Home › Blog › Where your clients' files actually live

Where Do Your Clients' Files Actually Live? Cloud Document Tools vs Local-First

Q: Do cloud document tools store my clients' tax files on their servers?

Yes. Cloud document platforms such as SmartVault, Dext and Canopy are designed to upload, store and process your files on their own infrastructure. That is how features like web access, sharing links and server-side processing work. The files live on the vendor's servers, not only on your computer.

Q: What is the difference between data residency and breach surface?

Data residency is the physical or jurisdictional location where data is stored, for example a Canadian versus a U.S. data centre. Breach surface is the number of places and parties that hold a copy of the data and could be compromised. Cloud tools add the vendor's servers and staff to your breach surface; local-first processing keeps the data on the one machine you control.

Q: What does local-first mean for client files?

Local-first means the application runs and processes files on your own computer rather than uploading them to a remote server. With PDF Insight, classification, OCR and merging of T4, RL-1, T5 and other slips all happen on-device, so the client files do not leave your machine during processing.

Last updated June 2026 · ~6 min read · For accountants & bookkeepers

Short answer: When you use a cloud document tool such as SmartVault, Dext or Canopy, your clients' tax files are uploaded to and stored on the vendor's servers, not only on your computer. That is by design — it is how web access and server-side processing work. A local-first tool instead processes files on the machine in front of you, so the files never leave it. Neither approach is automatically "more secure"; they simply put your data in different places. This guide explains the difference in plain terms.

Not legal or compliance advice. Data-residency and privacy obligations vary by province, client and engagement. Use this as a framework for asking the right questions, then confirm specifics against your firm's policies, PIPEDA/Law 25 guidance, and each vendor's current documentation.

Two questions every accountant should be able to answer

If a client asked you today, "Where exactly is my T4 and my SIN stored, and who can reach it?", could you answer with confidence? It comes down to two ideas:

Data residency — the physical and jurisdictional location where the file is stored. A T4 bundle sitting in a U.S. data centre is in a different legal regime than one on a hard drive in your Montreal office.
Breach surface — how many places and parties hold a copy that could be compromised. Every server, backup and vendor employee with access is part of the surface.

These are not the same as "secure" or "insecure." A well-run cloud and a well-run laptop can both be safe. The point is to know where the data is and who can touch it, because that is what you are accountable for.

How cloud document tools handle your files

Cloud platforms are built around a central premise: your files go up to their servers so that everything else — web portals, share links, mobile capture, OCR, extraction — can run there. That is genuinely useful. It is also the trade-off.

Tool (category)	Where files typically live	Why it works that way
SmartVault (client portal / document storage)	Vendor cloud servers	Web and portal access to shared documents
Dext (receipt / document capture)	Vendor cloud servers	Server-side data extraction from receipts and slips
Canopy (practice management + docs)	Vendor cloud servers	Centralized client records and collaboration

Pasting a slip into a general chatbot like ChatGPT is the same pattern in a more casual form: the document leaves your machine and is processed on someone else's servers. For a scanned T5 or an RL-31 with a tenant's address, that is worth a pause.

When files live in a vendor cloud, you inherit a few realities: the data may reside outside Canada, the vendor's staff and sub-processors are part of who can access it, and any breach of that vendor potentially exposes every firm using it, not just yours. None of that makes these tools bad — many firms use them responsibly. It just means your breach surface is larger than your own office.

What "local-first" actually means

Local-first flips the default. Instead of uploading files to be processed, the software runs on your own computer and does the work there. With PDF Insight, a client folder full of slips — T4 with its RL-1, T5 with its RL-3, T4A, T3, RRSP/REER receipts — is classified, OCR'd and merged into one ordered PDF entirely on-device. The files do not leave the machine during processing.

This is a factual difference about data flow, not a claim that local is inherently safer than any specific vendor. The honest framing is simple: local vs cloud. With local-first, the data residency is wherever your computer is, and your breach surface is that one machine you already control and already secure.

A concrete Canadian example

Say you are assembling a Québec resident's personal file: a T4 and matching RL-1, a T5 and matching RL-3, a T4A(OAS), an FHSA contribution receipt, and a couple of scanned medical receipts. In a cloud workflow, all of that is uploaded before it is organized. In a local-first workflow, you point the tool at the folder, a local AI sorts and pairs the federal/provincial slips, OCRs the scans, and exports one merged PDF — roughly 100 seconds for an 11-document bundle on a 16 GB Mac. The pile became a clean file, and nothing was sent anywhere.

Questions to ask before you choose a tool

Where is the data stored? Which country and data centre, and can you choose a Canadian region?
Who can access it? Vendor staff, sub-processors, support engineers — and under what controls?
What is processed server-side vs on-device? OCR and extraction often happen in the cloud even when storage feels local.
What is the breach blast radius? If the vendor is compromised, is it just your data or thousands of firms'?
Does your engagement require Canadian residency? Some clients and sectors do.

There is no single right answer. A firm that needs heavy client collaboration may accept a cloud portal; a firm that mostly needs to turn a pile of slips into a tidy file may prefer to keep that step entirely local.

Keep the sorting step on your own machine

PDF Insight classifies, OCRs and merges Canadian and Québec tax slips into one ordered PDF, locally on your Mac or PC. No client file leaves the machine during processing.

Download the free 14-day trial

Or get the Founder Lifetime license — $399 CAD once ›

FAQ

Do cloud document tools store my clients' tax files on their servers?

Yes. Platforms such as SmartVault, Dext and Canopy are designed to upload and store files on their own infrastructure so that web access and server-side processing can work. The files live on the vendor's servers, not only on your computer.

What is the difference between data residency and breach surface?

Data residency is where data is physically and legally stored, such as a Canadian versus a U.S. data centre. Breach surface is how many places and parties hold a copy that could be compromised. Cloud tools add vendor servers and staff to that surface; local-first keeps the data on the one machine you control.

What does local-first mean for client files?

It means the software processes files on your own computer instead of uploading them. With PDF Insight, classification, OCR and merging of T4, RL-1, T5 and other slips all happen on-device, so client files do not leave your machine during processing.