Privacy Policy

Last updated: April 3, 2026

Operational CFO (“we,” “us,” or “our”) operates the website operationalcfo.ai and cfoos.ai (the “Service”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our websites or use our services.

1. Information We Collect

Information You Provide

• Account Information: Name, email address, and company name when you create an account or join our waitlist.
• Payment Information: Payment details are processed by Stripe. We do not store credit card numbers on our servers.
• Financial Data: When you connect QuickBooks Online, we access your financial reports (profit & loss, balance sheet, cash flow statement) in read-only mode. We never modify your accounting data.
• Assessment Responses: Answers you provide in our Business Health Diagnostic and CFO Readiness Assessment.

Information Collected Automatically

• Usage Data: Pages visited, features used, time spent, browser type, device information.
• Cookies: We use essential cookies for authentication and session management. We use httpOnly, secure cookies to store QuickBooks OAuth tokens.

2. How We Use Your Information

• To provide and maintain our Service, including generating AI-powered financial reports
• To process your subscription and payments
• To analyze your financial data and generate personalized insights (Monthly Pulse Reports)
• To communicate with you about your account, updates, and new features
• To improve our Service and develop new features
• To create anonymized, aggregated benchmarks (your individual data is never shared or identifiable)

3. How We Protect Your Financial Data

• Read-Only Access: We only request read-only access to your QuickBooks data. We cannot create, modify, or delete any records in your accounting system.
• Encryption: All data is transmitted over HTTPS/TLS encryption.
• Token Security: QuickBooks OAuth tokens are stored in secure, httpOnly cookies and will be migrated to encrypted database storage.
• AI Processing: Your financial data is sent to Anthropic's Claude AI for analysis. Anthropic does not use API inputs to train models. See Anthropic's Privacy Policy.
• No Selling of Data: We never sell, rent, or trade your personal or financial information to third parties.

4. Third-Party Services

We use the following third-party services:

• Stripe: Payment processing. See Stripe's Privacy Policy.
• Intuit/QuickBooks: Financial data access via OAuth. See Intuit's Privacy Statement.
• Anthropic (Claude AI): Financial data analysis. See Anthropic's Privacy Policy.
• Vercel: Website hosting. See Vercel's Privacy Policy.

5. Data Retention

We retain your account information for as long as your account is active. Financial data pulled from QuickBooks is processed in real-time for report generation and is not permanently stored on our servers. You may disconnect QuickBooks at any time, which revokes our access to your financial data.

6. Your Rights

You have the right to:

• Access, correct, or delete your personal information
• Disconnect QuickBooks and revoke data access at any time
• Cancel your subscription at any time
• Request a copy of data we hold about you
• Opt out of marketing communications

7. Children's Privacy

Our Service is not directed to individuals under 18. We do not knowingly collect personal information from children.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the “Last updated” date.

9. Contact Us

If you have questions about this Privacy Policy, contact us at:

Operational CFO
Email: [email protected]
Website: operationalcfo.ai