GeniusTrack Privacy Policy
This Privacy Policy describes how GeniusTrack ("the App") handles information. GeniusTrack is a private, internal business application developed and operated by CMMM Studios ("we", "us", "our") for the exclusive use of Genius Signs & Lighting Corp ("Genius Signs") to manage its own customers, jobs, and billing. It is not a public consumer service and is not open for general sign-up. This policy specifically covers the data stored in the App and the App's integration with Intuit QuickBooks Online.
1. Who This Policy Covers
GeniusTrack is used only by authorized Genius Signs staff. The "personal information" handled by the App is primarily the business-contact information of Genius Signs' own customers, entered by Genius Signs staff in the course of running the business. Genius Signs is the owner of that customer data; CMMM Studios operates the App and its infrastructure on Genius Signs' behalf.
2. Information Stored in the App
Customer and job records (entered by Genius Signs staff)
- Customer contact details — name, company name, email address, phone number, and service/billing address.
- Job details — project descriptions, status/stage, schedule dates, and internal notes.
- Billing details — estimate and invoice amounts, billing status, and payment status.
App user accounts
- For each Genius Signs staff member with access: name, email address, assigned role, and a securely hashed password. Plain-text passwords are never stored.
Operational logs
- Standard server logs (IP address, timestamp, request path) retained for security and troubleshooting, and an in-app audit log of key actions (for example, "invoice pushed" or "user signed in").
3. QuickBooks Online Integration
With an authorized Genius Signs administrator's explicit consent, GeniusTrack connects to Genius Signs' own QuickBooks Online ("QBO") company using Intuit's OAuth 2.0 authorization. Through this connection the App:
- Writes to QBO — creates estimates and invoices that originate in GeniusTrack (a one-way push from GeniusTrack to QuickBooks).
- Reads from QBO — retrieves invoice and payment status so GeniusTrack can reflect whether a job has been billed and paid, and reads Product/Service items needed to build those documents.
QuickBooks remains the system of record for money and tax. GeniusTrack does not modify your QuickBooks accounting data beyond creating the estimates and invoices you initiate. We use the QuickBooks connection solely to provide this functionality to Genius Signs. We do not sell, rent, or share QuickBooks data, or any data obtained through the QuickBooks connection, with any third party.
The OAuth access and refresh tokens that authorize the connection are stored encrypted at rest using AES-256-GCM, with the encryption key held in server configuration separate from the application code. You may revoke the connection at any time from within GeniusTrack (Settings → Disconnect) or from the QuickBooks side (Apps → My Apps → Disconnect).
4. How Information Is Used
- To operate the business: track customers and jobs, schedule work, follow up, and produce and reconcile estimates and invoices.
- To send job-related estimates and invoices to Genius Signs' customers through QuickBooks.
- To secure the App, maintain the audit trail, and troubleshoot problems.
We do not use this information for advertising, and we do not sell it.
5. How Information Is Shared
We share information only as needed to run the App:
- Intuit QuickBooks Online — to create estimates/invoices in, and read billing/payment status from, Genius Signs' own QuickBooks company, at Genius Signs' direction. Intuit's handling of that data is governed by Intuit's own privacy policy.
- Hosting and infrastructure — the App runs on a private virtual server controlled by CMMM Studios, with Cloudflare providing TLS termination, CDN, and DDoS protection. These providers process request data only to deliver the service.
We do not share personal information with any other third parties, and we do not sell personal information.
6. Security
- All traffic is served over HTTPS/TLS (TLS 1.2 or higher).
- Access to the App requires authentication, with role-based permissions limiting what each user can see and do.
- QuickBooks OAuth tokens are encrypted at rest (AES-256-GCM); user passwords are stored only as secure hashes.
No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
7. Data Retention
Customer, job, and billing records are retained for as long as Genius Signs needs them for business, warranty, and recordkeeping purposes. Genius Signs may request correction or deletion of specific records at any time.
8. California Privacy Rights (CCPA/CPRA)
Genius Signs operates in California. To the extent the California Consumer Privacy Act applies, individuals whose personal information is stored in the App have the right to:
- Know what categories of personal information are collected and how they are used;
- Request access to, or deletion of, personal information held about them;
- Not be discriminated against for exercising these rights.
We do not sell or share personal information as those terms are defined under the CCPA/CPRA. To make a request, email [email protected] with "Privacy Request" in the subject line; requests will be routed to Genius Signs, the business that owns the customer relationship.
9. Children's Privacy
GeniusTrack is a business tool intended for adult, authorized staff. It is not directed to children, and we do not knowingly collect information from anyone under 16.
10. Changes to This Policy
If we update this policy we will change the "Last updated" date above. Material changes will be communicated to Genius Signs.
11. Contact
For privacy questions about GeniusTrack:
CMMM Studios (operator) · Genius Signs & Lighting Corp (business owner)
15204 S Broadway, Gardena, CA 90248
[email protected] · (323) 830-6789