Security
Your books stay in QuickBooks. Period.
Ollie Books is a pass-through connector. Your numbers are fetched live from QuickBooks at the moment you ask, returned to your own Claude session, and never stored on our servers. This page is the whole story — no fine print.

Pass-through architecture
We answer questions. We don’t keep data.
When you ask a question, the data is fetched live from QuickBooks at that moment, handed to your Claude session, and forgotten. There is no Ollie database of your books to breach, leak, or subpoena — because we never built one.
Step 1
You ask
A question lands in your Claude session — “which invoices are overdue?”
Step 2
We fetch, live
Ollie pulls exactly what the question needs from QuickBooks, at that moment. Not from a copy — there is no copy.
Step 3
The answer lands in your chat
The numbers go straight back to your own Claude session — and nowhere else. Our servers never store them.
Encryption
Locked at rest, locked in transit.
The little we do hold — the credentials that make the connection work — is encrypted at every stage.
At rest
OAuth tokens, AES-encrypted
The credentials that let QuickBooks talk to Ollie are AES-encrypted before they touch a disk.
In transit
TLS everywhere
Every request between you, Ollie, and Intuit travels over TLS. Nothing moves in the clear.
Per user
MCP tokens stored as hashes
Each person's connection token is stored as a hash — we can verify it, but nobody can read it back. Not even us.
The exact permission we ask for
Read-only. We can look, we can’t touch.
com.intuit.quickbooks.accountingOllie requests exactly one permission from Intuit: the read-only accounting scope. It lets us read your reports and invoices to answer questions. It does not let us write to, edit, or change your books — we couldn’t move a transaction if we tried.
Revoke anytime
Leaving takes one click.
Disconnect from inside Ollie with one click, or revoke Ollie Books from your Intuit account directly — either way, access dies immediately. No emails to send, no waiting period, no “are you sure?” gauntlet.
What we store
The boring list of what we actually keep.
Ollie Books keeps just enough to run your account — and none of your numbers. Never sold, never used to train AI.
We keep three things: your account email, your connection tokens (encrypted), and audit metadata — which tool ran, and when. Never the numbers. Your data is never sold, and never used to train AI. That's the whole list.
Account email
So you can sign in and we can reach you. That's the extent of it.
Encrypted tokens
The OAuth credentials that let QuickBooks talk to Ollie — AES-encrypted at rest, useless if stolen.
Audit metadata
Which tool ran and when, so you can see your own usage. The numbers themselves are never written down.
FAQ
The trust questions, answered straight
Everything people ask before connecting their books.
Still have a security question? Ask our team
Do you store my financial data?
No. Every answer is fetched live from QuickBooks at the moment you ask and returned straight to your Claude session. There is no Ollie database of your books — nothing to breach, leak, or subpoena.
What exactly can Ollie read in QuickBooks?
We request one permission from Intuit: the read-only accounting scope (com.intuit.quickbooks.accounting). It lets us read reports and invoices to answer your questions — and nothing more.
Can Ollie change or write anything to my books?
No. The scope we use is read-only, enforced by Intuit on their side — not just a promise on ours. We can't create, edit, or delete a single transaction.
How do I revoke access?
One click inside Ollie, or revoke Ollie Books directly from your Intuit account — either way, access dies immediately. No waiting period, no support ticket.
Is my data sold or used to train AI?
Never. Your data isn't sold, shared, or used to train AI models — ours or anyone else's. We store your account email, encrypted tokens, and audit metadata; the numbers pass through and are gone.