Privacy Policy

Last updated: June 12, 2026

The short version: your books are yours, we encrypt them, we do not sell them, and we only share them with the processors that make the product work.

What we collect

Account information: your name, email address, and password (stored as a strong one-way hash, never in plain text).

Financial records you enter or import: invoices, bills, expenses, accounts, budgets, and similar bookkeeping data for your businesses and, if you choose, your personal books.

Bank connection data: if you connect a bank account, transactions are imported through Plaid. We receive transaction data; we never see or store your bank login credentials.

Billing data: subscriptions are processed by Stripe. Your card number never touches our servers; we store only the subscription status, plan details, and the email used at checkout.

Operational data: logs and audit trails that record actions taken in your account, kept for security and compliance.

How we use it

To run the product: showing you your books, generating reports and forecasts, sending the emails you ask us to send (like invoices), and keeping your subscription active.

To keep the service safe: rate limiting, fraud prevention, audit logging, and debugging.

We do not sell your data. We do not use your financial records for advertising. We do not share your data with third parties except the processors named here (Stripe for payments, Plaid for bank connections, Resend for transactional email, and our hosting infrastructure), each bound to use it only to provide their service to us.

How we protect it

Data is encrypted in transit (TLS) and at rest. Sensitive fields carry an additional layer of application-level encryption. Access inside the company is limited and logged. Every meaningful change to your books is recorded in an audit trail you can review.

Your choices

Export: you can export your data at any time from inside the product.

Deletion: when you close your account, we delete your data on our standard schedule, retaining only what the law requires us to keep (for example, records supporting our own taxes and billing).

Email: transactional email (receipts, verification, password resets) is part of the service. We do not run marketing drip campaigns against your inbox.

Cookies

We use a session cookie to keep you signed in and security cookies to protect sign-in flows. No third-party advertising trackers.

Changes and contact

If we make material changes to this policy we will post the new version here with a new date, and for significant changes we will tell you in the product. Questions: reach us through the Help Center.

Privacy Policy | RealBooks