Owner BriefPrivacy Policy

Legal

Privacy Policy

Effective Date: March 23, 2026

Last Updated: March 23, 2026

Continuum Consulting LLC ("we," "us," or "our") operates Owner Brief (ownerbrief.com), a software-as-a-service product that generates weekly AI-powered financial briefings for small business owners using data from their QuickBooks or Xero accounts. This Privacy Policy describes how we collect, use, store, and protect your information when you use our service.

By creating an account or using Owner Brief, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the service.

1. Information We Collect

1.1 Account Information

When you create an account, we collect your email address and password (stored as a cryptographic hash, never in plain text). During onboarding, we collect your business name, industry, fiscal year start month, payroll schedule, preferred timezone, and your first name (used to personalize your Brief).

1.2 Financial Data from Connected Accounting Platforms

When you connect your QuickBooks or Xero account via OAuth 2.0, we request read-only access to your accounting data. We do not have the ability to modify, create, or delete any records in your accounting system. The data we access includes:

  • Revenue and income transactions (invoices, payments received)
  • Expense transactions (bills, payments made)
  • Accounts receivable aging data
  • Cash and bank account balances
  • Customer and vendor names associated with transactions
  • Chart of accounts information

We access this data solely to generate your weekly financial Brief. We store a summarized snapshot of the data used for each Brief (not a full copy of your accounting records) to enable Brief history and quality assurance.

1.3 OAuth Tokens

When you authorize a connection to QuickBooks or Xero, the accounting platform issues access and refresh tokens. We encrypt these tokens using AES-256-GCM encryption before storing them. These tokens allow us to retrieve your financial data on a recurring basis to generate your Briefs. You may revoke access at any time by disconnecting your account within Owner Brief or by revoking access directly within your QuickBooks or Xero account settings.

1.4 Payment Information

Payment processing is handled by Braintree (a PayPal company). We do not store your credit card number, CVV, or full payment card details on our servers. Braintree provides us with a customer identifier and subscription status, which we store to manage your account. Braintree's privacy policy governs their handling of your payment information.

1.5 Usage Data

We collect basic usage data including Brief open rates, login timestamps, and feature usage patterns. This data is used to improve the service and is not sold or shared with third parties.

1.6 Cookies

We use essential cookies to maintain your authenticated session. We do not use advertising cookies or third-party tracking cookies.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To generate your personalized weekly financial Brief
  • To deliver your Brief via email using SendGrid (our email delivery provider)
  • To manage your account, subscription, and billing
  • To enforce our quality gate system, which validates Brief accuracy before delivery
  • To provide customer support
  • To improve the accuracy and relevance of our AI-generated analysis
  • To send transactional emails related to your account (signup confirmation, billing receipts, connection status alerts)

We do not use your financial data for any purpose other than generating your Brief and supporting your account. We do not sell, rent, or share your personal or financial data with third parties for their marketing purposes.

3. AI Processing

Owner Brief uses artificial intelligence (currently OpenAI's GPT-4o) to analyze your financial data and generate your weekly Brief. When generating a Brief:

  • A structured, anonymized data payload (containing dollar amounts, percentages, and trends — not raw transaction records) is sent to the AI provider for processing.
  • The AI provider processes this data to generate the Brief text and does not retain your data for model training, in accordance with OpenAI's data usage policies for API customers.
  • We do not include your name, email, business name, or customer/vendor names in the data sent to the AI provider unless specifically required for Brief personalization (e.g., your first name in the greeting).

4. Data Storage and Security

Your data is stored on servers provided by Supabase (PostgreSQL databases hosted on Amazon Web Services in the United States). We implement the following security measures:

  • All data is encrypted in transit using TLS 1.2 or higher
  • OAuth tokens are encrypted at rest using AES-256-GCM
  • Database access is restricted through Row Level Security (RLS) policies
  • Administrative access to production systems requires multi-factor authentication
  • We do not store plaintext passwords

5. Data Retention

  • Account data: Retained for the duration of your account plus 30 days after deletion.
  • Brief history and data snapshots: Retained for the duration of your account. You may request deletion at any time.
  • OAuth tokens: Deleted immediately when you disconnect an accounting platform or delete your account.
  • Payment records: Retained as required by applicable tax and financial regulations.

6. Third-Party Services

We use the following third-party services to operate Owner Brief:

ServicePurpose
SupabaseDatabase and authentication
OpenAIAI Brief generation
SendGrid (Twilio)Email delivery
Braintree (PayPal)Payment processing
VercelApplication hosting
Intuit QuickBooksAccounting data (via OAuth)
XeroAccounting data (via OAuth)

7. Your Rights

You have the right to:

  • Access your personal data by logging into your account
  • Correct your personal data through your account settings
  • Delete your account and associated data by contacting us at support@ownerbrief.com
  • Disconnect your QuickBooks or Xero account at any time
  • Export your Brief history by contacting us at support@ownerbrief.com
  • Opt out of non-essential emails (note: transactional emails related to your Brief delivery and account status cannot be opted out of while your account is active)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your personal information, and the right to opt out of the sale of personal information. We do not sell personal information.

8. Children's Privacy

Owner Brief is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by sending an email to the address associated with your account or by posting a notice on our website. Your continued use of the service after such changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Continuum Consulting LLC

support@ownerbrief.com

Dover, New Hampshire, USA

© 2026 Continuum Consulting LLC

Terms of ServicePrivacy Policy