Safety & Security·6 min read·Updated 1 April 2026

Protecting Your Business Data

Q: Can a former employee access data they exported while they were a team member?

Yes — once data is exported from AskBiz (as a PDF, CSV, or other format), we cannot control what happens to it. This is why offboarding promptly and being thoughtful about what data you make available to team members matters. If you believe a former employee has misused business data, seek legal advice.

Q: How do I know which team members have access to sensitive data in AskBiz?

Go to Account Settings → Team → Members. You can see each member's role and access level. On the Business plan, you can restrict access to specific features (e.g. prevent members from viewing cash flow data or downloading exports).

Q: I accidentally uploaded a file with real customer personal data (names, emails). What should I do?

Delete it immediately from /sources → CSV → Delete dataset. Then contact privacy@askbiz.co to confirm the deletion was complete and no cached copies remain. Under GDPR, you (as data controller) should also assess whether the accidental upload constitutes a data breach under your own obligations.

Q: Is it safe to use AskBiz on public Wi-Fi?

Yes — all connections to AskBiz use TLS 1.3 encryption, which protects your data from interception on public networks. However, as a general security practice, avoid accessing sensitive financial accounts (including AskBiz) on public Wi-Fi without a VPN, as other risks (shoulder surfing, malware on the network) exist beyond connection interception.

Best practices for keeping your connected business data safe. How to manage Shopify, Amazon, and QuickBooks permissions, data minimisation, offboarding employees, and what to do when you switch accounting software.

Your Data Security Is a Shared Responsibility

AskBiz secures the data within our platform — encrypted at rest, encrypted in transit, access-controlled, and regularly audited. But the overall security of your business data depends on decisions you make too: which people have access to your AskBiz account, which third-party apps you connect, how you manage departing employees, and how you treat sensitive financial information shared outside the platform.

This article covers the practical steps you can take to protect your business data — both within AskBiz and across your connected platforms.

Managing Connected Platform Permissions

Every platform you connect to AskBiz (Shopify, Amazon, QuickBooks, Stripe) grants AskBiz read-only access via OAuth. Review these connections regularly:

In AskBiz: Go to /sources and review every connected integration. Disconnect any platform you no longer use — this revokes AskBiz's access token immediately.

In the platform itself: Even after disconnecting from AskBiz, revoke the access token in the source platform too:

Shopify: Admin → Apps → Installed apps → Remove AskBiz
Amazon: Seller Central → Apps & Services → Manage Your Apps → Revoke
QuickBooks: Gear icon → Connected Services → Disconnect
Stripe: Dashboard → Settings → Restricted Keys or Connected apps → Remove

Doing both (disconnecting in AskBiz and revoking in the platform) provides a belt-and-braces approach. If AskBiz's token were ever compromised, a separately revoked token in the platform provides an additional layer of protection.

Data Minimisation — Only Connect What You Need

Every additional data source you connect increases the value of your AskBiz account to an attacker — and increases the scope of what is at risk.

Guidelines:

Connect only the sources you actively use — if you connected QuickBooks to try it and don't use the insights, disconnect it
Use the read-only scopes — AskBiz requests minimal permissions. If a future integration asks for write access, question why it needs it.
Do not upload more data than needed — if you're uploading a CSV for analysis, delete it from AskBiz after you've got your answer. Go to /sources → CSV → Delete dataset.
Use anonymised exports when testing — if you're testing a new feature with sample data, use anonymised or fictional figures rather than your live business data

Employee and Team Member Offboarding

When a team member leaves your business, their access to AskBiz should be revoked the same day — ideally before they leave. This is one of the most commonly overlooked data security risks in small businesses.

Offboarding checklist for AskBiz (Business plan):

1. Remove them from the team — Account Settings → Team → Remove Member. Their access is revoked immediately.

2. Rotate any API keys they had access to — if they worked with your AskBiz API integration, delete the relevant keys and generate new ones. Update your integration with the new key.

3. Review active sessions — Account Settings → Security → Active Sessions. Revoke any session that might be theirs.

4. Change the account password — if you shared the account password rather than using individual team member logins (which you should not, but it happens), change it immediately.

5. Review what data they may have exported — check if they downloaded any conversation exports, CSV exports, or Scorecard PDFs in the period before leaving. You cannot undo a download, but being aware of what was taken is important.

For the Free or Growth plan (no team seats), if you shared your account login with a colleague, change your password as soon as they no longer need access.

Handling Sensitive Financial Data Shared From AskBiz

When you export or share data from AskBiz — as a PDF, CSV, or screenshot — that data leaves our secure environment and enters whatever system you paste or send it to. Be thoughtful:

Email is not secure — do not email detailed revenue or margin data to people who do not need it. Use a link-based sharing method (e.g. a shared drive folder with restricted access) for sensitive financial reports.
Be careful with screenshots — a screenshot of your Business Pulse dashboard or revenue breakdown shared in a WhatsApp group or Slack channel reaches everyone in that group, including people who may no longer be relevant to your business
Mark financial documents appropriately — if you share an AskBiz export with an investor, bank, or partner, consider watermarking it with the recipient's name and date. This creates accountability and deters forwarding.
Manage access to shared drives — if you store AskBiz exports in Google Drive or Dropbox, regularly audit who has access to those folders. Former employees and advisors often retain drive access long after it is needed.

Switching Accounting Software or Platforms

If you switch from one platform to another (e.g. QuickBooks to Xero, or Shopify to a different ecommerce platform), follow this process:

1. Connect the new platform first — add the new source at /sources and confirm data is syncing correctly

2. Verify your historical data is intact — check that your Business Pulse score and historical metrics are not materially affected by the new data source

3. Disconnect the old platform — go to /sources → [old platform] → Disconnect

4. Revoke the token in the old platform — as described in the Managing Connected Platform Permissions section above

5. Update any API integrations — if you have custom integrations that reference the old platform's data structure, update them to use the new source

6. Request data deletion if needed — if you want AskBiz to delete all historical data from the old source (e.g. you are switching from a business you sold), contact privacy@askbiz.co

Frequently Asked Questions

Can a former employee access data they exported while they were a team member?

How do I know which team members have access to sensitive data in AskBiz?

I accidentally uploaded a file with real customer personal data (names, emails). What should I do?

Is it safe to use AskBiz on public Wi-Fi?

Was this article helpful?

👍 Yes 👎 No

Still stuck? Email our support team.