Privacy Policy

This Privacy Policy describes how RJK Sandbox (the "Service") collects, uses, and handles information when you use the Service. RJK Sandbox is a personal, access-restricted application and is not available to the general public.

We collect the following information:

• Google account information — When you sign in with Google, we receive your name, email address, and profile picture from Google. This information is used solely to authenticate you and identify your account within the Service.
• QuickBooks financial data— If you connect a QuickBooks Online account, the Service reads financial report data (such as Profit & Loss and Accounts Receivable) from your QuickBooks company. This data is fetched on demand and is not persistently stored on our servers beyond your active session.
• Usage data — Standard server logs may capture IP addresses, browser type, pages visited, and timestamps. This data is used for debugging and operational purposes only.

Information collected is used exclusively to:

• Authenticate and authorize your access to the Service;
• Display financial reports and dashboard data that you have requested;
• Maintain the security and integrity of the Service;
• Diagnose technical issues and improve Service performance.

We do not use your information for advertising, marketing, or any commercial purpose.

We do not sell, rent, or share your personal information with third parties except in the following limited circumstances:

• Service providers — We use Supabase for database hosting and Google for authentication. These providers process data on our behalf and are bound by their own privacy commitments.
• Legal requirements — We may disclose information if required to do so by law or in response to a valid legal process.

Account information (name and email) is stored in a Supabase-hosted database. QuickBooks financial data is not stored persistently — it is fetched from QuickBooks Online when you view a report and held only in your active session.

We implement reasonable technical measures to protect your information, including HTTPS encryption, HTTP-only session cookies, and access controls. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

The Service uses HTTP-only cookies to maintain your authenticated session and, where applicable, to store short-lived OAuth tokens for third-party integrations. These cookies are not accessible to client-side scripts and expire automatically. We do not use tracking cookies or third-party analytics cookies.

Account records are retained for as long as your access to the Service is active. If your access is revoked, your account data may be deleted upon request. Server logs are retained for a limited period for operational purposes.

You may request access to, correction of, or deletion of any personal information we hold about you by contacting the site operator. Requests will be honored within a reasonable timeframe.

The Service integrates with third-party platforms (Google, QuickBooks Online, Supabase). This Privacy Policy does not cover how those platforms handle your data. We encourage you to review their respective privacy policies.

We may update this Privacy Policy from time to time. Changes will be reflected by an updated effective date at the top of this page. Continued use of the Service after changes are posted constitutes your acceptance of the revised policy.

If you have questions or concerns about this Privacy Policy, please contact the site operator via the contact information provided within the Service.