← Back home

Privacy Notice

Last updated: June 5, 2026

1. Who we are

Ledger.com ("we", "us", or "our") provides automated invoice processing and expense intelligence. We act as the data controller for the personal data we collect about you when you use the Service.

2. Personal data we collect

  • Account data — name, email address, login credentials.
  • Content — invoices, receipts, and other documents you upload, and the data we extract from them.
  • Support data — messages you send to support.
  • Usage and device data — telemetry, log data, device identifiers, and IP address.

3. Why we use it

  • To create and manage your account and provide the Service (contract performance).
  • To improve the Service, prevent fraud, and keep it secure (legitimate interests).
  • To respond to support requests and communicate with you about the Service (contract / legitimate interests).
  • To comply with legal obligations such as tax and accounting (legal obligation).
  • To send marketing communications where you have opted in (consent).

4. Who we share data with

  • Service providers who host and operate the Service (cloud infrastructure, analytics, support tooling) under contractual confidentiality obligations.
  • Paddle.com, our Merchant of Record, which processes payments, manages subscriptions, calculates and remits taxes, and issues invoices on our behalf.
  • Professional advisers such as legal and accounting professionals where needed.
  • Authorities where we are required to do so by law.

5. International transfers

Where we transfer personal data outside the UK or EEA, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses or an adequacy decision.

6. How long we keep data

We keep personal data only for as long as needed for the purposes described above, after which we delete or anonymise it. Account data is generally kept for the lifetime of your account plus a reasonable period to meet legal obligations.

7. Your rights

Depending on where you live, you may have rights to access, rectify, erase, restrict, or port your personal data, to object to certain processing, and to withdraw consent. You can also lodge a complaint with your local data protection authority. We will respond to verified requests within one month.

8. Security

We use appropriate technical and organisational measures, including encryption in transit and access controls, to protect your personal data.

9. Cookies

We use cookies and similar technologies that are strictly necessary to operate the Service (for example to keep you signed in). We do not set marketing cookies without your consent.

10. Contact

For privacy questions or to exercise your rights, contact us through the Service. See also our Terms & Conditions and Refund Policy.