QuickBooks integration

QuickBooks privacy.

Last updated · 8 May 2026

The Studiohaus QuickBooks Online integration lets interior design firms push invoices and customers from Studiohaus into their own QuickBooks Online company. This page describes what the integration reads, what it writes, where the data lives, and how to disconnect. It supplements — and does not replace — the main Studiohaus privacy policy.

Who connects, and to what

Each Studiohaus firm connects its own QuickBooks Online company. The connection is per-firm and per-realm: one Studiohaus firm to one QBO company. A user with the appropriate Studiohaus role authorizes the connection on Intuit’s consent screen; from then on, Studiohaus acts on behalf of that firm, never on behalf of any other firm or any individual user.

What the integration reads from QuickBooks

  • CompanyInfo — the QBO company’s display name, used to label the connection in Studiohaus (“Connected to Acme Interiors”). Read once at connect time.
  • Customer — only when ensuring a Studiohaus client maps to an existing QBO Customer. Looked up by display name; matched records are not modified.
  • Item — only when ensuring the firm’s “Studiohaus Services” Item exists in QBO. Looked up by name.
  • Account — only when creating the “Studiohaus Services” Item: we look up an Income account to bind the item to.
  • Invoice (after creation) — Studiohaus reads back the invoice it just created in order to capture the public sharable link, when QBO Payments is enabled on the firm’s QBO account.

The integration does not read transactions, bank feeds, payroll, employees, vendors, expenses, journal entries, reports, or any other QBO data outside the entities listed above.

What the integration writes to QuickBooks

  • Customer — created in QBO if no existing customer matches the Studiohaus client’s display name. Studiohaus writes the customer’s name and email; nothing else.
  • Item — a single Service Item called “Studiohaus Services” is created the first time the firm pushes an invoice, if no item by that name exists. It serves as the QBO accounting bucket for every line item Studiohaus pushes.
  • Invoice — created in QBO when a Studiohaus user clicks “Push to QuickBooks” on a Studiohaus invoice. The invoice is created with the Studiohaus invoice number, due date, customer reference, and one line item per Studiohaus line. Each line carries the Studiohaus description, quantity, and unit price.

The integration does not modify existing QBO records it didn’t create. It does not delete records. It does not push payments, payroll, or any data outside invoices and the customers/items those invoices need.

What Studiohaus stores about the connection

  • The QBO realm id (the QBO company id), stored on the firm’s row.
  • The QBO company display name, stored for UI labeling.
  • The OAuth access token and refresh token, encrypted at rest with AES-256-GCM. Encryption keys are held server-side and never exposed to the browser. A database leak does not yield usable QBO tokens.
  • The QBO Customer id and QBO Invoice id for each pushed record, stored on the corresponding Studiohaus row so subsequent pushes are idempotent.
  • The QBO Service Item id for the firm-wide “Studiohaus Services” item.
  • The public invoice link returned by QBO after invoice creation, when available, stored so it can be embedded in the invoice email Studiohaus sends to the firm’s client.

Studiohaus does not store QBO usernames or passwords. The integration uses OAuth 2.0; passwords are exchanged only between the user and Intuit, never seen by Studiohaus.

How long Studiohaus keeps it

Connection state and token data are kept for as long as the firm’s QBO connection is active. When the firm disconnects through Studiohaus, all QBO tokens, the realm id, the company name, and the firm’s services-item id are removed from Studiohaus’s database immediately, and the refresh token is revoked at Intuit’s revoke endpoint as a best-effort cleanup. Stored QBO Customer ids and Invoice ids on individual records remain (so historical references stay intact) but are no longer usable to read or write QBO data.

Who Studiohaus shares it with

Studiohaus does not share QBO data with any third party. The integration’s only external counterparty is Intuit’s QuickBooks Online API, accessed under the firm’s own authorization. Studiohaus’s existing subprocessors (listed in the main privacy policy — Supabase for storage, Vercel for hosting, Resend for email) process integration data only as part of their general role and only on Studiohaus’s instructions.

How to disconnect

Inside Studiohaus, go to Settings → Integrations → QuickBooks → Disconnect. The disconnect action revokes the OAuth tokens at Intuit and removes them from Studiohaus’s database. You can also revoke Studiohaus’s access from inside QuickBooks (Apps → Studiohaus → Disconnect); both paths achieve the same end state.

Children

The QuickBooks integration is a tool for professional interior design firms. It is not directed at, designed for, or intended to collect data about children under 13.

Changes

If we materially change how the integration handles QBO data, we will update this page and the “last updated” date above before the change ships.

Contact

Privacy questions, data requests, or concerns about the QuickBooks integration: admin@studiohaus.app.