Privacy Policy — Arctic Spas QBB
Arctic Spas QBO Bills (the “Software”) — an internal tool of Arctic Spas Ontario / Arctic Spas Kitchener (“we”, “us”, “our”).
Last updated: 2026-04-28
This policy describes how the Software handles data. The Software is an internal tool and is not made available to any third party or member of the public.
1. Data the Software accesses
The Software reads:
- PDFs stored on our local system
2. Data the Software does not collect
The Software does not collect, store, or transmit any personal data.
3. Data sharing
We do not share any data accessed or processed by the Software with any third party. All processing happens on Arctic Spas Ontario operator workstations.
4. Data retention
- OAuth tokens are stored in a local environment file readable only by the operator’s user account
- Parsed data is retained as JSON files alongside the original PDFs for audit, re-run, and reconciliation purposes. These files reside on Arctic Spas Ontario systems and are not transmitted elsewhere.
5. Security
OAuth tokens grant access only to our own company file. No customer-facing data is processed or exposed by the Software. We follow published security guidance for OAuth client applications, including refresh-token rotation and storage of secrets outside source control.
6. Changes to this policy
We may update this policy from time to time. The “last updated” date at the top reflects the current revision.
7. Contact
Questions about this policy: info@arcticspaskitchener.ca