SheetLink

Privacy isn't a feature.
It's the foundation.

SheetLink never stores your financial data. Transactions flow from Plaid to your spreadsheet, nowhere else. Available now on the Free Tier. Connect real bank accounts for free.

In plain language (TL;DR)

SheetLink never sees, stores, or sells your banking data.

All sensitive data flows directly between Plaid, your browser, and your Google Sheet. Our servers only handle short-lived, encrypted token exchanges so the extension can communicate securely with your bank. Transaction data never touches our database.

We:

  • Do store: encrypted Plaid access tokens, Google user ID, email address (for authenticated users), subscription tier (FREE/BASIC/PRO), linked sheet metadata (ID and title), institution names, and minimal sync metadata.
  • Do store (in browser only): JWT authentication tokens with 60-minute expiry, stored locally in Chrome's secure storage.
  • Do not store: transactions, balances, categories, or anything about your banking activity. We also never store your Google OAuth tokens or sheet contents.
  • Do not sell or share any data, ever.

You can delete all your data at any time.

How your data flows

SheetLink is designed to be a transparent data pipe, not a data vault.

1
Plaid → SheetLink API
Token exchange only (no transaction data)
2
SheetLink API → Plaid
Fetch transactions using encrypted token
3
SheetLink API → Your Browser
Returns JSON (deleted immediately after)
4
Your Browser → Your Google Sheet
Data written directly by the extension

✅ SheetLink never stores your transaction history.

Privacy Guarantee:

SheetLink is a pass-through integration, not a data warehouse. When you sync, transaction data flows through our servers for less than a second, just long enough to fetch from Plaid and return to your browser. Nothing is cached or logged.

What we store vs. what we don't

What We Store

  • ✓ Encrypted Plaid access tokens
  • ✓ Google user identifier (email or stable Google ID)
  • ✓ Linked sheet metadata (sheet ID, title)
  • ✓ Plaid metadata: item_id, institution_id, cursor, timestamps
  • ✓ Minimal operational logs (non-PII)

We use Fernet encryption (AES-128-CBC + HMAC) to store Plaid tokens at rest. Only encrypted values are stored in our database.

What We Don't Store

  • ✗ Transaction line items (amounts, merchants, categories, dates)
  • ✗ Account balances or transaction history
  • ✗ Bank usernames or passwords (handled exclusively by Plaid)
  • ✗ Google OAuth tokens (these remain in your browser)
  • ✗ Contents of your Google Sheets

Explicitly: We do NOT store your transaction details, balances, or any identifiable financial activity. Transaction data flows through our servers for less than a second during sync, then is immediately discarded.

Google OAuth & Callback Page

When you authorize Google Sheets access, SheetLink uses a client-side OAuth flow that keeps your token completely private:

  1. Extension opens Google OAuth in a popup window
  2. You authorize Google Sheets access via Google's secure page
  3. Google redirects to https://sheetlink.app/oauth/callback with access token
  4. Callback page sends token to extension via local Chrome messaging
  5. Extension stores token locally for subsequent syncs
OAuth Privacy Guarantee:

The OAuth callback page at sheetlink.app/oauth/callback never sends your token to any server. It runs entirely client-side (JavaScript in your browser), extracts the token from the URL, and passes it directly to the extension using Chrome's local messaging API. No analytics, no logging, no server processing.

Your Google OAuth token is stored only in the extension's local storage (encrypted by Chrome) and never leaves your device.

Google API OAuth Compliance Summary

In compliance with the Google API Services User Data Policy and Google APIs Terms of Service, this section summarizes how SheetLink accesses, uses, stores, and protects Google user data:

1. Data Accessed

SheetLink requests the following Google API scopes:

  • https://www.googleapis.com/auth/spreadsheets - Access to read and write data in your Google Sheets
  • https://www.googleapis.com/auth/script.projects - Access to create and manage Apps Script projects for recipe installation

We access:

  • Google Sheets API: To write banking transaction data to spreadsheets you explicitly select
  • Apps Script API: To programmatically install analysis recipes (pre-built code) into container-bound Apps Script projects
  • Google OAuth user info: Your email and user ID for authentication and account management

2. Data Usage

  • Spreadsheets scope: Used exclusively to write banking transaction data and account balances to your Google Sheets. All data processing happens client-side in the extension.
  • Apps Script scope: Used exclusively to create container-bound script projects, deploy recipe code, and manage custom menu functions. We only access the specific script project we create for your spreadsheet.
  • User info: Used for authentication, subscription tier management, and associating encrypted Plaid tokens with your account.

3. Data Sharing

We DO NOT share Google user data with any third parties. Specifically:

  • ❌ No selling of data
  • ❌ No sharing with advertisers or data brokers
  • ❌ No external analytics services receive Google user data
  • ❌ No access to your Google Sheets content (data stays in your Sheet under your control)

We may only disclose data if required by law (court order, subpoena). See the "Your rights and options" section for details.

4. Data Storage & Protection

  • Google Sheets data: NOT stored on our servers. Written directly to your Google Sheet and remains under your control.
  • Apps Script projects: Container-bound to your spreadsheet. We do not access or store your script project content.
  • OAuth tokens: Managed by Chrome extension storage (encrypted by Chrome). Google access tokens are stored locally and never transmitted to our backend.
  • User info: Google user ID and email stored in our backend database (PostgreSQL) for authentication purposes only.

Security measures:

  • 🔒 HTTPS/TLS for all API communication
  • 🔒 Minimal permissions (scoped OAuth requests)
  • 🔒 Client-side data processing (no server-side access to sheet contents)
  • 🔒 Container-bound Apps Script projects only (no access to your other projects)

5. Data Retention & Deletion

  • Google Sheets data: Retained indefinitely in your Google Sheet (you control retention and deletion)
  • Apps Script projects: Retained as container-bound projects attached to your spreadsheet until you uninstall recipes
  • User authentication data: Retained until you revoke access or delete your account

How to delete your data:

  • Revoke Google OAuth access: Visit Google Account Permissions and remove SheetLink
  • Delete Google Sheets: Delete tabs or entire spreadsheet from Google Sheets
  • Uninstall extension: Remove extension from Chrome to clear all local storage

JWT Authentication & Session Management

What Are JWT Tokens?

JWT (JSON Web Tokens) are secure tokens that prove you're authenticated. After you sign in with Google, our backend generates a JWT token that the extension stores locally in your browser.

How They Work:

  1. You sign in with Google OAuth (one-time)
  2. Backend verifies your Google identity and creates a JWT token
  3. Extension stores JWT token in Chrome's secure storage
  4. Extension sends JWT with each API request (Authorization header)
  5. Backend uses JWT to identify you and apply your subscription tier

What Tokens Contain:

  • Your user ID (UUID)
  • Your email address
  • Token expiration timestamp (60 minutes)
  • Cryptographic signature (prevents tampering)

What Tokens DON'T Contain:

  • Your Google OAuth token
  • Your bank data or transactions
  • Your Google Sheets information
  • Any personally identifiable financial data
Session Expiry:

JWT tokens expire after 60 minutes for security. When your session expires, you'll be prompted to sign in again with Google. This quick re-authentication (usually one click) ensures your account stays secure.

Subscription Tiers & Data Access

SheetLink offers three subscription tiers with different historical data access:

FREE Tier

  • 7 days of transaction history
  • 11 core fields per transaction
  • Unlimited bank connections
  • Manual sync control

BASIC Tier

  • 90 days of transaction history
  • 11 core fields per transaction
  • All FREE features
  • Extended history access

PRO Tier

  • 730 days (2 years) of history
  • 33 total fields per transaction
  • All BASIC features
  • Enhanced details (location, merchant IDs)

What We Store:

  • Subscription tier: Your current tier (FREE/BASIC/PRO)
  • Tier history: When you change tiers (for data integrity)
  • Feature usage: Which features you've accessed (not usage frequency)

Tier Changes & Data:

When you change subscription tiers:

  • Upgrade: Access more history and fields immediately
  • Downgrade: Extension may clear extra data from your sheet to match new tier limits
  • Data safety: We warn you before clearing any data from your sheets
  • Your control: You can always reconnect to restore data within tier limits
Pass-Through Architecture:

SheetLink does not store your transaction data on our servers. Data retention refers to how much historical data you can fetch from your bank via Plaid. Your Google Sheet stores transactions indefinitely. Tier limits only apply to how far back we can fetch new data.

Security Measures

All API communication over HTTPS (TLS/SSL)

Plaid tokens encrypted at rest with Fernet (AES-256)

Google OAuth tokens never sent to servers (client-side only)

CORS restricted to SheetLink domains and Chrome extension only

Privacy middleware suppresses sensitive logs

Client-side transaction processing (rules engine runs in your browser)

Built for builders, auditable by design

Encryption details

We use Fernet encryption (AES-128-CBC + HMAC) to protect Plaid access tokens at rest. The encryption key is stored securely in environment variables and tokens are only decrypted during sync operations. This means even if someone gained access to our database, they couldn't read your tokens without the encryption key.

Open source transparency

SheetLink's browser extension and client code is fully open source and available for audit on GitHub. You can inspect exactly how your data flows through the extension, verify what permissions it uses, and review all client-side logic. The backend API is private for business and security reasons, but its architecture is fully documented in the public repository.

Privacy middleware

Our backend includes privacy middleware that automatically suppresses detailed logging for all Plaid-related endpoints. Only high-level request metadata is logged (like "POST /plaid/sync"), never request bodies or transaction data. This ensures your financial data never appears in server logs, even accidentally.

Why the backend is private

SheetLink's client code (browser extension, landing site) is fully open source. The backend API is in a private repository for these reasons:

  • Intellectual Property: Protects business logic and future subscription features
  • Security: Prevents exposure of internal security patterns and infrastructure details
  • Chrome Store & Plaid Compliance: Simplifies review processes by separating public-facing code from internal services
  • Prevents Clones: Protects against direct commercial copying while maintaining user trust through client transparency

Transparency commitment: While the backend code is private, its minimal architecture is fully documented in the public repository. You can see exactly what endpoints exist, what data they handle, and how your information flows. All backend operations are limited to token storage (encrypted), transaction pass-through (never stored), and Google Sheets writes. For maximum privacy, you can still self-host the entire backend using our Docker deployment guide.

Your rights and options

Disconnect Anytime

Remove your bank connection from the extension. This deletes the encrypted token from our database immediately.

Delete Your Sheet

Your Google Sheet is yours. Delete it whenever you want. SheetLink has no copy.

Self-Host Your Backend

Want complete control? Run your own SheetLink backend with Docker or cloud providers. Full self-hosting guide coming soon.

Audit the Code

SheetLink's client code is open source. Inspect the extension logic, data flow, and architecture documentation yourself on GitHub.

Third-party services

Plaid

Plaid securely connects to your bank and retrieves transaction data. Your banking credentials are handled exclusively by Plaid, never by SheetLink. Plaid Privacy Policy

Google Sheets

We write data to your Google Sheet via the Sheets API. You control who can access your Sheet. Google Privacy Policy

Contact Us

Questions or concerns about our privacy practices? Email us at privacy@sheetlink.app.

Chrome Extension Disclosure

The SheetLink Chrome extension does not collect browsing activity or track which websites you visit.

It does not inject scripts into web pages.

All data processing occurs locally in your browser and only uses permissions required for Google Sheets access and Plaid Link connectivity.

Last updated: February 2026

This privacy policy may be updated from time to time. Material changes will be communicated via email or through the extension. Continued use of SheetLink after updates constitutes acceptance of the revised policy.