Penni connects to QuickBooks through secure OAuth — the same standard your bank uses. We never see your password, never store your credentials, and never train AI on your data.
Today Penni integrates with QuickBooks Online. Xero and additional accounting platforms are in development — same security model applies.
We built Penni for small business owners who are trusting us with their most sensitive information. Here's exactly how we handle that responsibility.
When you connect QuickBooks, you authorize Penni through Intuit's official OAuth flow. Your login credentials go directly to Intuit — never through our servers. We receive a secure token that grants limited access to your chart of accounts, invoices, and transactions. You can revoke this access anytime from your QuickBooks settings.
Penni uses AI to categorize transactions and generate financial reports for you — not to build training datasets. Your financial data is processed, used to serve you, and that's it. We use Anthropic's Claude API with zero data retention, meaning your data is not stored or used by the model provider after processing your request.
Every transaction Penni categorizes gets written directly to your QuickBooks Online account. We don't maintain a shadow copy of your books. If you cancel Penni tomorrow, your data is exactly where it's always been — in QBO, fully intact, fully yours. No lock-in. No data hostage.
All communication between Penni, your phone, and QuickBooks happens over TLS 1.2+ encrypted connections. OAuth tokens are stored encrypted in our database. API keys are environment-isolated and never exposed in client-side code.
If you connect your email for receipt scanning, Penni uses Nylas — an enterprise-grade email API — to read messages for financial transactions only. We cannot send emails as you, delete messages, or access contacts. You authorize access through your email provider's consent screen and can disconnect anytime.
We collect only what's needed to operate: your name, email, phone number, and the OAuth tokens required to connect your accounts. We don't sell data, run ads, or share your information with third parties for marketing purposes. Period.
Transparency matters. Here's exactly what Penni accesses through your connected accounts.
These are the third-party services involved in operating Penni. Each handles data according to their own security and privacy policies.
No. Penni reads bank balances through QuickBooks Online's API — the same data QBO already has from your connected bank feeds. We never connect to your bank directly and never see your banking credentials. There's no Plaid or screen-scraping involved.
Your books stay in QuickBooks, exactly as they are. Penni writes everything directly to your QBO account — we don't keep a separate copy. When you cancel, we revoke our OAuth tokens and delete your account data from our systems within 30 days.
Absolutely not. We use Anthropic's Claude API with zero data retention — your data is processed to serve your request and immediately discarded by the model provider. Google's Gemini (used for receipt OCR) also operates under API terms that prohibit training on customer data. Your financials never become part of any AI training dataset.
Two ways: disconnect from your Penni settings page, or go directly to QuickBooks Online → Settings → Manage Connected Apps and remove Penni. Either method immediately revokes our access to your accounting data.
Penni's team does not have routine access to your financial data. Access to production systems is restricted and only used for debugging critical issues with your explicit permission. We're building Penni to be autonomous — the AI handles your books, not humans.
Conversation context is maintained to provide you with a consistent experience — so Penni remembers your vendor preferences and past instructions. This data is stored encrypted and tied to your account. It's deleted when you cancel.
Free for 30 days. Your data stays in QuickBooks. Cancel anytime.
start free for 30 days →