Privacy Policy

1. Introduction

Oakbridge Finance LLC ("we," "us," or "our") operates Acorn, a web-based QuickBooks Online data extraction tool. This Privacy Policy describes how we collect, use, store, and protect your information when you use the Acorn service ("the Service") and visit our website at oakbridgefinance.com.

2. Information We Collect

Account Information: When you create an account, we collect your email address and an encrypted password. We do not collect your name, address, or phone number unless you voluntarily provide it through our contact form.

QuickBooks Online Data: When you connect your QBO account, we access your financial data through Intuit's authorized OAuth 2.0 framework in read-only mode. This includes your chart of accounts, general ledger transactions, account balances, profit and loss reports, balance sheet reports, and accounts receivable/payable aging. We do not store your financial data. Data is extracted in real time, used to generate your report, and then discarded. Generated report files are deleted from our servers immediately after you download them. We never modify, delete, or write data to your QBO account.

Generated Reports: Excel workbooks generated by the Service are available for immediate download. Report files are deleted from our servers immediately after you download them. We do not retain copies of your reports.

Custom Account Mappings: If you create custom account mappings, the mapping configuration (group names and account assignments — not financial amounts) is stored in our database associated with your account.

QBO OAuth Tokens: We store encrypted OAuth tokens that allow Acorn to connect to your QBO account on your behalf. These tokens do not contain your QBO username or password. You can revoke access at any time by disconnecting your QBO company within Acorn or through your Intuit account settings.

Usage Data: We collect basic, anonymized usage data through Google Analytics, including page views, browser type, and general location. We do not use this data to identify individual users.

Payment Information: Payment processing is handled entirely by Stripe. We do not store, process, or have access to your credit card numbers or bank account details.

3. How We Use Your Information

We use your information solely to:

• Provide and maintain the Service — generating financial reports from your QBO data
• Authenticate your access to the Service and your QBO connection
• Communicate with you about your account, trial status, and service updates
• Improve the Service based on anonymized usage patterns
• Respond to your inquiries

We do not and will never:

• Sell, rent, license, or share your financial data with any third party
• Use your financial data for advertising, marketing, or profiling purposes
• Aggregate your financial data with other users' data for any purpose
• Access or review your financial data unless you explicitly request our assistance
• Retain your financial data after your report is downloaded

4. How We Store and Protect Your Data

No Persistent Financial Data Storage: We do not maintain a database of your financial transactions, account balances, or ledger data. Financial data is extracted from QBO in real time, used to build your report, and discarded. Generated report files are deleted from our servers immediately after you download them.

Multi-Tenant Isolation: Every piece of data in our system is isolated to your individual account. Row-level security policies on every database table ensure that each user can only access their own data — jobs, mappings, QBO connections, and report files. This isolation is enforced at the database level, not just the application level.

Authentication Tokens: QBO OAuth tokens are stored with row-level security policies. These tokens allow Acorn to connect to QBO on your behalf but do not contain your QBO username or password. All tokens are transmitted exclusively over HTTPS.

Infrastructure Security: The Service is hosted on SOC 2 Type II certified cloud infrastructure providers. All data is encrypted in transit via HTTPS/TLS. We employ industry-standard security practices including CORS restrictions, CSRF protection, rate limiting on authentication endpoints, input validation, and bounded concurrency controls.

Access Controls: Our team does not access, view, or examine your financial data or generated reports. We access our systems only for maintenance, troubleshooting (at your request), and infrastructure management — never to view individual users' financial information.

5. Data Sharing

We do not sell, rent, trade, or share your personal information or financial data with any third parties. The following categories of service providers support the operation of the Service:

• QuickBooks Online (Intuit): Your QBO data is accessed via Intuit's OAuth 2.0 API. Intuit's own privacy policy governs their handling of your data.
• Cloud infrastructure providers: SOC 2 Type II certified providers host our database, file storage, and application backend. These providers process data on our behalf under strict access controls and do not independently access your financial data.
• Payment processing: Subscription payments are handled by a PCI-compliant third-party processor. We never see or store your payment card details.
• Website analytics: We use anonymized analytics to understand website traffic. These tools do not have access to your financial data or account information.
• Legal requirements: We may disclose your information if required by law, subpoena, or court order.

We do not use data brokers, advertising networks, or third-party tools that process your financial information.

6. Data Retention

• Account Data: Retained as long as your account is active. Deleted upon account closure.
• Generated Reports: Deleted from our servers immediately after you download them. Each report can be downloaded once. If you need the report again, generate a new one.
• QBO Tokens: OAuth tokens are retained as long as the QBO connection is active. You can disconnect your QBO company at any time, which deletes the stored tokens.
• Custom Mappings: Retained as long as your account is active. Deleted upon account closure.
• Financial Data: Not retained. Data is extracted from QBO in real time, used to generate your report, and discarded immediately.

7. Your Rights

You have the right to:

• Access: Request a copy of the data we hold about you
• Delete: Request deletion of your account and all associated data
• Disconnect: Remove your QBO connection at any time through the Service
• Portability: Download your generated reports in Excel format

To exercise any of these rights, contact us at accounting+acorn@oakbridgefinance.com.

8. Cookies

The Service uses localStorage (not cookies) to store your authentication session. Our website uses Google Analytics, which sets cookies to track website usage. You can opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-on.

9. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the Service or by updating this page. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact

For questions about this Privacy Policy or your data, contact us at:
Oakbridge Finance LLC
Email: accounting+acorn@oakbridgefinance.com