1. Stripe access
BookSynch connects to customer Stripe accounts through Stripe Connect OAuth with read-only scope. We never ask for, accept, or store customer Stripe secret API keys.
2. Token handling
OAuth access and refresh tokens are encrypted at rest through the application secret storage layer. Access can be revoked by disconnecting Stripe or from the Stripe Dashboard connected apps settings.
3. Data storage
Ledger data is stored only to generate and preserve monthly accounting reports. CSV exports are retained for customer access and audit history; transaction-level PII is redacted after Stripe disconnect according to the retention policy.
4. Operational controls
- Production sync refuses test-mode Stripe connections.
- Development sync refuses live-mode Stripe connections.
- Failed sync runs are visible in the dashboard and alerting pipeline.
- Generated CSVs are designed to be byte-identical when the same month is re-run.
5. Contact
Security questions or responsible disclosure: security@booksynch.com.