LiveFlow has achieved a SOC 2 Type I attestation from a certified auditor with no exceptions in the final report. We work with an AICPA certified audit firm to evaluate our information Security program and controls on an annual basis and continuously monitor those controls using the Drata platform.
LiveFlow has been reviewed and approved for security by Synopsys, working on behalf of Intuit.
Operations within our Google Sheets Add-on require coordinated actions between Google’s servers running Google Apps Script and our own backend deployed on Amazon Web Services (AWS).
In order to import reports from QuickBooks, we need to store tokens that allow us to perform API operations on the user’s behalf
In order to debug issues that may arise, our engineers may need to inspect the structure of the reports that LiveFlow has created in your spreadsheets
LiveFlow only ever reads data from the QuickBooks API, and will never make changes to your data in QuickBooks
In order for LiveFlow to help automate your workflows in Google Sheets, we need you to authorize our application to perform various operations on your behalf. When you first install LiveFlow, you’ll be presented with a screen like the one shown below.
Some of these permissions might sound a little bit scary at first glance, but let us outline here why exactly we need each of them.
See, edit, create and delete all your Google Sheets spreadsheets
First and foremost, our application needs to be able to edit your spreadsheets in order to create and refresh all the reports you create. In order for us to perform all the operations necessary to complete those actions efficiently, we need to use the Google Sheets API. Without this permission, we simply can’t do all the nice things we want to do for you.
We will only ever use this access in spreadsheets where you have explicitly activated LiveFlow. Within each spreadsheet where LiveFlow is activated, we will only ever make changes in sheets created by LiveFlow. Even within each sheet, LiveFlow will only ever make changes to rows and columns created by LiveFlow – if you add your own rows and columns to the sheet, we won’t touch them! We will never delete any of your spreadsheets, sheets, rows, or columns.
Connect to an external service
This permission allows us to communicate with systems and services outside of Google Sheets. We need this permission to communicate with:
Allow this application to run when you are not present
LiveFlow provides a simple way to import reports from QuickBooks into Google Sheets, but some of the best value we provide comes from automatically refreshing those reports. You can choose to refresh your reports whenever you open your spreadsheet, or to automatically refresh every hour. In either case, we need permission to do our work without you having to actively open our add-on every time.
Display and run third-party web content in prompts and sidebars inside Google applications
This one’s pretty simple! In order to allow you to interact with LiveFlow inside Google Sheets, we need this permission to show you our user interface. That user interface allows you to connect QuickBooks accounts, to create and manage your reports, and even to drill down into your numbers without leaving the sheet – without this permission, we couldn’t do any of that.