagement & trust risk
Clients hand you their most sensitive numbers on the assumption they stay private. "We uploaded it to a free editor" is not a sentence you want in a breach notice.
Built for documents clients photograph and send.
Redact the numbers, keep the record
Black out SSNs, account, routing and card numbers on a photographed statement or receipt. The pixels are overwritten and the file re-encoded — with a SHA-256 certificate.
ID scans for KYC, minus the rest
Keep the field a bank or onboarding form needs and redact everything else on a driver's-license or passport photo before you forward it.
Strip the photo's metadata
A client's phone snapshot carries GPS and device data. keptimage removes EXIF on export, so a shared receipt doesn't also share where they live.
Nothing leaves your machine
Every operation runs in your browser. There is no upload endpoint holding client financials — so there is nothing to breach or to put in a Safeguards Rule risk assessment.
How we compare.
Same redaction. Very different data trail.
| Capability | keptimage | Cloud PDF/image tool | Phone markup app |
|---|---|---|---|
| Image is processed in your browser — never uploaded | |||
| Destroys the underlying pixels (no liftable layer) | |||
| Strips EXIF / GPS metadata in the same step | |||
| Ships a verifiable SHA-256 certificate for the file | |||
| No vendor copy of client financials to breach | |||
| You can verify zero uploads yourself — watch the network tab |
✓ yes · – partial, varies by tool · ✗ no. Marks reflect typical default workflows as of May 2026. Many cloud tools upload every file and some markup apps only place a removable shape over the data. keptimage overwrites the pixels, strips metadata, and issues a certificate — all on your device.
Pricing for firms.
Business
- Every image tool, unlimited use
- Redaction with SHA-256 certificate
- EXIF / GPS metadata scrub
- Images up to 500 MB
- Up to 5 seats on one invoice
- Priority email support
Solo preparer? Start free — no card, or upgrade to Pro ($9/mo) inside the app.