Pricing Privacy Terms Log in
Legal

Privacy Policy

Last updated: April 3, 2026

1. What we collect

When you create an account, we collect your email address, display name, and a hashed version of your password. We never store plaintext passwords — all credentials are processed through Argon2id before touching storage.

When you use LedgerCore, we store the financial data you enter: customers, vendors, invoices, bills, payments, journal entries, chart of accounts, and organization settings. This data is scoped to your tenant and is never shared with other tenants.

2. How we use your data

Your financial data is used exclusively to provide the LedgerCore service to you. We do not mine, analyze, or monetize your accounting data. Period.

  • Operate and maintain the service
  • Authenticate your sessions and enforce access controls
  • Send transactional emails (team invitations, password resets)
  • Process receipt images through our AI scanning feature (images are sent to a third-party vision API and are not retained after processing)

3. Data isolation

LedgerCore enforces per-tenant data isolation at the application layer. Every database query is scoped to your organization's tenant ID. There is no mechanism in the application to access another tenant's data, and no administrative backdoor that bypasses this boundary.

4. Security measures

  • Encryption at rest: All data is encrypted using AES-256
  • Encryption in transit: All connections use TLS 1.3
  • Password hashing: Argon2id with recommended parameters
  • Two-factor authentication: TOTP with recovery codes, SHA-256 hashed before storage
  • Session management: 32-byte cryptographically random tokens with 24-hour TTL
  • Access controls: 24 granular permissions across 5 built-in roles

5. Third-party services

We use a limited number of third-party services:

  • Cloud hosting: For application and database infrastructure
  • SMTP provider: For transactional emails (invitations only)
  • AI vision API: For receipt scanning — images are processed in real time and not stored by the provider beyond the request lifecycle

We do not use analytics trackers, advertising pixels, or any form of behavioral monitoring on the application.

6. Data retention

Your financial data is retained for as long as your account is active. If you close your account, we will delete all associated data within 30 days. Backups containing your data are purged on a rolling 90-day cycle.

7. Your rights

You can, at any time:

  • Export all your data in CSV format
  • Update or correct your personal information
  • Delete your account and all associated data
  • Request a copy of all data we hold about you

8. Cookies

LedgerCore uses a single session cookie for authentication. We do not use tracking cookies, third-party cookies, or any form of cross-site tracking.

9. Children's privacy

LedgerCore is a business application not directed at individuals under 16. We do not knowingly collect data from minors.

10. Changes to this policy

We will notify you of material changes via the email address associated with your account at least 30 days before the changes take effect.

Contact

For privacy-related inquiries, email privacy@ledgercore.app.