JOURDANLABSLocal-first until the account layer is real.
The safest launch posture is clear: browser storage today, explicit exports, no pretend cloud security.
Local storage
The current NORTHSTAR web build stores workspace data in browser local storage on the user's device. JourdanLabs does not receive that local workspace data unless the user exports it and sends it to us.
Financial data
Bookkeeping records, tax-prep packets, Owner Sentinel signals, donation ledgers, and audit-chain exports can contain sensitive financial data. Users should treat exported files as confidential business records.
Backups
Because the current build is local-first, clearing browser data can remove the workspace. Users should export workspace JSON and accountant packets before device changes, browser resets, or public launch migrations.
Payments
Paid checkout is handled through Stripe once configured. NORTHSTAR should not store card numbers directly.
Roles
Owner, Accountant, and Bookkeeper views are local product views in the current web build. They demonstrate redaction and workflow boundaries, but server-enforced multi-user access requires the hosted account layer.
Future cloud account layer
When cloud sync or hosted accounts are added, NORTHSTAR should add account authentication, server-side role checks, encryption posture, data-retention settings, and deletion/export workflows before broad public use.