Privacy Policy
Last updated: July 7, 2026
This Privacy Policy explains how AppBridge Add-ons collects, uses, stores, and protects information when you visit our website, contact us, or use our add-ons and integrations.
1. Information We Collect
Account and Contact Information
- Name
- Email address
- Company name
- Workspace or organization name
- Support messages, demo requests, and contact form submissions
Integration Data
When you connect third-party applications, we may process data needed to provide the integration, including:
- Clockify workspace ID, user ID, client data, invoice metadata, invoice totals, and invoice status.
- QuickBooks company ID, customer records, invoice metadata, tax-related settings, and sync results.
- OAuth authorization records, access tokens, refresh tokens, token expiry data, and connection status.
- Synchronization history, duplicate prevention records, configuration settings, and error logs.
Technical and Usage Data
- IP address
- Browser and device information
- Pages visited
- Request logs and server logs
- Error logs and performance data
- Approximate location derived from IP address
2. How We Use Information
- Provide, operate, and maintain the website and add-ons.
- Authenticate and authorize third-party integrations.
- Synchronize invoices and related workflow data.
- Prevent duplicate invoice synchronization.
- Store workspace configuration and user preferences.
- Provide customer support and troubleshoot issues.
- Improve product reliability, security, and performance.
- Detect abuse, unauthorized access, or technical problems.
- Comply with legal, security, and operational obligations.
3. Service Providers and Infrastructure
Vercel
We may use Vercel for hosting, deployment, serverless functions, request handling, and performance monitoring. Vercel may process technical information such as IP addresses, request metadata, and server logs.
Supabase
We may use Supabase for database storage, authentication-related records, workspace configuration, synchronization history, OAuth-related records, and operational logs.
Clockify
If you connect Clockify, we may access the workspace, user, client, invoice, and time-tracking information required to provide the selected integration.
QuickBooks / Intuit
If you connect QuickBooks, we may use Intuit OAuth and QuickBooks APIs to access company, customer, invoice, and accounting-related information needed for synchronization.
4. OAuth Tokens and Security
OAuth tokens and similar credentials should be stored server-side and used only to provide authorized integration functionality. We do not intentionally expose tokens in the browser.
5. Cookies and Similar Technologies
We may use cookies or similar technologies for authentication, sessions, preferences, analytics, security, and product functionality.
6. Data Sharing
We do not sell your personal information. We may share information with service providers only as needed to provide infrastructure, hosting, storage, analytics, security, support, or integration functionality.
7. Data Retention
We retain information for as long as needed to provide the service, maintain integration history, support troubleshooting, prevent duplicate syncs, comply with legal obligations, resolve disputes, and protect the service from abuse.
8. International Data Transfers
Our infrastructure providers may process information in countries outside your own. Where required, we rely on appropriate safeguards for international data transfers.
9. Data Security
We use reasonable technical and organizational measures designed to protect information, including HTTPS, server-side token handling, access controls, logging, and secure infrastructure practices. However, no method of transmission or storage is completely secure.
10. Your Rights
Depending on your location, including if you are in the European Economic Area, United Kingdom, or other regions with privacy laws, you may have rights to:
- Access your personal data.
- Correct inaccurate data.
- Request deletion of data.
- Restrict or object to processing.
- Request data portability.
- Withdraw consent where processing is based on consent.
11. Children’s Privacy
The service is intended for business users and is not directed to children.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Updated versions will be posted on this page with a revised “Last updated” date.
13. Contact
For privacy requests or questions, contact us at privacy@yourdomain.com.
Note: This document is a practical website template and should be reviewed by a qualified legal professional before production use.