Privacy Policy – Ledgermate
I. Introduction
Welcome to Ledgermate. This Privacy Policy explains how Ledgermate ("we," "us," or "our") collects, uses, and protects data when you use our online accounting software and white-label solutions. By using Ledgermate, you agree to the practices described here.
II. Roles and Responsibilities
- Direct Customers: For businesses using Ledgermate directly, we act as the Data Controller.
- White-Label / End-Users: For users accessing a branded version provided by a third party, that provider is the Data Controller and Ledgermate acts as the Data Processing Provider.
III. Information We Collect
| Category | Examples |
|---|---|
| Account Data | Name, email, business address, tax ID, billing information |
| Financial Data | Invoices, bank feeds, transaction history, payroll data |
| Technical Data | IP address, browser type, device information, usage logs |
| Integrations | Data from linked applications such as Stripe, PayPal, or Bank APIs |
IV. How We Use Your Data
We process financial data strictly to:
- Generate financial reports and automate bookkeeping.
- Maintain the security and integrity of the platform.
- Comply with global tax and accounting regulations (e.g., FTA, FBR, GAAP, IFRS).
- Provide customer support and troubleshoot technical issues.
Ledgermate does not sell customer financial records or personal information related to an individual or a company.
V. Data Sharing and White-Labeling
- Sub-processors: We share data with trusted infrastructure providers (such as cloud hosting and payment gateways). A complete list is available upon request.
- White-Label Customization: When using a white-label version, data is shared with the primary license holder (your service provider).
VI. Global Compliance & Data Transfers
- GDPR (EU/UK): We rely on Standard Contractual Clauses (SCCs) for transfers outside the EEA.
- Data Sovereignty: Users may request data localization where supported by our infrastructure.
- Your Rights: You may access, rectify, delete, or export (data portability) your data at any time.
VII. Security Measures
We employ a “Defense in Depth” security strategy, including:
- Encryption: AES-256 at rest and TLS 1.3 in transit.
- Access Control: Multi-factor authentication (MFA) and role-based access.
- Audits: Regular penetration testing and vulnerability assessments.
VIII. Specialized White-Label Clause
“Ledgermate provides a platform for third-party providers to offer accounting services. While we provide the technology, the white-label provider is responsible for their own privacy practices. We encourage you to review the specific privacy policy of the branded service you are using.”
IX. Next Steps
- Establish a Data Processing Agreement (DPA) for white-label clients.
- Implement a granular cookie consent banner for non-essential cookies.
- Add regional privacy annexes where required (e.g., LGPD, CPRA).