Privacy Policy

1. Information We Collect

We collect information you provide directly: name, email address, company name, and financial data you upload or connect through accounting platform integrations (QuickBooks Online, Xero).

We automatically collect: IP addresses, browser type, access times, and pages viewed through server logs and session cookies.

2. How We Use Your Information

We use your information to: provide bookkeeping, controller, and fractional CFO services; generate financial reports and dashboards; process invoices and manage accounts receivable/payable; communicate about your account and our services.

3. Data Security

We implement industry-standard security measures including: HMAC-SHA256 signed session cookies, HTTPS encryption in transit, tenant isolation ensuring clients cannot access other clients' data, rate limiting on authentication endpoints, and HTML sanitization on all user inputs.

4. Third-Party Services

We integrate with QuickBooks Online and Xero via their official APIs. Your accounting data is accessed only with your explicit authorization through OAuth. We do not sell or share your financial data with third parties for marketing purposes.

5. Data Retention

We retain your data for the duration of our service agreement plus 7 years as required by Canadian tax regulations. You may request data export or deletion subject to legal retention requirements.

6. Your Rights

You have the right to: access your personal data, correct inaccuracies, request deletion (subject to legal requirements), export your data in a portable format, and withdraw consent for optional data processing.

7. Contact

For privacy inquiries, contact us at privacy@lyraadvisory.ca or Lyra Advisory Inc., Toronto, ON, Canada.