1. Who We Are
ARESTO is an all-in-one business management software designed for service entrepreneurs. We are based in Quebec, Canada. Contact us at pascal.boulianne@aresto.app.
2. Data We Collect
We collect the following information when you use ARESTO:
- Account data: Name, email address, company name
- Business data: Contacts, deals, invoices, jobs, and other records you create
- Usage data: Login timestamps, feature usage (for improving the service)
- Integration data: OAuth tokens for connected services (QuickBooks, Gmail) — stored encrypted
3. How We Use Your Data
- To provide and operate the ARESTO service
- To sync data with third-party integrations you explicitly connect (QuickBooks, Gmail)
- To send transactional emails (invoices, quotes) on your behalf
- To improve the service and fix issues
- To contact you about your account (billing, security, updates)
We do not use your data for advertising or sell it to third parties.
4. QuickBooks Data
When you connect QuickBooks Online, ARESTO accesses your QuickBooks accounting data (customers, invoices, tax codes) solely to provide the integration features. We store OAuth tokens securely to maintain the connection. We do not store your full QuickBooks financial data — only the data you explicitly push from ARESTO to QuickBooks.
Your QuickBooks data is governed by Intuit's Privacy Statement.
5. Gmail Data
When you connect Gmail, ARESTO accesses your emails solely to display them within the software and allow you to send emails on behalf of your business. We do not store email content beyond your active session. OAuth tokens are stored securely to maintain the connection.
ARESTO's use of Gmail data complies with the Google API Services User Data Policy, including the Limited Use requirements.
6. Data Storage & Security
Your data is stored on Supabase infrastructure (PostgreSQL), hosted on AWS in the US East region. We use:
- Encrypted connections (TLS/HTTPS) for all data in transit
- Row-level security to ensure your data is isolated from other users
- Encrypted storage for OAuth tokens and sensitive credentials
7. Data Retention
We retain your data for as long as your account is active. If you cancel your account, you may request a full export of your data within 30 days. After 30 days, your data will be permanently deleted from our systems.
8. Your Rights
You have the right to:
- Access all data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Export your data in a portable format (CSV/JSON)
- Withdraw consent for integrations at any time (disconnect QuickBooks, Gmail)
To exercise these rights, contact pascal.boulianne@aresto.app.
9. Third-Party Services
ARESTO integrates with the following third-party services:
- Supabase — database and authentication
- Intuit QuickBooks Online — accounting integration (optional)
- Google Gmail — email integration (optional)
- Resend — transactional email delivery
- Vercel — application hosting
Each third party has their own privacy policy governing their data practices.
10. Cookies
ARESTO uses localStorage and session storage to maintain your login session and user preferences. We do not use advertising or tracking cookies.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the Service after changes constitutes acceptance.
12. Contact Us
For privacy-related questions or requests:
Email: pascal.boulianne@aresto.app
Province of Quebec, Canada