Privacy Policy

Last Updated: February 19, 2025

Summary

: We access your ServiceM8 and QuickBooks Online data only to synchronize customers and jobs. We cache data temporarily for performance but don't make it publicly accessible. We don't store your business data permanently, don't sell your information, and use industry-standard security practices to protect your OAuth credentials.

Introduction

This Privacy Policy describes how the QBO Customer and Project Creator application ("we", "our", or "the Application") collects, uses, and protects your information when you use our service.

Information We Collect

1. Information You Provide

QuickBooks Online Access: OAuth credentials to access your QuickBooks Online account
ServiceM8 Access: API credentials to access your ServiceM8 account

2. Information We Access

From ServiceM8:

Customer/client names, emails, phone numbers, and addresses
Job numbers, descriptions, addresses, and statuses
Company information

From QuickBooks Online:

Customer names and IDs
Project names, descriptions, and IDs
Company/Realm ID

3. Automatically Collected Information

OAuth access tokens and refresh tokens
API request logs (for debugging and monitoring)
Error logs and diagnostic information

How We Use Your Information

We use the collected information to:

Synchronize customer data from ServiceM8 to QuickBooks Online
Create and update customers in QuickBooks Online
Synchronize job data from ServiceM8 to QuickBooks Online Projects
Maintain OAuth authentication sessions
Monitor and improve Application performance
Troubleshoot errors and provide support

Data Storage and Security

Storage

OAuth Tokens: Stored encrypted in Cloudflare KV (Key-Value) storage
Customer/Job Data Cache: Temporarily cached in Cloudflare D1 database for performance optimization. This cached data is not publicly accessible and is used only for internal synchronization operations
Logs: Temporarily stored for debugging purposes

Security Measures

OAuth 2.0 authentication for QuickBooks Online
HTTPS/TLS encryption for all data transmission
Secure storage of credentials in Cloudflare infrastructure
Access tokens automatically expire and are refreshed as needed
API keys stored as environment variables, not in code
Database access restricted to authorized application code only

Data Retention

OAuth tokens: Retained until you disconnect the Application
Transaction logs: Retained for up to 30 days for debugging
Cached data: Retained for performance optimization, updated regularly during sync operations
Original data: Remains in your ServiceM8 and QuickBooks Online accounts

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties.

Third-Party Services

The Application uses the following third-party services:

ServiceM8: To retrieve customer and job information from your account
QuickBooks Online (Intuit): To create and update customers and projects
Cloudflare Workers/KV/D1: To host the Application, store OAuth tokens, and cache data for performance

Data is shared with these services only as necessary to provide the synchronization functionality.

Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).

Your Rights and Choices

Access and Control

Disconnect: You can disconnect the Application from QuickBooks Online at any time through the Application interface
Revoke Access: You can revoke ServiceM8 or QuickBooks Online access through their respective platforms
Delete Data: Disconnecting the Application will remove stored OAuth tokens and cached data

Data Portability

All data synchronized remains in your ServiceM8 and QuickBooks Online accounts and can be exported using their respective export features.

Third-Party Links and Services

The Application integrates with ServiceM8 and QuickBooks Online. Please review their privacy policies:

ServiceM8 Privacy Policy: https://www.servicem8.com/privacy-policy/
Intuit Privacy Statement: https://www.intuit.com/privacy/statement/

We are not responsible for the privacy practices of these third-party services.

Children's Privacy

The Application is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us so we can delete such information.

International Data Transfers

The Application uses Cloudflare's global network. Your data may be transferred to and processed in countries other than your country of residence. We ensure that such transfers comply with applicable data protection laws.

California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

Know what personal information is collected
Know whether your personal information is sold or disclosed and to whom
Opt-out of the sale of personal information (Note: We do not sell personal information)
Request deletion of your personal information
Not be discriminated against for exercising your privacy rights

To exercise these rights, please contact us using the information below.

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have the right to:

Access your personal data
Rectify in
Request erasure of your personal data
Restrict processing of your personal data
Object to processing of your personal data
Data portability

Legal Basis for Processing

We process your data based on:

Consent: You authorize the Application to access ServiceM8 and QuickBooks Online
Legitimate Interest: To provide the synchronization service you requested

Cookies and Tracking

The Application does not use cookies or tracking technologies for advertising purposes. Session data may be used temporarily to maintain your authenticated session.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Updating the "Last Updated" date at the top of this policy
Displaying a notice in the Application (for significant changes)

Your continued use of the Application after changes constitutes acceptance of the updated Privacy Policy.

Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law within 72 hours of becoming aware of the breach.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Company: Weekend Plumber
Email: [email protected]

Consent

By using the QBO Customer and Project Creator application, you consent to this Privacy Policy and agree to its terms.