Bootstrapped #125: Tracking what you spend on your business

I’m joined again by frequent guest co-host @freyfogle. We talk about how we track the spending on our businesses.

We mentioned a rewards card for Startups from Cledara.

Thanks to EmailToolTester who sponsored this episode. Find the best email newsletter service for you with EmailToolTester’s calculator.

You can also listen to and download this episode here:

@freyfogle, interesting that you mention Cledara.
I’m a bit wary of services which basically read your companies financial statements like Cledara, ProfitWell and maybe even Stripe. They know so much about your business, and you don’t know who they give access to your data. It is obvious that they use your data (at least in aggregate) and disseminate these data.
Most of these services are not banks, i.e. they are not as much regulated in terms of keeping things private.
I imagine that the data are interesting for investing in smallish startups (@arvidkahl ), and wonder how the data flows are to brokers and others.
On the other hand, these services provide a benefit to you as a business owner.

Interesting, I had a discussion about the privacy implications with someone from the “funding for independent businesses” space yesterday.

This seems like an oddly unregulated space indeed, and there are more and more players joining the market of “solutions that aggregate your internal business data for analytics or projections” every month. I think there is definitely a risk of over-exposing information, as the APIs provided by services like Stripe and BareMetrics are not yet prepared to completely anonymize your data or give you fine-grained control over what is exposed: I think at this point, those APIs are meant to allow you to actually programmatically interact with the service instead of just exporting data for further analysis.

In my discussion yesterday, we found that there are two rather extreme positions to take here: either, you can be the optimist and see this as a great opportunity for startups (to get more insight and instructive guidance) and investors (to get more insight, choice, and decision-supporting information), OR you can be the pessimist and see this as a potential for malice (industrial espionage, sabotage, copycats) or negligence (company data leaks, customer PII exposure).

I think it’s somewhere between these two things, and regulation would definitely clarify this. What would also help would be an understanding shared by API providers to irreversibly anonymize data from APIs on a per-API-consumer level. Your server accesses the Stripe API? Give them the actual information. Your analytics provider fetches data? Give them hashed / pseudonymized PII and non-reversible IDs. Something like that. We can solve this on the technical level before the government needs to step in.