Privacy Policy

Last updated: March 4, 2026

TinyStack is a private internal business management tool. This policy describes how we handle data accessed through the application.

1. Data We Access

Through authorized integrations, TinyStack accesses business data including customer records, invoices, and payment information from QuickBooks Online and Stripe. This data is used solely for internal account management and revenue reporting.

2. Data Storage

Application data is stored in a secured MongoDB Atlas database. OAuth tokens for third-party services are stored encrypted and are automatically refreshed. We do not sell, share, or distribute any accessed data to third parties.

3. Third-Party Services

TinyStack integrates with QuickBooks Online (Intuit), Stripe, and Fireflies.ai. Data accessed from these services is governed by their respective privacy policies. We request only the minimum scopes necessary for functionality.

4. Data Retention

We retain data only as long as necessary for business operations. Users can disconnect third-party integrations at any time, which revokes access tokens and removes cached data.

5. Access Control

Access to TinyStack is restricted to authorized users through role-based authentication. Only administrators can connect or disconnect third-party integrations.

6. Contact

For privacy-related inquiries, contact us at admin@tinystack.app.