Effective: January 19, 2026

Privacy Policy

How we collect, use, and safeguard your information — especially regarding your QuickBooks Online integration and AI-assisted communications.

Last updated: January 19, 2026

§1

Information we collect

To provide our financial dashboard, AI insurance closer, and submission-node operations, we collect the following categories of information:

  • Account information: Name, email address, and business details provided during registration.
  • Financial data (via QuickBooks Online): When you authorize LegacyCore via OAuth 2.0, we sync data including Invoices, Expenses, and Company Information.
  • Technical data: IP addresses, browser type, and usage statistics via our hosting provider, Vercel.
§2

How we use your data

We use your data strictly to provide the services offered by LegacyCore, including:

  • Synchronizing financial records to populate your dashboard
  • Generating financial insights and reports
  • Providing customer support and technical troubleshooting

Non-disclosure:We do NOT sell, rent, or trade your personal or financial data to third parties for marketing purposes.

§3

OAuth 2.0 and security

LegacyCore utilizes the OAuth 2.0 protocol to access your QuickBooks Online data without ever seeing or storing your Intuit password.

Encryption

All access and refresh tokens are encrypted at rest using AES-256.

Infrastructure

Hosted on Vercel with secure environment variables for credentials.

Data in transit

All data transmission is encrypted using TLS 1.2 or higher.

§4

Data sharing

We share data only with necessary service providers:

Intuit (QuickBooks Online)

To retrieve the financial data you have authorized.

Vercel

For hosting and application performance monitoring.

§5

AI-assisted communications

Voice and text communications with LegacyCore may be handled by AI-assisted voice agents or AI-drafted text content. Where required by applicable state law, the AI agent identifies itself at the start of each call. Personal information collected during AI-assisted communications — including health information collected for insurance application purposes — is handled under the same data-protection practices described elsewhere in this policy. AI-assisted call transcripts are stored for compliance, quality-assurance, and training purposes. You may request access to or deletion of AI-assisted communication records by contacting us. You may also opt out of AI-assisted contact at any time by replying STOP to SMS or by request during a voice call. See /legal/recruiting-disclosures for the full AI communication disclosure.

§6

Your rights

Right to access

Request a copy of the data we hold about you.

Right to deletion

Request deletion of your account and synced data.

Right to disconnect

Revoke QBO access via Intuit or LegacyCore.

§7

Data retention

We retain your financial data only as long as your account is active and connected. If you disconnect or terminate your subscription, we will delete your synced data within 30 days.