LedgerFlow

Privacy

Effective June 28, 2026

The short version

We store the data your firm needs to do bookkeeping: clients, transactions, your suggestions and decisions, client answers, receipts. We don't sell it, we don't share it, and you can export or delete it at any time.

What we collect

  • Account: email, name, firm name, sign-in metadata.
  • Bookkeeping data you import or sync: transactions, accounts, vendors, receipts.
  • Your firm's interactions: suggestions, approvals, sent requests, sign-offs, audit trail.
  • Service logs needed to keep the product running (rate limits, errors).

What we don't collect

  • Bank login credentials.
  • Personal browsing across the web.
  • Information about your clients beyond what you upload or sync.

Lawful basis (GDPR / UK GDPR)

  • Contract — running the service you signed up for.
  • Legitimate interests — securing the product, preventing abuse, basic product analytics.
  • Consent — non-essential email (e.g. product updates), which you can withdraw at any time.
  • Legal obligation — tax and accounting record retention.

Your rights

You can request access, correction, export, restriction, or deletion of your personal data. Email privacy@ledgerflow.app from the address on your account and we will respond within 30 days. EU/UK residents can complain to their supervisory authority; India residents can contact us as Data Fiduciary under the DPDP Act, 2023.

Retention

Active firm data is retained while your account is open. After you delete a firm, we remove personal data within 30 days from primary systems and within 90 days from encrypted backups. Audit and security logs are kept up to 12 months.

International transfers

Data is hosted in regions provided by our infrastructure partners. Where transfers leave your region, we rely on Standard Contractual Clauses or equivalent safeguards.

Children

The service is not directed to anyone under 18 and we do not knowingly collect data from minors.

Security

TLS in transit, AES-256 at rest, tenant isolation enforced by database row-level security, least-privilege access for staff, audit logging, idle-session timeout, and breached-password protection at sign-up. See our security page.

Cookies

Strictly necessary only — session, banner choice, UI preferences. Full breakdown on our cookie policy.

Changes

Material changes will be announced in-product and by email at least 14 days before they take effect.

How AI is used

We send transaction descriptions, vendor names, and amounts to our AI provider to suggest categorizations. We don't send your account email, your client's contact info, or attachments. Suggestions are cached so we don't re-prompt for the same vendor.

Sub-processors

We use Lovable Cloud for hosting, authentication, and data storage; the Lovable AI Gateway for categorization; and Resend (only if you opt in) for emails.

Your controls

Owners can export everything as JSON/CSV, remove individual clients, or delete the entire firm from Settings.

Contact

Questions? Email privacy@ledgerflow.app.