EleganskyBrain Master ("the Application") is a private, single-tenant internal tool operated by Frank Mlaki / EleganskyBrain. The Application connects exclusively to a QuickBooks Online company owned and controlled by the operator. It is not offered to the public, no end-users are onboarded, and no third-party customers are served through it.
The Application reads and (in later phases) writes financial records from and to the operator's own QuickBooks Online company via the official Intuit QuickBooks Online API. The data handled may include: invoices, customers, vendors, payments, bills, items, accounts, and related accounting records belonging to EleganskyBrain.
Only the operator (and any staff explicitly authorised by the operator) can access the Application or the data it processes. No data is shared with, sold to, or made accessible to any third party, advertiser, broker, or analytics provider.
QuickBooks remains the system of record. The Application maintains a local mirror of QuickBooks data for performance and rate-limit reasons. That mirror is stored on infrastructure controlled solely by the operator and is protected by standard server-side access controls. No third-party cloud analytics, tracking, or telemetry is used.
The Application uses OAuth 2.0 to authenticate with Intuit. Refresh tokens are stored encrypted at rest on the operator's infrastructure. Tokens are used solely to access the operator's own QuickBooks data and are revoked if the operator disconnects the Application from Intuit.
Mirrored data is retained for as long as the Application is in use. If the operator disconnects the Application from QuickBooks, the local mirror may be retained for offline reference; on request the mirror can be deleted in full.
Communication with Intuit uses HTTPS / TLS. Credentials and OAuth secrets are stored outside source control in environment variables on the operator's server. Standard Linux file-permission and access controls apply.
The Application is a business accounting tool and does not knowingly process data of individuals under 13.
If the scope of the Application changes (for example, if it is ever offered to other businesses), this policy will be updated and re-dated above.
Questions or requests about this policy: fmlaki@gmail.com.