Privacy Policy

Last updated: April 13, 2026

softwaresoftware.dev is operated by NOV LLC, a Colorado LLC. This policy covers all products, tools, plugins, and services operated under the softwaresoftware.dev domain.

What we collect

The data we collect depends on which products you use:

• Google OAuth (plugins, MCPs): Email address and basic profile info when you sign in. If you use tools that connect to Gmail or Google Calendar, we access only what's needed to provide the feature you're using.
• Financial data (Plaid integration): Bank account balances, transaction history, and account metadata. This data is collected through Plaid's API and stored locally on your device. See the Financial Data section below for details.
• Claude Code plugins: Plugins run locally on your machine. We do not collect telemetry, usage data, or personal information through plugins unless explicitly stated in the plugin's documentation.

What we don't do

• No tracking or analytics
• No ads
• No selling or sharing your data with third parties
• No cookies beyond what's required for auth
• No central servers storing your credentials or financial data

Financial data (Plaid)

Some of our tools use Plaid to connect to financial institutions. When you connect a bank account through Plaid Link:

• What we access: Account balances, transaction history (date, amount, merchant, category), and account metadata (account name, type, last four digits).
• How it's stored: Financial data is stored in a local database on your device, on an encrypted disk. Plaid access tokens are stored in your operating system's secure keychain.
• How it's used: Exclusively for bookkeeping, expense tracking, spending analysis, and tax preparation. Data is never shared with third parties, used for marketing, or transmitted to any external server.
• MFA protection: Access to Plaid Link is gated by TOTP multi-factor authentication. You must verify with your authenticator app before any bank connection flow begins.
• Deletion: You can delete your financial data at any time by removing records from the local database. Bank connections can be revoked through Plaid, which stops data synchronization and deletes the access token.

Plaid's own privacy practices are described in Plaid's End User Privacy Policy.

Where data lives

All data is stored locally on your device. OAuth tokens, API credentials, and financial access tokens are stored in your operating system's secure keychain. We do not operate a central server that holds your credentials or personal data.

Data retention

Financial transaction data is retained locally for up to 7 years to support tax and accounting requirements. Bank connection tokens are retained while the connection is active. You can delete any data at any time. Application logs are retained for 90 days.

Security

We protect your data with encryption in transit (TLS 1.2+), encryption at rest (disk encryption), multi-factor authentication on all systems that handle financial data, and a zero-trust network architecture. Our full security practices are documented in our internal Information Security Policy, available upon request.

Changes

We may update this policy as our products evolve. The "Last updated" date at the top reflects the most recent revision.

Contact

Questions about this privacy policy or your data? [email protected]