Privacy Policy

1. Introduction

Color Orchids Analytics Supply Platform ("we," "our," or "us") operates the QuickBooks Webhook App service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QuickBooks integration service.

2. Information We Collect

2.1 QuickBooks Data

When you connect your QuickBooks Online account, we may access and store:

• Company information (name, address, contact details)
• Financial data (transactions, invoices, payments, customers, vendors)
• User information associated with your QuickBooks account
• Webhook notification data from QuickBooks Online
• OAuth tokens and authentication information

2.2 Usage Information

We automatically collect certain information about your use of our service:

• Log data (IP addresses, browser type, access times)
• API usage statistics and performance metrics
• Error logs and debugging information
• Authentication and session information

2.3 Technical Information

We collect technical information necessary for service operation:

• Device and browser information
• Network connection data
• Application performance metrics

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, maintain, and improve our QuickBooks integration services
• Data Processing: To process and analyze your QuickBooks data for reporting and analytics
• Authentication: To authenticate and authorize access to your QuickBooks data
• Communication: To send service-related notifications and updates
• Security: To protect against unauthorized access and ensure data security
• Compliance: To comply with legal obligations and regulatory requirements
• Improvement: To analyze usage patterns and improve our services

4. Data Storage and Security

4.1 Storage Location

Your data is stored securely in Google Cloud Platform (Firestore) with appropriate security measures including:

• Encryption at rest and in transit
• Access controls and authentication
• Regular security monitoring and auditing
• Backup and disaster recovery procedures

4.2 Data Retention

We retain your data only as long as necessary to provide our services or as required by law. You may request deletion of your data at any time, subject to our legitimate business needs and legal requirements.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: With trusted third-party service providers who assist in operating our service (e.g., cloud hosting providers)
• Legal Requirements: When required by law, court order, or government regulation
• Business Protection: To protect our rights, property, or safety, or that of our users or the public
• Business Transfers: In connection with a merger, acquisition, or sale of business assets
• Consent: With your explicit consent for specific purposes

6. QuickBooks Integration

Our service integrates with QuickBooks Online through official Intuit APIs. This integration is subject to:

• Intuit's Privacy Policy and Terms of Service
• QuickBooks Online's data access permissions
• OAuth 2.0 security protocols
• Webhook verification and validation

7. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request access to your personal information we hold
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a structured format
• Restriction: Request restriction of processing under certain circumstances
• Objection: Object to processing of your personal information
• Withdrawal: Withdraw consent for data processing where applicable

8. Cookies and Tracking

We use cookies and similar technologies to:

• Maintain user sessions and authentication
• Remember user preferences and settings
• Analyze service usage and performance
• Provide security features and fraud prevention

You can control cookie settings through your browser, but disabling certain cookies may affect service functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information during such transfers, including:

• Adequacy decisions by relevant authorities
• Standard contractual clauses
• Binding corporate rules
• Certification schemes

10. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on this page
• Updating the "Last updated" date
• Sending email notifications for significant changes
• Providing in-app notifications when appropriate

12. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

• Notify relevant authorities within 72 hours where required
• Inform affected users without undue delay
• Provide details about the nature and scope of the breach
• Explain steps taken to address the breach
• Provide recommendations for protecting your information

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Data Protection Officer: Available through our support channels
• Privacy Inquiries: Submit through our contact form or support system
• Data Subject Requests: Use our dedicated privacy request process