Data And Trust
Arboris is built for CFO workflows where a wrong number is worse than no number. The product favors source evidence, confidence labels, and clear suppression over unsupported claims.
Firm And Client Isolation
Section titled “Firm And Client Isolation”Arboris uses a platform database plus firm-isolated databases. Platform records track firms, users, auth, billing metadata, and support metadata. Client operating data lives in the firm’s isolated database.
Inside a firm database, client records are scoped by client_id. AI Chat, Search, Analysis, Reports, sync history, and Review Runs operate inside the selected client’s boundary.
AI Chat does not compare across clients and should never reference another client’s data.
QuickBooks Data
Section titled “QuickBooks Data”QuickBooks is the only active accounting integration in alpha. Xero and CSV import are visible as Coming Soon options, but they are not functional alpha integrations.
QuickBooks tokens are encrypted at rest. Tokens are decrypted only when Arboris needs to call QuickBooks or refresh access.
Disconnect and purge are separate actions:
- Disconnect revokes access and stops auto-sync while preserving synced data.
- Purge deletes synced financial data, transactions, chart of accounts, QuickBooks master data, parsed report detail, and AI embeddings. Lineage records remain marked as source-purged.
Financial Numbers
Section titled “Financial Numbers”Arboris distinguishes unknown from zero. A missing or unsupported metric displays as unavailable with a reason instead of showing 0.
Financial calculations use decimal-safe handling. Source financial statements come from QuickBooks reporting APIs, and Arboris does not use transaction-only fallbacks to fabricate financial statement values.
AI Trust Rules
Section titled “AI Trust Rules”AI-generated analytical claims must be evidence-grounded and confidence-labeled.
The assistant refuses tax advice, legal advice, investment recommendations, and analytical questions when the selected client has no financial data. For stale, partial, or short-history data, it answers with caveats and lower confidence instead of pretending the data is complete.
AI evidence can cite financial report metrics, transactions, customer or vendor evidence labels, Trial Balance rows, General Ledger postings, reports, and prior AI context where available. Contact fields and raw QuickBooks payloads are not intended for prompts or embeddings.
Reports
Section titled “Reports”PDF reports are generated on demand. Arboris stores report metadata and audit trace, not a permanent PDF artifact.
AI narrative in PDFs is labeled advisory, keeps confidence tags, and includes citations as footnotes. Report output should be reviewed by a qualified professional before client use.
Account And Client Deletion
Section titled “Account And Client Deletion”Firm deletion tombstones the firm, logs out the user, revokes refresh tokens, and starts a 30-day grace window before hard deletion.
Client deletion is a soft delete. Contact Arboris support if a deleted client needs to be reviewed for restoration.
Security Controls
Section titled “Security Controls”Arboris uses host-scoped httpOnly cookies, RS256 JWTs, bcrypt password hashing, rate limits on sensitive flows, restricted CORS, OAuth token encryption, security headers, and redaction for sensitive values in logs.
Support operations use separate operator authentication and audit logging.
Privacy
Section titled “Privacy”Do not paste passwords, OAuth tokens, raw cookies, private keys, or full accounting exports into support messages. Share the smallest useful screenshot or error context, and crop unrelated client data when possible.
Arboris alpha documentation describes current product behavior. It is not tax, legal, investment, audit, or compliance advice, and it does not create a public API, billing portal, status-page, or guaranteed-outcome commitment.