Privacy Policy

Application: 6 Piston Shop Board
Provider: 6 Piston Diesel Repair
Effective Date: May 14, 2026
Last Updated: May 14, 2026

1. Overview

This Privacy Policy describes how 6 Piston Diesel Repair ("we", "us", "Provider") collects, uses, stores, and protects information in connection with the 6 Piston Shop Board application (the "Application"). The Application is an internal business tool used exclusively by 6 Piston Diesel Repair and is not offered to the general public.

2. Scope

This Policy applies only to the Application. It does not apply to any third-party services, including Intuit QuickBooks Online, which have their own privacy practices.

3. Information We Collect

From Users (Shop Staff):

Authentication credentials (4-digit PIN) for shop staff login
User-entered data including work order updates, customer records, vehicle records, appointments, and to-do items
Activity timestamps and basic usage logs for internal accountability

From Intuit QuickBooks Online API:

Company information for the connected QuickBooks Online account
Invoice data, payment data, and customer balance summaries
OAuth access and refresh tokens needed to maintain the connection

4. How We Use Information

We use information collected by the Application solely for the following internal business purposes:

Operating the shop dashboard and displaying business data to authorized staff
Tracking work orders, appointments, and shop workflow
Displaying summarized QuickBooks Online financial data (invoices, payments, balances) for business review
Sending internal email notifications and calendar invites to shop staff and customers
Maintaining the security and integrity of the Application

5. How Information Is Stored

All Application data is stored locally on shop computer systems controlled by 6 Piston Diesel Repair. We do not transmit user data or QuickBooks Online data to any external cloud service, analytics platform, or third party, except as required to communicate with the Intuit Developer API itself.

6. OAuth Tokens and Security

The Application stores OAuth access tokens and refresh tokens issued by Intuit in a configuration file on the shop computer, accessible only to the local Application server process. Tokens are used solely to authenticate API requests to QuickBooks Online on behalf of the authorized 6 Piston Diesel Repair company account.

7. Information Sharing

We do not sell, rent, or share information collected by the Application with any third party. The only outbound data transmissions are:

API requests to Intuit QuickBooks Online, required to retrieve financial data
Internal email and calendar invite notifications sent through Gmail to shop staff and customers, as initiated by authorized users

8. Data Retention

Application data is retained for as long as needed for legitimate business operations. OAuth tokens are retained until the connection is disconnected or expires, at which point they are deleted from the configuration file. Users may request deletion of their personal data by contacting the Provider.

9. Data Security

We protect Application data using:

Local network and operating system access controls
PIN-based authentication for all user accounts
HTTPS for all communication with the Intuit Developer API and any public-facing endpoints
HttpOnly session cookies with SameSite=Strict to prevent cross-site exploitation
Standard OS-level file permissions on credential and token storage files
Regular software updates applied to the host operating system

No system is perfectly secure. While we take reasonable precautions, we cannot guarantee absolute security.

10. User Rights

Authorized users of the Application may, at any time:

Request information about data collected about them
Request correction or deletion of their personal data
Request that the QuickBooks Online connection be disconnected

11. Disconnecting the QuickBooks Online Integration

The QuickBooks Online integration may be disconnected at any time by:

Visiting the disconnect URL within the Application, or
Revoking the Application's authorization from within the connected QuickBooks Online account's Apps & Subscriptions page

Upon disconnection, stored OAuth tokens are deleted, and the Application immediately ceases all API access to QuickBooks Online data.

12. Children's Privacy

The Application is intended solely for use by adult employees and authorized representatives of 6 Piston Diesel Repair. It is not directed at and does not knowingly collect information from children under the age of 13.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date indicates the most recent revision. Continued use of the Application after changes constitutes acceptance of the updated Policy.

14. Contact

For privacy questions or requests, contact:
6 Piston Diesel Repair
Email: dspears@6pistondieselrepair.com