# Privacy Policy
**WordPress Invoice Manager**
**Version:** 0.89
**Last Updated:** October 5, 2025
**Author:** Mike Hanlon
**Author URI:** https://wizseller.com
—
## 1. Introduction
This Privacy Policy describes how WordPress Invoice Manager (“the Software,” “we,” “us,” or “our”) collects, uses, stores, and protects information when you use our WordPress theme and its integrated features, including QuickBooks and Google Sheets integrations.
### 1.1 Scope
This Privacy Policy applies to:
– The WordPress Invoice Manager theme
– QuickBooks integration features
– Google Sheets integration features
– All data processed by the Software
### 1.2 Your Acceptance
By using the Software, you consent to this Privacy Policy. If you do not agree, please discontinue use of the Software immediately.
## 2. Information We Collect
### 2.1 Data Stored Locally in Your WordPress Database
The Software stores the following types of data in YOUR WordPress database (on YOUR server):
#### 2.1.1 Invoice and Client Data
– Client/customer names and contact information
– Invoice numbers, dates, and amounts
– Payment records and transaction details
– Tax information
– Custom fields and metadata
#### 2.1.2 QuickBooks Synchronized Data
When connected to QuickBooks, the Software stores:
– Customer information from QuickBooks
– Invoice data and transaction records
– Account information
– Payment history
– OAuth tokens (encrypted)
– Sync timestamps and status logs
#### 2.1.3 Google Sheets Synchronized Data
When connected to Google Sheets, the Software stores:
– Sheet data as configured by you
– OAuth tokens (encrypted)
– Sync timestamps and status logs
– Connection configurations
#### 2.1.4 System and Configuration Data
– User preferences and settings
– Dashboard configurations
– Widget layouts and preferences
– Error logs and diagnostic information
– API connection settings
– Sync frequency preferences
### 2.2 Data We Do NOT Collect
**IMPORTANT:** We do NOT:
– Collect or store data on our servers
– Have access to your WordPress database
– Track your usage of the Software
– Collect analytics or telemetry data
– Store your QuickBooks or Google credentials
– Share your data with third parties
– Use cookies or tracking mechanisms
All data remains on YOUR server in YOUR WordPress installation.
## 3. How We Use Information
### 3.1 Purpose of Data Collection
The Software collects and processes data solely for the following purposes:
#### 3.1.1 Core Functionality
– Display and manage invoices within WordPress
– Synchronize data with QuickBooks and Google Sheets
– Generate reports and analytics
– Search and filter invoice records
– Manage client relationships
#### 3.1.2 System Operations
– Maintain database connections
– Cache data for performance optimization
– Log errors for troubleshooting
– Authenticate API connections
– Schedule automated synchronization tasks
#### 3.1.3 User Experience
– Save user preferences and settings
– Remember dashboard configurations
– Maintain session state
– Display relevant notifications
### 3.2 Automated Processing
The Software includes automated processes:
– **Data Synchronization**: Automatic syncing with QuickBooks and Google Sheets at configured intervals
– **Cache Management**: Automatic cache refresh and cleanup
– **Token Refresh**: Automatic OAuth token renewal for maintained connections
– **Error Logging**: Automatic logging of system errors and issues
## 4. Third-Party Services
### 4.1 QuickBooks (Intuit Inc.)
#### 4.1.1 Data Sharing
When you connect QuickBooks, the Software:
– Accesses your QuickBooks data via the QuickBooks API
– Stores synchronized QuickBooks data in your WordPress database
– Sends requests to QuickBooks servers for data synchronization
#### 4.1.2 QuickBooks Privacy Policy
QuickBooks data is subject to Intuit’s Privacy Policy:
– **Intuit Privacy Policy**: https://www.intuit.com/privacy/
– **QuickBooks Terms**: https://quickbooks.intuit.com/legal/
#### 4.1.3 Your Control
You can:
– Disconnect QuickBooks at any time
– Revoke access via QuickBooks settings
– Control sync frequency
– Choose which data to synchronize
### 4.2 Google Sheets (Google LLC)
#### 4.2.1 Data Sharing
When you connect Google Sheets, the Software:
– Accesses specified Google Sheets via the Google Sheets API
– Stores synchronized sheet data in your WordPress database
– Sends requests to Google servers for data retrieval
#### 4.2.2 Google Privacy Policy
Google Sheets data is subject to Google’s Privacy Policy:
– **Google Privacy Policy**: https://policies.google.com/privacy
– **Google API Services**: https://developers.google.com/terms
#### 4.2.3 Your Control
You can:
– Disconnect Google Sheets at any time
– Revoke access via Google account settings
– Control sync frequency
– Choose which sheets to connect
### 4.3 Third-Party Disclaimer
We are not responsible for the privacy practices of third-party services (QuickBooks, Google Sheets). Please review their respective privacy policies.
## 5. Data Storage and Security
### 5.1 Storage Location
All data collected by the Software is stored:
– **Locally**: In your WordPress database on your server
– **Your Control**: You have complete control over this data
– **No External Storage**: We do not store your data on external servers
### 5.2 Security Measures
The Software implements the following security measures:
#### 5.2.1 OAuth 2.0 Authentication
– Secure authentication for QuickBooks and Google Sheets
– No storage of user credentials
– Encrypted token storage
– Automatic token refresh
#### 5.2.2 Data Protection
– WordPress capability checks for access control
– Nonce verification for AJAX requests
– SQL injection prevention through prepared statements
– XSS protection through data sanitization
#### 5.2.3 Access Controls
– Role-based access control (RBAC)
– WordPress user permission system
– Admin-only access to sensitive settings
– Capability requirements for all operations
### 5.3 Your Security Responsibilities
You are responsible for:
– Securing your WordPress installation
– Keeping WordPress, PHP, and MySQL updated
– Using strong passwords
– Implementing SSL/HTTPS
– Regular security audits
– Firewall and server security
– Regular backups
– User access management
### 5.4 Data Encryption
– **In Transit**: All API communications use HTTPS/TLS encryption
– **At Rest**: OAuth tokens are stored encrypted in the database
– **WordPress Standard**: Other data follows WordPress database security practices
## 6. Data Retention
### 6.1 Retention Period
Data is retained in your WordPress database until:
– You manually delete it
– You disconnect integrated services
– You uninstall the Software
### 6.2 Automated Cleanup
The Software includes automatic cleanup features:
– **Cache Expiration**: Cached data expires based on configured intervals
– **Log Rotation**: Error logs are limited to recent entries (configurable)
– **Token Refresh**: Expired OAuth tokens are automatically renewed or removed
### 6.3 Manual Data Deletion
You can delete data by:
– Using the Software’s delete functions
– Disconnecting integrated services
– Using WordPress database tools
– Uninstalling the Software
## 7. Data Access and Control
### 7.1 Your Rights
You have the right to:
– **Access**: View all data stored by the Software in your WordPress database
– **Modify**: Edit or update any stored information
– **Delete**: Remove any or all data at any time
– **Export**: Export data using WordPress export tools
– **Portability**: Move data to other systems or services
### 7.2 Accessing Your Data
You can access your data through:
– The Software’s user interface
– WordPress database management tools (phpMyAdmin, etc.)
– WordPress REST API
– Database export utilities
### 7.3 Disconnecting Services
To disconnect and remove data from integrated services:
#### QuickBooks
1. Navigate to **Tools → QuickBooks** in WordPress admin
2. Click **Disconnect** for the account you want to remove
3. Optionally clear cached data from the database
#### Google Sheets
1. Navigate to **Tools → Google Sheets** in WordPress admin
2. Click **Disconnect** for the sheet you want to remove
3. Optionally clear cached data from the database
## 8. Compliance with Privacy Laws
### 8.1 GDPR Compliance (European Union)
For users in the European Union, the Software provides:
– **Right to Access**: You can access all your data
– **Right to Rectification**: You can modify incorrect data
– **Right to Erasure**: You can delete your data
– **Right to Portability**: You can export your data
– **Right to Object**: You can object to data processing
**Legal Basis for Processing**: Processing is based on consent and contractual necessity.
### 8.2 CCPA Compliance (California)
For California residents, you have:
– The right to know what personal information is collected
– The right to delete personal information
– The right to opt-out of sale (Note: We do not sell data)
– The right to non-discrimination
### 8.3 PIPEDA Compliance (Canada)
For Canadian users:
– Data is collected only for legitimate purposes
– You are informed about data collection and use
– You can access and correct your information
– Data is protected with appropriate safeguards
### 8.4 Other Jurisdictions
If you are subject to other privacy laws, please contact us to understand how we comply with your local regulations.
## 9. Children’s Privacy
The Software is not intended for use by individuals under the age of 18. We do not knowingly collect information from children. If you believe a child has provided information through the Software, please contact us immediately.
## 10. Data Breach Notification
### 10.1 Our Responsibility
In the unlikely event of a data breach affecting the Software:
– We will notify users via email or website notice
– We will provide details about the nature of the breach
– We will offer guidance on protective measures
### 10.2 Your Responsibility
Since all data is stored on YOUR server:
– You are responsible for monitoring your server security
– You should implement breach detection measures
– You must comply with breach notification laws in your jurisdiction
– You should have an incident response plan
## 11. Cookies and Tracking
### 11.1 No Tracking
The Software does NOT:
– Use cookies for tracking
– Implement analytics or telemetry
– Track user behavior
– Share data with advertising networks
### 11.2 WordPress Cookies
The Software relies on standard WordPress cookies:
– **Session Cookies**: For maintaining logged-in state
– **Authentication Cookies**: For WordPress user authentication
These cookies are managed by WordPress core, not by our Software.
## 12. International Data Transfers
### 12.1 Data Location
All data is stored on YOUR WordPress server:
– Data location depends on where YOUR server is hosted
– No automatic international transfers occur
– You control where your data resides
### 12.2 Third-Party Services
When using QuickBooks or Google Sheets:
– Data is transmitted to their respective servers
– Intuit and Google operate globally with data centers worldwide
– Their privacy policies govern international data transfers
## 13. Changes to This Privacy Policy
### 13.1 Updates
We may update this Privacy Policy from time to time. Changes will be effective:
– When posted in the Software documentation
– Upon your continued use of the Software
### 13.2 Notification
We will notify you of significant changes by:
– Updating the “Last Updated” date at the top of this policy
– Posting a notice in the Software’s admin interface (when applicable)
– Sending an email (if we have your contact information)
### 13.3 Your Responsibility
You should:
– Review this Privacy Policy periodically
– Check for updates when updating the Software
– Contact us if you have questions about changes
## 14. Your Consent
### 14.1 How You Provide Consent
By using the Software, you consent to:
– This Privacy Policy
– Collection and processing of data as described
– Integration with third-party services you connect
### 14.2 Withdrawing Consent
You can withdraw consent at any time by:
– Disconnecting integrated services
– Deleting stored data
– Uninstalling the Software
## 15. Contact Information
### 15.1 Questions and Concerns
For questions, concerns, or requests regarding this Privacy Policy or your data:
**Mike Hanlon / WizSeller**
Website: https://wizseller.com
Email: [Your Contact Email]
### 15.2 Data Subject Requests
To exercise your rights under privacy laws (access, deletion, portability, etc.):
1. Contact us using the information above
2. Provide sufficient information to verify your identity
3. Specify which rights you wish to exercise
4. Allow reasonable time for us to respond (typically 30 days)
## 16. Disclaimer
### 16.1 Software Limitation
This Privacy Policy applies to the WordPress Invoice Manager software itself. It does NOT apply to:
– Your WordPress installation
– Your hosting provider’s practices
– Third-party plugins you use
– Themes or other software on your server
### 16.2 Third-Party Services
We are not responsible for the privacy practices of:
– Intuit/QuickBooks
– Google/Google Sheets
– Your hosting provider
– Other third-party services you integrate
### 16.3 Your Privacy Policy
**IMPORTANT**: This Privacy Policy describes how the Software handles data. If you use the Software for your business:
– You may need your own privacy policy for your customers/users
– You are the data controller for data you collect
– You are responsible for compliance with applicable privacy laws
– Consult legal counsel for your specific requirements
## 17. Acknowledgment
By using WordPress Invoice Manager, you acknowledge that:
– You have read and understood this Privacy Policy
– You consent to the collection and use of information as described
– You understand your rights and responsibilities
– You understand how to exercise your privacy rights
—
**Last Updated:** October 5, 2025
**Version:** 1.0
**Software Version:** 0.89
For the most current version of this Privacy Policy, please check the documentation included with the Software.