Beta Product

ChatData Sync White Paper

Last updated: May 13, 2026

Built by cgosmon solutions llc (cgosmon.com)

Executive Summary

ChatData Sync helps everyday users describe what they want to track in plain language, then activates a structured tracker that can be read and updated through chat.

Today, the platform supports plain-English schema generation, project creation, sync reads and writes, schema migration, and chatbot connection paths for ChatGPT, Gemini, Claude, and custom API clients.

What It Can Do Today

Generate tracker schema from plain language
Create owner-scoped projects with a project security token
Read and write records through sync endpoints
Filter list responses by unpaid status and date range, with totals included
Migrate schema as tracking needs evolve, preserving existing shape unless destructive changes are explicitly allowed
Export your data as CSV at any time
Rotate the project security token at any time

How It Works

Describe what you want to track.
Review generated tables and fields.
Create your project.
Connect your AI tool with the connection URL and security token.
Log and retrieve records by chat.
Update schema over time when your workflow changes.

Security and Trust

Layered controls in plain language: signed-in account access for owner actions, project-scoped security tokens for assistant access, payload and rate limits, prompt-injection checks on AI routes, CORS allowlist controls, audit activity logging, and project token rotation.

No online system can guarantee zero risk. ChatData Sync is designed to reduce common abuse and misconfiguration patterns while keeping ownership boundaries clear.

What We Do Not Do

We do not sell user records or tracker content.
We do not use the records you save to your tracker to train AI models.
ChatData Sync staff do not browse user tracker records as a routine product practice. Limited access can occur only to investigate a security incident, fulfill a verified data request from the account owner, or comply with a legal obligation.
We do not share project security tokens with anyone outside the owner account.
We do not require your connection URL or security token to be public; you control where you paste them.

Where Your Data Lives

Account data and tracker records are stored in Google Cloud (Firebase / Firestore). Hosting and processing may occur in Google Cloud regions used by the deployed project. Authentication identities are managed through Firebase Authentication. Billing details, if you subscribe, are handled by Stripe; payment card numbers are never stored by ChatData Sync.

What Stays Yours

You own the records you put into ChatData Sync.
You can export your tracker data on demand (CSV from the Data tab).
You can rotate your project security token at any time.
You can request deletion of your tracker and its records; active-system removal is immediate, while backup and security-log copies follow the retention windows in our Privacy Policy.

Use Cases

Side-Hustle CRM

Track clients, jobs, and payment status. Ask unpaid-only questions in chat for faster follow-up.

Family and Home Log

Keep searchable records for household tasks, service history, maintenance, and important notes.

Maintenance and Service Tracking

Store equipment or vehicle updates with date and cost fields, then retrieve history quickly.

Tutoring and Coaching Records

Capture sessions, follow-ups, and payments in one place with plain-language updates.

Current Boundaries (What We Are Not Claiming)

To keep this paper accurate, here is what ChatData Sync does not claim in this beta stage:

Full multi-user collaboration workspace per project
Role-based access matrix with granular team roles
Publicly documented usage-meter billing enforcement by per-action quota beyond the two limits noted in the README (trackers per account and assistant actions per month)
Complex analytics query engine for arbitrary aggregations
Automatic schema rollback or version-branch management

This paper does not present SLA guarantees.

Security FAQ

Who can read or write my records? The signed-in owner of the account, plus tools using that project's security token. No one else.
Can I rotate the security token? Yes, at any time from the Settings tab.
How does the platform handle suspicious prompt attempts? AI routes include prompt-injection detection heuristics and can reject unsafe control directives.
Does the platform limit abusive requests? Yes. Payload limits and per-route rate limits are enforced.
Is this product in beta? Yes. Core workflows are active; we continue improving reliability and user experience.

How We Keep These Promises

This white paper is tied to checks that run on the deployed product, not just the documentation:

The release pipeline enforces a required-secret contract before a build is allowed to ship.
A live release smoke job runs the core user path (describe a tracker, generate it, list unpaid records, list completed jobs) against staging before each release.
The OpenAPI contract is published at /api/openapi.json and is verified against the actual deployed routes by automated tests.
Health endpoints respond on the deployed environment so any third party can spot-check liveness at /api/health/live, /api/health/ready, and /api/health.

If any of these checks fail, the affected change does not ship. If a published claim ever drifts from the deployed product, we treat the claim as the bug and correct the white paper.

Who It Is For

Best for everyday users, solo operators, side-hustle businesses, and teams validating a structured chat-based workflow before larger custom builds.

Start Here

Create an account.
Describe your workflow.
Generate and review the schema.
Connect your chatbot tool with the connection URL and security token.
Run a first write test and a first read test.
Evolve your tracker as your workflow grows.