1. Introduction
FirmView ("we," "us," or "our") provides financial intelligence tools that help small and mid-sized businesses understand their financial performance. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services at firmview.cc (the "Service").
2. Information We Collect
Account Information
During the beta period, access is by invitation only. We collect and store:
- Your company name (provided during onboarding)
- An invite token (hashed, not stored in plain text)
We do not collect email addresses, passwords, or personal identification information during the beta period.
Financial Data You Upload
When you upload QuickBooks export files, we receive and process:
- Chart of Accounts
- Profit & Loss by Month
- Balance Sheet Detail
- Transaction Detail by Account
- A/R Aging Detail (optional)
- A/P Aging Detail (optional)
Financial Data from QuickBooks Online
If you connect your QuickBooks Online account, we access the following data through the Intuit QuickBooks API with your explicit authorization:
- Profit and Loss report
- Balance Sheet report
- Account List
- Accounts Receivable Aging report
- Accounts Payable Aging report
We access this data in read-only mode. We do not modify, create, or delete any records in your QuickBooks Online account.
3. How We Use Your Information
We use your financial data solely to:
- Generate financial analysis reports (PDF and Excel)
- Compute metrics across your income statement, balance sheet, and cash flow
- Identify financial insights, trends, and potential risks
We do not use your data for advertising, marketing to third parties, or any purpose unrelated to providing the FirmView Service.
4. Data Storage and Security
- Encryption in transit: All data is transmitted over HTTPS (TLS encryption).
- Encryption at rest: Uploaded files and generated reports are stored in Amazon S3 with server-side encryption (SSE).
- Automatic deletion: Uploaded files are automatically deleted after 30 days.
- QuickBooks tokens: OAuth access and refresh tokens are encrypted at rest using Fernet symmetric encryption and stored separately from your financial data.
- No data sharing between customers:Each company's data is isolated. There is no shared database or cross-company access.
5. QuickBooks Online Connection
When you connect your QuickBooks Online account to FirmView:
- You are redirected to Intuit's authorization page where you grant FirmView read-only access to your financial reports.
- You can disconnect your QuickBooks account at any time from the FirmView dashboard. Disconnecting revokes our access and deletes stored tokens.
- We do not store raw QuickBooks API responses beyond what is needed to generate your report during a single analysis run.
6. Data Sharing
We do not sell, rent, or share your financial data with third parties.
We may share data only in the following limited circumstances:
- Service providers: We use Amazon Web Services (AWS) for file storage and Fly.io for application hosting. These providers process data on our behalf under their respective security and privacy commitments.
- Legal requirements: We may disclose information if required by law, regulation, or legal process.
7. Data Retention
- Uploaded files: automatically deleted after 30 days.
- Generated reports: retained until you request deletion or your account is closed.
- QuickBooks OAuth tokens: deleted immediately when you disconnect your QuickBooks account.
8. Your Rights
You may at any time:
- Request deletion of your data by contacting us
- Disconnect your QuickBooks Online account from the dashboard
- Request a copy of the data we hold about your company
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.
10. Contact Us
If you have questions about this Privacy Policy or your data, contact us at: privacy@firmview.cc