Privacy Policy

Last updated: April 9, 2026

1. Who We Are

PaydayBooks Inc. ("PaydayBooks," "we," "our," or "us") operates the PaydayBooks Shopify application and the website at paydaybooks.com. This Privacy Policy explains how we collect, use, store, and share information when you install or use our Service. Questions? Contact us at [email protected].

2. Information We Collect

  • Shopify store data: store domain, payout records, payout transactions (amounts, fees, refunds, adjustments), and your Shopify OAuth access token.
  • QuickBooks Online data: your QBO OAuth access and refresh tokens, realm ID, and chart-of-accounts metadata needed to post entries.
  • Account information: your email address (collected via Shopify's OAuth flow) for transactional notifications.
  • Usage and log data: sync status, error logs, and API call metadata for debugging and audit purposes.

We do not collect payment card numbers, social security numbers, or sensitive personal information beyond what is listed above.

3. How We Use Your Information

  • To perform the core Service: fetch Shopify payout data and post corresponding entries to QuickBooks Online.
  • To send transactional emails (sync failure alerts, onboarding status) via Resend.
  • To debug sync errors and respond to support requests.
  • To comply with legal obligations and enforce our Terms of Service.

We do not sell your data, and we do not use your financial data for advertising or profiling.

4. How We Store and Protect Your Data

All OAuth tokens (Shopify and QBO) are encrypted at rest using AES-256-GCM via the Lockbox library before being stored in our PostgreSQL database. Our servers are hosted on Hetzner Cloud (Ashburn, Virginia, USA) with network-level firewall rules restricting database access to the application container only.

Data in transit is protected by TLS 1.2+ enforced by our reverse proxy. We enforce HTTPS for all requests.

5. Data Sharing and Sub-processors

We share data only with the sub-processors required to operate the Service:

  • Hetzner Cloud — infrastructure hosting (EU/US)
  • Shopify — payout data source via their Payments API
  • Intuit (QuickBooks Online) — accounting data destination via their API
  • Resend — transactional email delivery

We do not share your data with any other third parties for commercial purposes.

6. Data Retention

We retain your data for as long as your account is active. When you uninstall the app or cancel your subscription, we delete your account data within 30 days unless a longer retention period is required by applicable law (e.g. financial recordkeeping obligations). Anonymised aggregate statistics may be retained indefinitely.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your data ("right to erasure" / "right to be forgotten").
  • Portability — receive your data in a machine-readable format.
  • Object to or restrict certain processing activities.
  • Opt out of sale (California residents under CCPA): we do not sell personal information, so this right is automatically honoured.

To exercise any of these rights, email [email protected]. We will respond within 30 days.

8. Cookies and Tracking

The PaydayBooks application runs inside the Shopify admin iframe and uses a session cookie required for authentication (HttpOnly, Secure). We do not use third-party tracking cookies, advertising pixels, or analytics SDKs. The public marketing website at paydaybooks.com does not set any cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active users by email at least 14 days before material changes take effect and update the "Last updated" date above. Continued use of the Service after the effective date constitutes acceptance of the revised policy.

Contact: [email protected]