BlendCFO ("we," "our," or "us") operates the BlendCFO platform at blendcfo.ai. This Privacy Policy explains how we collect, use, and protect your information.
1. Information We Collect
When you use BlendCFO, we collect:
- Account Information: Email address, name, and password when you create an account.
- Connected Platform Data: Financial data from QuickBooks (income, expenses, transactions), Shopify (orders, revenue), Meta Ads (campaign spend, performance), and Google Ads (campaign spend, performance) — accessed via read-only OAuth connections you authorize.
- Usage Data: How you interact with our dashboard, features used, and session information.
2. How We Use Your Data
We use your data exclusively to:
- Generate blended financial reports and insights for your business.
- Calculate true blended ROAS across advertising platforms.
- Produce weekly P&L summaries and expense analysis.
- Send you weekly briefing emails and anomaly alerts.
- Improve our platform and features.
3. Read-Only Access
BlendCFO requests read-only access to your connected accounts. We never write to, modify, or change any data in your QuickBooks, Shopify, Meta, or Google accounts. We cannot make purchases, create transactions, modify campaigns, or alter any settings.
4. Data Security
- All data is encrypted in transit using TLS 1.3.
- Data at rest is encrypted using AES-256.
- OAuth tokens are stored encrypted and are never exposed in logs or client-side code.
- We use Supabase (hosted on AWS) with Row Level Security for data isolation between customers.
- We do not store your QuickBooks, Shopify, Meta, or Google passwords.
5. Data Sharing
We do not sell, rent, or share your financial data with third parties. We may share anonymized, aggregated data for research or benchmarking purposes, but this data can never be traced back to your business.
We use the following service providers to operate BlendCFO:
- Supabase: Database and authentication (hosted on AWS).
- Vercel: Application hosting and deployment.
- Anthropic (Claude): AI analysis for weekly briefings and expense auditing. Your data is processed but not stored by Anthropic.
- Stripe: Payment processing for subscriptions.
6. Data Retention
We retain your financial data for as long as your account is active. When you delete your account, we delete all your data within 30 days, including all connected platform data, reports, and OAuth tokens.
7. Your Rights
You can at any time:
- Disconnect any connected platform from your BlendCFO dashboard.
- Export your data in CSV format.
- Delete your account and all associated data.
- Request a copy of all data we hold about you.
8. QuickBooks Data
Our use of QuickBooks data complies with Intuit's developer terms. We access your QuickBooks data only through authorized OAuth 2.0 connections. We use QuickBooks data solely for generating financial reports and insights within BlendCFO. We do not use QuickBooks data for advertising, marketing to third parties, or any purpose outside of providing our service to you.
9. Cookies
We use essential cookies for authentication and session management. We do not use advertising or tracking cookies.
10. Contact
For privacy questions or data requests, contact us at privacy@blendcfo.ai.