Privacy Policy

2.1 What we access

When an administrator connects QuickBooks Online, the Service requests the OAuth scope com.intuit.quickbooks.accounting. Within that scope we read and write only the following data:

• Read — customer records (display name, phone, billing address); invoices (line items, amounts, dates, class assignments); payments; and class definitions used for publication-level P&L segmentation.
• Write — we create customer records for advertisers, post invoices and their line items, record payments against invoices, and assign QuickBooks classes to line items so each publication's revenue posts to the correct P&L segment.

We do not access bank feeds, payroll data, employee records, vendor records, or any QuickBooks data outside the categories listed above.

2.2 How we use QuickBooks data

• Synchronize advertiser billing between HomeMag and QuickBooks Online so finance teams have one source of truth.
• Segment revenue by publication (Bakersfield, Fresno, Central Coast) for internal reporting.
• Reconcile payments received via Stripe and NMI against QuickBooks invoices.

We do not use QuickBooks data for marketing, advertising, profiling, or training machine-learning models.

2.3 How we store QuickBooks data

QuickBooks access tokens and refresh tokens are encrypted at rest using Laravel's encrypted cast (AES-256-CBC with an application-scoped key) and stored in the quickbooks_tokens table on our managed Laravel Cloud database. Connection metadata (realm ID, connecting user, last-refresh timestamp) is stored alongside the tokens for audit purposes. QuickBooks customer, invoice, and payment records are queried on demand at the time they are needed for display or reconciliation; we do not maintain a long-term mirror of your QuickBooks data.

2.4 Sharing

We do not sell, rent, or share QuickBooks data with third parties. Access is limited to authorized employees of Bakersfield Home Magazine for the purposes described in section 2.2, and to the following sub-processors strictly as required to operate the Service:

• Laravel Cloud — application hosting and database.
• Intuit, Inc. — the source of the data (QuickBooks Online API).

2.5 Retention and disconnection

The connection is established once per QuickBooks company (realm) and shared by your authorized team. You may disconnect QuickBooks Online at any time from the Integrations settings page in HomeMag, which immediately revokes our refresh token with Intuit and deletes the stored token record from our database. You may also revoke the connection directly from your QuickBooks Online account under Apps → Connected Apps.

2.6 Intuit's privacy policy

Your underlying use of QuickBooks Online is also governed by Intuit's own privacy policy: https://www.intuit.com/privacy/statement/.

3.1 What we access

When a user connects their Gmail account, the Service requests the following Google OAuth scopes:

• https://www.googleapis.com/auth/gmail.readonly — read access to messages and metadata.
• https://www.googleapis.com/auth/gmail.send — permission to send messages on the user's behalf.

Within those scopes, for each connected user we sync messages exchanged with email addresses that match advertisers and contacts already stored in your CRM, going back up to twelve (12) months from the date of connection, plus all new messages thereafter. For each matching message we store: headers (from, to, cc, subject, date, snippet), full body text (plain-text and HTML parts), and attachment metadata (filename, MIME type, size). We do not store the binary contents of attachments. We do not access calendar events, contacts, Drive files, or any other Google service.

3.2 How we use Gmail data

• Surface advertiser-related emails on the relevant advertiser timeline in the CRM so sales reps and account managers have a complete picture of customer communications.
• Associate emails to the correct advertiser/contact record using the sender and recipient email addresses.
• Send outbound emails on the connected user's behalf when the user composes a message from within the CRM.

We do not use Gmail data for advertising, marketing to third parties, profiling, or training generalized machine-learning models.

3.3 How we store Gmail data

Per-user OAuth access and refresh tokens are encrypted at rest using Laravel's encrypted cast (AES-256-CBC with an application-scoped key) and stored in the gmail_accounts table on our managed Laravel Cloud database. Tokens are scoped to the individual user who connected Gmail and are not shared between users. Synced email records are stored in the emails table on the same database. All data is encrypted in transit via TLS.

3.4 Sharing and team visibility

We do not sell, rent, or share Gmail data with third parties. Synced emails are visible inside the CRM to authorized employees of Bakersfield Home Magazine with access to the linked advertiser record (a "Copper-style" team-visibility model). Administrators may restrict the visibility of any individual email or thread to specific users via the email_visibility_rules table.

We use the following sub-processors strictly as required to operate the Service:

• Laravel Cloud — application hosting and database.
• Google LLC — the source of the data (Gmail API).
• Anthropic, PBC — used on a per-request basis to help associate incoming emails to the correct advertiser record. Only the sender, recipient, subject, and a short content excerpt are sent for matching purposes. Anthropic processes this data solely to return a matching result to HomeMag for the originating user. Per Anthropic's commercial API terms, content sent to Anthropic is not retained beyond the request lifecycle and is not used to train or improve any AI/ML models. No cross-customer use of this data occurs.

3.5 Retention and disconnection

You may disconnect Gmail at any time from the Integrations settings page in HomeMag, which immediately revokes our refresh token with Google and deletes the stored token record from our database. You may also revoke our access directly from your Google Account at myaccount.google.com/permissions.

Disconnecting stops further sync but does not by default delete previously synced messages from our database. To request deletion of previously synced Gmail data — at the time you disconnect or at any time afterward — email [email protected]. We will permanently delete the requested data within thirty (30) days of receiving the request.

3.6 Google API Services User Data Policy (Limited Use)

HomeMag's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, we do not:

• transfer Gmail data to others unless doing so is necessary to provide or improve the Service, comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users;
• use Gmail data for serving advertisements;
• allow humans to read Gmail data unless we have obtained your explicit consent to read specific messages, it is necessary for security purposes (e.g., investigating abuse), it is necessary to comply with applicable law, or the data has been aggregated and anonymized for internal operations; and
• use Gmail data to develop, improve, or train generalized AI/ML models. The narrow, per-request matching described in section 3.4 operates on minimal message metadata and is performed only to provide the Service to the user from whom the data originated. The Anthropic sub-processor disclosed in section 3.4 performs narrow inference for the originating user only and does not retain or train on transmitted content.

3.7 Google's privacy policy

Your underlying use of Gmail is also governed by Google's own privacy policy: https://policies.google.com/privacy.