Privacy isn't a feature.
It's the foundation.

SheetLink never stores your financial data. Transactions flow from Plaid to your spreadsheet, nowhere else. Available now on the Free Tier. Connect real bank accounts for free.

In plain language (TL;DR)

SheetLink never sees, stores, or sells your banking data.

All sensitive data flows directly between Plaid, your browser, and your Google Sheet. Our servers only handle short-lived, encrypted token exchanges so the extension can communicate securely with your bank. Transaction data never touches our database.

We:

Do store: encrypted Plaid access tokens, Google user ID, email address (for authenticated users), subscription tier (FREE/BASIC/PRO), linked sheet metadata (ID and title), institution names, and minimal sync metadata.
Do store (in browser only): JWT authentication tokens with 60-minute expiry, stored locally in Chrome's secure storage.
Do not store: transactions, balances, categories, or anything about your banking activity. We also never store your Google OAuth tokens or sheet contents.
Do not sell or share any data, ever.

You can delete all your data at any time.

How your data flows

SheetLink is designed to be a transparent data pipe, not a data vault.

Plaid → SheetLink API

Token exchange only (no transaction data)

SheetLink API → Plaid

Fetch transactions using encrypted token

SheetLink API → Your Browser

Returns JSON (deleted immediately after)

Your Browser → Your Google Sheet

Data written directly by the extension

✅ SheetLink never stores your transaction history.

Privacy Guarantee:

SheetLink is a pass-through integration, not a data warehouse. When you sync, transaction data flows through our servers for less than a second, just long enough to fetch from Plaid and return to your browser. Nothing is cached or logged.

What we store vs. what we don't

What We Store

✓ Encrypted Plaid access tokens
✓ Google user identifier (email or stable Google ID)
✓ Linked sheet metadata (sheet ID, title)
✓ Plaid metadata: item_id, institution_id, cursor, timestamps
✓ Minimal operational logs (non-PII)

We use Fernet encryption (AES-128-CBC + HMAC) to store Plaid tokens at rest. Only encrypted values are stored in our database.

What We Don't Store

✗ Transaction line items (amounts, merchants, categories, dates)
✗ Account balances or transaction history
✗ Bank usernames or passwords (handled exclusively by Plaid)
✗ Google OAuth tokens (these remain in your browser)
✗ Contents of your Google Sheets

Explicitly: We do NOT store your transaction details, balances, or any identifiable financial activity. Transaction data flows through our servers for less than a second during sync, then is immediately discarded.

Google OAuth & Callback Page

When you authorize Google Sheets access, SheetLink uses a client-side OAuth flow that keeps your token completely private:

Extension opens Google OAuth in a popup window
You authorize Google Sheets access via Google's secure page
Google redirects to https://sheetlink.app/oauth/callback with access token
Callback page sends token to extension via local Chrome messaging
Extension stores token locally for subsequent syncs

OAuth Privacy Guarantee:

The OAuth callback page at sheetlink.app/oauth/callback never sends your token to any server. It runs entirely client-side (JavaScript in your browser), extracts the token from the URL, and passes it directly to the extension using Chrome's local messaging API. No analytics, no logging, no server processing.

Your Google OAuth token is stored only in the extension's local storage (encrypted by Chrome) and never leaves your device.

JWT Authentication & Session Management

What Are JWT Tokens?

JWT (JSON Web Tokens) are secure tokens that prove you're authenticated. After you sign in with Google, our backend generates a JWT token that the extension stores locally in your browser.

How They Work:

You sign in with Google OAuth (one-time)
Backend verifies your Google identity and creates a JWT token
Extension stores JWT token in Chrome's secure storage
Extension sends JWT with each API request (Authorization header)
Backend uses JWT to identify you and apply your subscription tier

What Tokens Contain:

Your user ID (UUID)
Your email address
Token expiration timestamp (60 minutes)
Cryptographic signature (prevents tampering)

What Tokens DON'T Contain:

Your Google OAuth token
Your bank data or transactions
Your Google Sheets information
Any personally identifiable financial data

Session Expiry:

JWT tokens expire after 60 minutes for security. When your session expires, you'll be prompted to sign in again with Google. This quick re-authentication (usually one click) ensures your account stays secure.

Subscription Tiers & Data Access

SheetLink offers three subscription tiers with different historical data access:

FREE Tier

7 days of transaction history
11 core fields per transaction
Unlimited bank connections
Manual sync control

BASIC Tier

90 days of transaction history
11 core fields per transaction
All FREE features
Extended history access

PRO Tier

730 days (2 years) of history
33 total fields per transaction
All BASIC features
Enhanced details (location, merchant IDs)

What We Store:

Subscription tier: Your current tier (FREE/BASIC/PRO)
Tier history: When you change tiers (for data integrity)
Feature usage: Which features you've accessed (not usage frequency)

Tier Changes & Data:

When you change subscription tiers:

Upgrade: Access more history and fields immediately
Downgrade: Extension may clear extra data from your sheet to match new tier limits
Data safety: We warn you before clearing any data from your sheets
Your control: You can always reconnect to restore data within tier limits

Pass-Through Architecture:

SheetLink does not store your transaction data on our servers. Data retention refers to how much historical data you can fetch from your bank via Plaid. Your Google Sheet stores transactions indefinitely. Tier limits only apply to how far back we can fetch new data.

Security Measures

All API communication over HTTPS (TLS/SSL)

Plaid tokens encrypted at rest with Fernet (AES-256)

Google OAuth tokens never sent to servers (client-side only)

CORS restricted to SheetLink domains and Chrome extension only

Privacy middleware suppresses sensitive logs

Client-side transaction processing (rules engine runs in your browser)

Built for builders, auditable by design

Encryption details

We use Fernet encryption (AES-128-CBC + HMAC) to protect Plaid access tokens at rest. The encryption key is stored securely in environment variables and tokens are only decrypted during sync operations. This means even if someone gained access to our database, they couldn't read your tokens without the encryption key.

Open source transparency

SheetLink's browser extension and client code is fully open source and available for audit on GitHub. You can inspect exactly how your data flows through the extension, verify what permissions it uses, and review all client-side logic. The backend API is private for business and security reasons, but its architecture is fully documented in the public repository.

Privacy middleware

Our backend includes privacy middleware that automatically suppresses detailed logging for all Plaid-related endpoints. Only high-level request metadata is logged (like "POST /plaid/sync"), never request bodies or transaction data. This ensures your financial data never appears in server logs, even accidentally.

Why the backend is private

SheetLink's client code (browser extension, landing site) is fully open source. The backend API is in a private repository for these reasons:

Intellectual Property: Protects business logic and future subscription features
Security: Prevents exposure of internal security patterns and infrastructure details
Chrome Store & Plaid Compliance: Simplifies review processes by separating public-facing code from internal services
Prevents Clones: Protects against direct commercial copying while maintaining user trust through client transparency

Transparency commitment: While the backend code is private, its minimal architecture is fully documented in the public repository. You can see exactly what endpoints exist, what data they handle, and how your information flows. All backend operations are limited to token storage (encrypted), transaction pass-through (never stored), and Google Sheets writes. For maximum privacy, you can still self-host the entire backend using our Docker deployment guide.

Your rights and options

Disconnect Anytime

Remove your bank connection from the extension. This deletes the encrypted token from our database immediately.

Delete Your Sheet

Your Google Sheet is yours. Delete it whenever you want. SheetLink has no copy.

Self-Host Your Backend

Want complete control? Run your own SheetLink backend with Docker or cloud providers. Full self-hosting guide coming soon.

Audit the Code

SheetLink's client code is open source. Inspect the extension logic, data flow, and architecture documentation yourself on GitHub.

Third-party services

Plaid

Plaid securely connects to your bank and retrieves transaction data. Your banking credentials are handled exclusively by Plaid, never by SheetLink. Plaid Privacy Policy

Google Sheets

We write data to your Google Sheet via the Sheets API. You control who can access your Sheet. Google Privacy Policy

Contact Us

Questions or concerns about our privacy practices? Email us at privacy@sheetlink.app.

Chrome Extension Disclosure

The SheetLink Chrome extension does not collect browsing activity or track which websites you visit.

It does not inject scripts into web pages.

All data processing occurs locally in your browser and only uses permissions required for Google Sheets access and Plaid Link connectivity.

Last updated: December 2025

This privacy policy may be updated from time to time. Material changes will be communicated via email or through the extension. Continued use of SheetLink after updates constitutes acceptance of the revised policy.

Privacy isn't a feature.It's the foundation.