Privacy Policy
Last updated: May 17, 2026
This Privacy Policy describes how Eiland Energy Solutions (“we”, “us”, or “our”) collects, uses, stores, and shares information in connection with the Jarvis application (“the App”), an internal business-automation tool we operate for our own oilfield-automation business.
Scope notice. The App is single-tenant software. The only end user is Eiland Energy Solutions itself, accessing data we already own (our own QuickBooks Online company, our own business email, our own code repositories). We do not offer the App to third parties, and we do not collect or process data on behalf of other businesses or consumers.
1. Information we access
The App connects, via authenticated APIs you (the operator of Eiland Energy Solutions) explicitly authorize, to the following services and may read, store, or display the following categories of data:
| Source | Data accessed | Purpose |
|---|---|---|
| QuickBooks Online (via Intuit OAuth 2.0) | Customers, Items, Estimates, Invoices, Payments, Vendors, account/company metadata | Sync your accounting data so the App can match operator jobs to invoices, track margins, and pre-stage OpenInvoice submissions. |
| Microsoft 365 / Outlook (via Microsoft Graph OAuth 2.0) | Email messages, calendar events, contacts, tasks in your mailbox | Triage operator and vendor correspondence; surface RFQ replies; calendar context for scheduling. |
| GitHub (via personal access token) | Repositories you have authorized | Developer assistance for the operator of the App. |
| Local file system (Mac mini hosting the App) | Files you explicitly point the App at | File-based assistance and reference look-ups. |
| User-supplied prompts and voice input | Text and audio you submit to the App | Generate responses; produce transcripts. |
The App does not access, collect, or process personal information of any third party except to the extent that such information appears in your own business records (e.g., a customer name on a QuickBooks invoice you yourself created). We do not aggregate, sell, rent, or otherwise commercialize any data accessed through the App.
2. How the information is stored
- All synced and generated data is stored locally on the Mac mini that hosts the App, in a SQLite database and supporting files on the host machine.
- OAuth refresh tokens are stored in the same local SQLite database. They are not transmitted to any third party except the issuing identity provider (Intuit, Microsoft, GitHub) for the purpose of refreshing access.
- API keys for third-party processors are stored in the macOS user-secrets store or environment variables on the host machine.
- The host machine is accessed only over Tailscale (a zero-trust private network); the App is not exposed to the public internet.
3. Third-party processors
To produce responses and voice output, the App routes content to the following third-party processors. Each is bound by its own terms and privacy policy.
| Processor | What is sent | What is received | Link |
|---|---|---|---|
| Anthropic, PBC (Claude API) | Conversation messages, system prompts, tool definitions and results | Generated text completions | anthropic.com/legal/privacy |
| ElevenLabs, Inc. (Text-to-Speech) | Text strings the assistant has generated | Synthesized audio | elevenlabs.io/privacy |
| Intuit, Inc. (QuickBooks Online API) | OAuth handshake; read/write requests scoped to your authorized company | Your QuickBooks data | intuit.com/privacy |
| Microsoft Corp. (Microsoft Graph) | OAuth handshake; mail/calendar/contact requests scoped to your mailbox | Your Microsoft 365 data | privacy.microsoft.com |
| GitHub, Inc. | API calls scoped to the personal access token’s permissions | Repository data | GitHub privacy |
We do not send your QuickBooks accounting records, customer lists, or invoice contents to Anthropic or ElevenLabs except where you (the operator) deliberately include such content in a chat prompt or request the App generate a response that summarizes it.
4. Data retention
- Synced QuickBooks and Microsoft data is retained locally until you delete the local database file or revoke the OAuth grant in Intuit’s or Microsoft’s portal.
- Chat history is retained locally until you clear it from the App.
- Anthropic and ElevenLabs retention is governed by their respective policies; we do not have a Zero Data Retention (ZDR) agreement in place by default.
5. How to revoke access
You can revoke any OAuth authorization at any time:
- QuickBooks: appcenter.intuit.com/app/manage → disconnect the Eiland Energy app.
- Microsoft 365: account.microsoft.com/consent → remove the Jarvis app.
- GitHub: github.com/settings/tokens → revoke the personal access token.
Revoking access immediately stops the App from reading new data from that service. Any data already synced into the local database remains until you delete the file.
6. Security
- The App is hosted on a private machine accessible only over Tailscale; no inbound public internet traffic.
- OAuth tokens are stored locally and used only for the API endpoints they were granted for.
- HTTPS is used for all upstream API traffic (Intuit, Microsoft, GitHub, Anthropic, ElevenLabs).
- The App is single-user; there is no shared multi-tenant data layer.
No system is perfectly secure. We make no warranty against unauthorized access; see the EULA for limitations of liability.
7. Children
The App is a business operations tool and is not directed to children. We do not knowingly collect information from anyone under 13.
8. Changes
If the App’s data practices change, we will update this page and update the “Last updated” date at the top. The current version is the version you see at the published URL.
9. Contact
Privacy questions or data deletion requests:
Eiland Energy Solutions Attn: Turner Eiland Email: turner@eilandenergysolutions.com