Privacy Policy

This Privacy Policy describes how the qbo cli project ("we," "us," or "our") handles information in connection with the qbo cli command-line software (the "Software"). We are committed to transparency about our data practices — which, by design, are minimal.

1. Information We Do Not Collect

The Software is a local command-line tool that runs entirely on your machine. We do not operate servers, databases, or cloud services that receive your data. Specifically:

• -No financial data collection. We never see, store, or transmit your QuickBooks Online data. All API calls go directly from your machine to Intuit's servers.
• -No credential collection. Your OAuth tokens, Client ID, Client Secret, and refresh tokens are stored locally on your machine in a configuration file. We have no access to them.
• -No telemetry or analytics. The Software does not phone home, send usage statistics, crash reports, or any other data to us or third parties.
• -No personal information collection. We do not collect your name, email address, IP address, or any other personally identifiable information through the Software.

2. Data Stored Locally on Your Machine

The Software stores the following data locally in a configuration directory on your machine (typically ~/.config/qbo/):

• -OAuth 2.0 tokens (access token, refresh token) for authenticating with the QuickBooks Online API.
• -API credentials (Client ID, Client Secret, Realm ID) that you provide during setup.
• -Configuration preferences (output format, default environment) that you set.

You are responsible for securing access to these files. We recommend setting appropriate file permissions (e.g., chmod 600) on your configuration directory.

3. Third-Party Services

The Software communicates with the following third-party services:

• -Intuit QuickBooks Online API (quickbooks.api.intuit.com) — to query entities, run reports, and update transactions. Your use of this API is governed by Intuit's Privacy Policy and Developer Terms of Service.
• -Intuit OAuth 2.0 servers (oauth.platform.intuit.com) — to obtain and refresh access tokens. During the initial authorization flow, a temporary local HTTP server is started on your machine to receive the OAuth callback.

We encourage you to review Intuit's privacy policy at intuit.com/privacy.

4. This Website

This website (the landing page you are currently viewing) may use basic, privacy-respecting analytics to count page views. No cookies are used for tracking, no personal information is collected, and no data is shared with third parties. The analytics, if present, collect only aggregate, anonymized page-view counts.

5. Data Security

Since the Software runs locally and we do not collect or store any user data, the security of your information depends on the security of your own machine and infrastructure. We recommend keeping the Software up to date, using strong file permissions on configuration files, and following Intuit's security best practices for API credential management.

6. Children's Privacy

The Software is a developer tool intended for use by businesses and professionals. It is not directed at children under the age of 13, and we do not knowingly collect any information from children.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Since we do not collect contact information, we cannot notify you directly of changes — we recommend checking this page periodically.

8. Contact

If you have questions or concerns about this Privacy Policy, please open an issue on the project's GitHub repository.