Effective Date: March 4, 2026
Shorestack Books ("we," "us," or "our") is a product of Days Management LLC. This Privacy Policy explains how we collect, use, store, and protect your information when you use the Shorestack Books application ("the Service") available at shorestack.io/books.
When you create an account, we collect your email address and, if you sign in via Google OAuth, your name and Google profile information. We use Supabase for authentication and cloud storage.
You may import bank statements (CSV, OFX/QFX files) and manually enter financial transactions. This data includes transaction descriptions, amounts, dates, categories, vendor names, invoice details, and bill records. This data is stored locally in your browser (IndexedDB) and optionally synced to our cloud database.
If you choose to connect your bank account via Plaid, Plaid will collect your bank login credentials directly — we never see or store your bank password. Through Plaid, we receive account balances, transaction history, and account metadata (account name, type, and last four digits of the account number). Plaid access tokens are stored encrypted in our cloud database and are never exposed to the frontend application. For more information about how Plaid handles your data, please see Plaid's Privacy Policy.
If you use the receipt scanning feature, images of receipts are sent to a third-party OCR service (OpenAI) for text extraction. We send only the image data necessary for processing. Extracted text (vendor, amount, date) is stored as part of your transaction records. Receipt images are stored locally and optionally in cloud storage.
We collect basic usage data including which features you use, your experience level setting (Essential/Pro), and error logs to improve the Service. We do not use third-party analytics trackers.
We use your information to:
Shorestack Books is designed as a local-first application. Your financial data is stored primarily in your browser's IndexedDB storage and works fully offline. Cloud sync is optional and transparent.
When cloud sync is enabled, your data is stored in a Supabase-hosted PostgreSQL database. All data is encrypted at rest using AES-256 encryption. All data transmitted between your browser and our servers is encrypted in transit using TLS 1.2 or higher.
Exported backup files can be encrypted with AES-256-GCM encryption using a password you choose. We never have access to your backup encryption passwords.
Our cloud database uses Row Level Security (RLS) policies ensuring you can only access your own data. Plaid access tokens are stored server-side only and are never sent to the frontend application. Our team access feature uses role-based access control (RBAC) with four permission levels.
The application includes configurable inactivity auto-logout (15, 30, or 60 minutes) to protect your data on shared devices. Authentication tokens are refreshed automatically and securely.
We use the following third-party services to provide the Service:
We do not sell, rent, or share your personal or financial data with any third parties for marketing or advertising purposes.
Your financial data is retained in our cloud database for as long as your account is active. Local data (IndexedDB) persists until you clear your browser data or use the Data Maintenance tools within the application.
You may request deletion of your account and all associated cloud data at any time by contacting us at contact@shorestack.io. Upon receiving a deletion request, we will:
Local data stored in your browser is under your control and can be cleared at any time through your browser settings or the application's Data Maintenance tools.
When you disconnect a bank connection, we immediately revoke the Plaid access token and delete connection records from our database. Previously synced transaction data remains in your account unless you delete it.
You have the right to:
Shorestack Books is not intended for use by individuals under 18 years of age. We do not knowingly collect information from children.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a new effective date. Your continued use of the Service after changes constitutes acceptance of the updated policy.
By creating an account and using Shorestack Books, you consent to the collection, processing, and storage of your data as described in this Privacy Policy. When connecting a bank account through Plaid, you provide explicit consent through the Plaid Link authorization flow.
If you have questions about this Privacy Policy or how we handle your data, contact us at:
Days Management LLC
Email: contact@shorestack.io
Product: Shorestack Books — shorestack.io/books