Privacy Policy | Silkview Connect

Plain-English summary: Silkview Connect does not store your Stripe or Xero financial data. We only store your account credentials, encrypted OAuth tokens to connect to Stripe and Xero on your behalf, and billing information. All financial data stays in Excel on your device or in Xero and Stripe's own systems.

1. Overview

Silkview Connect ("we", "us", "our") provides an Excel add-in that enables accountants and bookkeepers to pull financial data from Stripe and push accounting entries to Xero. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our service.

By using Silkview Connect, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use our service.

2. Who we are

Silkview Connect is operated by Silkview Systems, registered in Australia (ABN: 47 369 039 956).

For privacy enquiries, contact our Privacy Officer at admin@silkview.org.

We are subject to the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). For users located in the European Economic Area, we also comply with the General Data Protection Regulation (GDPR) where applicable.

3. Data we collect

We collect the minimum data necessary to operate the service:

Data type	What we store	Why
Account information	Name, email address, account name, role (owner/member)	To create and manage your Silkview Connect account and provide access
Authentication	Hashed password (via Supabase Auth). We never store your password in plain text.	To authenticate you when you sign in
Workspace data	Workspace names, creation dates, which users are members	To organise your connections per client or entity
Xero OAuth tokens	Encrypted access token, encrypted refresh token, token expiry, Xero tenant ID and tenant name	To connect to Xero on your behalf to pull account codes and push journal entries
Stripe OAuth tokens	Encrypted access token, Stripe account ID, display name, live/test mode flag	To connect to Stripe on your behalf to pull balance transactions and payout data
Billing information	Stripe Customer ID, subscription ID, plan name, subscription status, renewal date. Card details are held exclusively by Stripe — we never see or store them.	To manage your subscription and send billing notifications
Usage data	API request logs (timestamp, endpoint, HTTP status code, anonymised user ID). No financial data is logged.	For debugging, security monitoring, and service reliability
Session data	Session tokens stored in encrypted cookies	To keep you signed in across the web dashboard and Excel add-in

4. What we do not store

This is important to understand:

We do not store Stripe transaction data. Balance transactions, charges, payouts, refunds, and disputes are fetched from Stripe and written directly to your Excel workbook. They are not saved to our servers.
We do not store Xero accounting data. Account codes, journal entries, and bank transactions that you push to Xero are sent directly from your Excel workbook to the Xero API. We do not retain copies.
We do not store your Excel files or workbook content. Your spreadsheets remain on your device or in Microsoft's infrastructure.
We do not store your Xero account mappings. Account code mappings and column configurations are stored in your Excel workbook only.
We do not sell your data to any third party, ever.

5. How we use your data

We use the data we collect solely to:

Provide and operate the Silkview Connect service
Authenticate your identity and enforce plan limits (user and workspace counts)
Connect to Stripe and Xero APIs on your behalf using your stored OAuth tokens
Process subscription payments via Stripe Billing
Send transactional emails (account invitations, billing receipts, security alerts)
Monitor service health and investigate security incidents
Comply with legal obligations

We do not use your data for advertising, profiling, or any purpose beyond operating the service described above.

6. OAuth token security

Your Xero and Stripe OAuth tokens give us access to your financial systems. We treat them with the highest level of protection:

Encryption at rest: All tokens are encrypted using AES-256-GCM before being written to our database. The encryption key is stored separately in our server environment and never in the database itself.
Encryption in transit: All data transmitted between the Excel add-in, our servers, and third-party APIs uses TLS 1.2 or higher.
Minimum scope: Stripe OAuth tokens are requested with read_only scope — we cannot move money or modify your Stripe account. Xero tokens are scoped to accounting.transactions, accounting.settings, and offline_access only.
Access control: Tokens are only decrypted server-side at the moment of an API call. They are never exposed to the browser or Excel add-in frontend.
Token refresh: Xero tokens are refreshed automatically before expiry. You are notified in the dashboard if a reconnection is required.
Revocation: You can disconnect Xero or Stripe connections at any time from your workspace dashboard. This immediately deletes the stored tokens from our database.

7. Third-party services

We use the following sub-processors to operate our service:

Provider	Purpose	Data shared	Location
Supabase	Database and authentication	Account data, encrypted tokens, workspace data	Australia (AWS ap-southeast-2)
Vercel	API hosting and add-in hosting	Request logs (no financial data)	Sydney, AU region
Stripe	Subscription billing and payment processing	Name, email, billing address for invoicing	United States
Xero	Accounting data access (via OAuth)	OAuth tokens only — your Xero data is never forwarded to us	New Zealand / Australia
Microsoft (AppSource)	Excel add-in distribution	Add-in installation data per Microsoft's privacy policy	Per Microsoft's policy

We do not share your personal information with any other third parties except as required by law.

8. Data retention

Active accounts: We retain your account data for as long as your account is active.
Deleted workspaces: When you delete a workspace, all associated OAuth tokens are permanently deleted immediately.
Cancelled subscriptions: Account data is retained for 90 days after cancellation to allow reactivation, then permanently deleted.
Deleted accounts: When you delete your account, all personal data (account details, encrypted tokens, workspace data) is permanently and irreversibly deleted within 30 days.
Billing records: We are required to retain billing records for 7 years to comply with Australian tax law (Tax Administration Act 1953).
Server logs: Anonymised API request logs are retained for 90 days for security monitoring, then deleted.

9. Your rights

Australian users (Privacy Act 1988)

Under the Australian Privacy Principles, you have the right to:

Access the personal information we hold about you
Request correction of inaccurate information
Request deletion of your personal information (subject to legal retention requirements)
Complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au if you believe we have breached your privacy

EEA/UK users (GDPR)

If you are located in the European Economic Area or United Kingdom, you additionally have the right to:

Portability of your personal data in a machine-readable format
Object to processing and request restriction of processing
Lodge a complaint with your local data protection authority

To exercise any of these rights, email admin@silkview.org. We will respond within 30 days.

10. Children's privacy

Silkview Connect is a professional accounting tool intended for use by adults. We do not knowingly collect personal information from anyone under 18 years of age. If you believe a minor has provided us with personal information, please contact us immediately.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email to your registered address and by posting a prominent notice in the dashboard. Continued use of the service after the effective date of any changes constitutes acceptance of the updated policy.

Previous versions of this policy are available on request.

12. Contact us

For any privacy questions, data access requests, or to report a concern:

Email: admin@silkview.org
Response time: We aim to respond to all privacy enquiries within 5 business days.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner at oaic.gov.au or call 1300 363 992.