Privacy Policy — DuplicateGuard
Last updated: 2026-04-29
Who we are
DuplicateGuard ("the Service") is operated by Sidebar Bookkeeping LLC, an Arizona limited liability company ("we," "us," or "DuplicateGuard"). General contact: mike@sidebarbookkeeping.com. Security and incident reports: security@sidebarbookkeeping.com.
Intuit®, QuickBooks®, and QuickBooks® Online are registered trademarks of Intuit Inc. DuplicateGuard is not affiliated with, endorsed by, or sponsored by Intuit. References below to QuickBooks describe the data we exchange with Intuit's API at your direction.
What data we collect
- Account data: the email address you sign in with.
- QuickBooks Online data: when you connect a QuickBooks file via Intuit's OAuth using the
com.intuit.quickbooks.accountingscope, we receive an access token and a refresh token, and we read transaction records of these types: Purchases, Bills, Bill Payments, Deposits, Payments, Sales Receipts, Refund Receipts, Credit Memos, Vendor Credits, and Transfers. We also read the Customer, Vendor, and Account references those transactions point to (so we can show you "Office Depot" rather than an opaque ID). We use this data only to detect duplicate transactions within the QuickBooks file you authorized. We do not query other Intuit APIs and we do not access other QuickBooks companies' files. - Duplicate candidates we generate: for each pair our engine flags, we store the QuickBooks transaction IDs, the matching reason (transaction amounts, payee references, posted dates, and transaction descriptions, which may include the vendor or customer name embedded in the description), and the resolution status (pending / merged / dismissed / undone).
- Audit log entries: when you merge, dismiss, or undo a candidate, we record what action was taken, which account took it, when, and the request and response we exchanged with QuickBooks during the action. Sensitive fields (access tokens, refresh tokens,
Authorizationheaders, anything that looks like a credential) are automatically redacted before storage so a leaked log row cannot be used to access your QuickBooks file. - Billing data: if you subscribe, Stripe handles your payment method directly. We never see or store your card number, CVC, or full billing address. We store only your Stripe customer ID, subscription status, current period dates, and active seat count — enough to show your subscription state and gate features. Stripe processes the rest under their own privacy terms: https://stripe.com/privacy.
- Usage logs: standard application logs (request paths, timestamps, error traces, IP address for rate-limiting and abuse detection).
How we use your data
We use your data only to:
- Provide the Service: scan your connected QuickBooks files for duplicate transactions, present a review queue, and execute merge actions in QuickBooks when you click Merge.
- Bill you, through Stripe.
- Send you sign-in links and account notices, through Resend.
- Debug errors, monitor security, and improve reliability.
- Comply with legal obligations.
We do not sell, rent, or share your personal information for advertising. We do not use your QuickBooks data for behavioral profiling, advertising targeting, or any commercial purpose other than running DuplicateGuard for you. We do not use your QuickBooks data to train artificial-intelligence or machine-learning models — neither models we train ourselves nor third-party models. The duplicate-detection engine is a deterministic rules-based engine, not a learned model.
Who we share it with (subprocessors)
We use the following third parties to operate the Service. Each receives only the data needed for its function:
| Subprocessor | What it sees | Purpose |
|---|---|---|
| Intuit (QuickBooks Online API) | OAuth credentials, transaction read/write requests | Reading your QuickBooks data and executing merges you authorize |
| Stripe | Your name and email, payment method, billing address you provide to Stripe | Processing subscription payments |
| Resend | Your email address, magic-link content, account-notice content | Sending you sign-in and account emails |
| Neon | Encrypted database contents (account, candidates, audit log, encrypted OAuth tokens) | Hosting our PostgreSQL database |
| Fly.io | All in-flight requests and application memory | Hosting our application servers |
| Cloudflare | DNS lookups, TLS termination at the edge | DNS, edge networking, mailbox forwarding |
We do not share your QuickBooks data with anyone outside this list. We will give you at least fourteen (14) days' notice by email or in-app before adding a new subprocessor that handles your QuickBooks data, so that you may object before the change takes effect.
How long we keep it (retention)
- Account data: kept until you delete your account (see "Your rights" below).
- OAuth tokens for connected QuickBooks files: stored encrypted at rest. The encrypted token is cryptographically destroyed at the moment you disconnect the QuickBooks file. After disconnection, the connection row keeps the QuickBooks company name and the connect/disconnect timestamps so you can see your historical connections; no usable credential remains in our database.
- Duplicate candidates: kept for as long as the QuickBooks connection that generated them remains connected. When you disconnect a QuickBooks file, the candidates from that file are deleted along with the connection within thirty (30) days.
- Audit log entries: kept indefinitely. This is the legal and compliance trail of what was changed in your QuickBooks file at your direction. After you delete your account, the
account_idlink is removed from each audit-log row so the row no longer identifies you, but the action records remain in our database (anonymized) because they describe what was changed in third-party data. This anonymization carve-out is the only part of "all associated data" we do not delete on account deletion; everything else cascades cleanly. - Billing data: retained as long as you have an active subscription, plus seven (7) years to satisfy our tax and accounting obligations (and Stripe's separate retention).
- Application logs: rotated continuously by our hosting provider; we do not retain raw application logs beyond thirty (30) days for operational debugging.
Your rights
- Access and export. From inside DuplicateGuard, use the data-export feature on your account page to download a JSON file containing your account, connection metadata (without tokens), and audit log. Or email mike@sidebarbookkeeping.com.
- Deletion. Use the in-app account-deletion flow (typed confirmation required), or email mike@sidebarbookkeeping.com. We immediately revoke any active QuickBooks refresh tokens with Intuit, immediately cancel any active Stripe subscription (no further charges), and delete your account and associated data from our database within thirty (30) days, except as noted above for anonymized audit-log retention. Records already in your QuickBooks file (whether you created them or DuplicateGuard merged duplicates at your direction) remain in your QuickBooks — you own that data.
- Disconnect QuickBooks. Disconnect any time from inside QuickBooks (Apps → My Apps), or from inside DuplicateGuard via the Disconnect button. Disconnecting revokes our future access to that file, destroys our stored OAuth credentials for it (see retention above), and stops billing for that seat.
- Cancel subscription. Manage or cancel your subscription any time from inside DuplicateGuard via "Manage billing," or by emailing us. See the Terms of Service for full billing terms, including the 14-day cooling-off refund for first-time subscribers.
- Correction. If any personal information we hold about you is inaccurate, email mike@sidebarbookkeeping.com to have it corrected.
- California residents (CCPA / CPRA). In addition to the rights above, you have the rights to: know what personal information we collect, use, and share; correct inaccurate personal information; delete personal information; limit our use of any sensitive personal information (we do not collect or use sensitive personal information as defined under CPRA, except to the extent QuickBooks data you authorize falls within that scope, in which case our use is limited to providing the Service); and not be discriminated against for exercising any of these rights. We do not sell or share personal information for cross-context behavioral advertising. To exercise any right, email mike@sidebarbookkeeping.com.
- EEA / UK residents (GDPR / UK GDPR). Our legal bases for processing are: contract (to deliver the Service you signed up for, including processing your account, billing, and QuickBooks scans), legitimate interests (security, abuse prevention, debugging — balanced against your rights), and legal obligation (tax and accounting record-keeping). You have the rights of access, rectification, erasure, restriction, portability, and objection. You may withdraw consent where consent is the basis. You may lodge a complaint with your local data-protection authority. Where you contact us in connection with these rights, we respond without undue delay and within thirty (30) days. Our infrastructure (Neon, Fly.io) hosts data in the United States; transfers from the EEA / UK rely on Standard Contractual Clauses with our subprocessors.
- Minors. DuplicateGuard is intended for adult business use. We do not knowingly collect personal information from anyone under 18. If you believe we have, email mike@sidebarbookkeeping.com and we will delete it.
Security
- All data in transit uses HTTPS with HSTS enforced.
- OAuth refresh and access tokens are encrypted at rest using Fernet (AES-128-CBC + HMAC-SHA256) before being written to the database. The encryption key is held in our hosting provider's secret manager, separate from the database.
- Webhook receivers (Intuit data-change events, Intuit disconnect notifications, Stripe billing events) verify HMAC signatures before processing.
- All state-changing API endpoints require both a valid session cookie and a CSRF token.
- Rate limiting protects authentication and unauthenticated endpoints.
- Sensitive fields are automatically redacted from audit-log payloads before storage.
- Access to production data is restricted to the operator and audited.
- We monitor dependencies for known vulnerabilities and rebuild our application image to absorb upstream patches on a documented cadence.
Breach notification
If we become aware of a security incident that compromises the confidentiality, integrity, or availability of your personal information, we will notify you without undue delay and, where required by applicable law (including, where applicable, GDPR Article 34's 72-hour window for data-protection-authority notification), within the legal deadline. The notification will describe what happened, what data was affected to the extent known, the steps we have taken in response, and what (if anything) we recommend you do.
International transfers
Sidebar Bookkeeping LLC is based in Arizona, USA. Our infrastructure (Neon, Fly.io, Stripe, Resend, Cloudflare) hosts data in the United States. If you access the Service from outside the United States, you acknowledge that your data is transferred to and processed in the U.S. We rely on Standard Contractual Clauses or equivalent transfer mechanisms with our subprocessors to provide an adequate level of protection for transfers from the EEA, UK, or other jurisdictions that require such mechanisms.
Changes
We will post any changes here and update the "Last updated" date. For material changes (changes that expand the categories of data we collect, the purposes for which we use data, or the third parties we share data with), we will email active subscribers at the address on the account before the change takes effect.
Contact
Sidebar Bookkeeping LLC General privacy questions and rights requests: mike@sidebarbookkeeping.com Security incidents and responsible disclosure: security@sidebarbookkeeping.com