Ledge It All - Privacy Policy

Last updated July 11, 2025

This Privacy Notice for Ledge It All ("we", "us", or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:

  • Download and use our mobile application (Ledge It All), or any other application of ours that links to this Privacy Notice
  • Use Ledge It All to monitor your spending, track expenses, split bills, manage budgets, and organize trips, including through automated email processing and social features
  • Engage with us in other related ways, including any sales, marketing, or events

Seamlessly monitor your spending with our intelligent expense tracker that puts you in control. Unlike other apps that demand full access to your personal communications, you choose exactly which transaction emails to share. Whether you're manually logging expenses or using our smart automation across multiple email accounts, staying on top of your finances has never been easier.

We are responsible for making decisions about how your personal information is processed.

Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at support@ledgeitall.com.

SUMMARY OF KEY POINTS

This summary provides key points from our Privacy Notice, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

  • What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. Learn more about personal information you disclose to us.
  • Do we process any sensitive personal information? Some of the information may be considered 'special' or 'sensitive' in certain jurisdictions, for example your racial or ethnic origins, sexual orientation, and religious beliefs. We may process sensitive personal information when necessary with your consent or as otherwise permitted by applicable law. Learn more about sensitive information we process.
  • Do we collect any information from third parties? We do not collect any information from third parties.
  • How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information.
  • In what situations and with which parties do we share personal information? We may share information in specific situations and with specific third parties. Learn more about when and with whom we share your personal information.
  • How do we keep your information safe? We have adequate organisational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Learn more about how we keep your information safe.
  • What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. Learn more about your privacy rights.
  • How do you exercise your rights? The easiest way to exercise your rights is by submitting a data subject access request, or by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.
  • Want to learn more about what we do with any information we collect? Review the Privacy Notice in full.

TABLE OF CONTENTS

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us

In Short: We collect personal information that you provide to us, as well as information automatically collected through your use of our Services and integrations. The types of information we collect include, but are not limited to, the following:

Personal Information Provided by You

  • Name (required, max 30 characters, letters and spaces only)
  • Email address (primary identifier, used for authentication and communication)
  • Date of Birth (required, must be 12-100 years old)
  • Timezone (currently fixed to IST - Indian Standard Time)
  • Currency preference (currently fixed to INR - Indian Rupees)
  • Device ID (unique UUID generated per device)
  • App version (for compatibility tracking)
  • Authentication Data:
    • Access tokens (JWT tokens for API authentication)
    • Refresh tokens (for token renewal)
    • Token expiration timestamps
    • OTP verification codes (temporary, for email verification)
  • Device & Technical Data:
    • Device type (Android/iOS/Web)
    • Device information (OS version, API level, hardware model)
    • App version and build numbers
    • Firebase Cloud Messaging (FCM) tokens (for push notifications)
    • Notification permission status
    • App lifecycle state tracking
    • IP address and network information
  • Account Settings:
    • Ads preferences
    • App version tracking

Financial Data

  • Transaction Data:
    • Transaction ID (unique identifier)
    • Description (transaction details)
    • Amount (with currency)
    • Date and time
    • Category (predefined expense/income categories)
    • Account information (bank/account name)
    • Transaction type (transfer, expense, income)
    • Notes (user-added comments)
    • Location data (if available)
    • Tags (user-defined labels)
    • Split information (for shared expenses)
    • Group ID (for group transactions)
    • Sync status (local vs server)
  • Bank Integration Data:
    • Registered email addresses (for bank transaction forwarding)
    • Bank filter preferences (which transaction types to track)
    • Bank sender email addresses
    • Key phrases for transaction identification
    • OAuth tokens (for Gmail access)
    • Email forwarding setup status
  • Budget Data:
    • Budget categories (predefined expense categories)
    • Budget amounts (weekly/monthly limits)
    • Budget type (weekly or monthly)
    • Budget tracking status
  • Social/Group Data:
    • Friend information (name, email, user ID)
    • Group data (group name, member emails)
    • Friend requests (sent and received)
    • Trip data (for expense splitting during trips)
    • Split configurations (how expenses are divided)

Email & OAuth Data

  • Gmail Integration: OAuth tokens (access & refresh), Gmail filters, watch subscriptions
  • Email Processing: Bank transaction emails, forwarding setup emails, approval emails
  • Email Metadata: Sender addresses, subjects, timestamps, message IDs, history IDs

Usage Data

  • Log and usage data (service-related, diagnostic, usage, and performance information)
  • Device event information (system activity, error reports, crash dumps, hardware settings)
  • Information about your activity in the Services (date/time stamps, pages/files viewed, searches, features used)

Other Data

  • Ad unit IDs (banner and rewarded ads)
  • Ad confirmation tracking
  • Notification tokens
  • Preferences and settings
  • Device info collection (for bug reports)
  • URL launcher (for external links)
  • Email services (for bug reporting)

Information Automatically Collected

Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

Cookies and Similar Technologies

Like many businesses, we also collect information through cookies and similar technologies. The information we collect includes:

  • Log and Usage Data
  • Device Data
  • Google API Data (see below)

Google API

Our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Table: Categories of Personal Information Collected (US State Law)

CategoryExamplesCollected
A. IdentifiersContact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account nameYes
B. Personal information as defined in the California Customer Records statuteName, contact information, education, employment, employment history, and financial informationYes
C. Protected classification characteristics under state or federal lawGender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic dataYes
D. Commercial informationTransaction information, purchase history, financial details, and payment informationYes
E. Biometric informationFingerprints and voiceprintsNo
F. Internet or other similar network activityBrowsing history, search history, online behaviour, interest data, and interactions with our and other websites, applications, systems, and advertisementsNo
G. Geolocation dataDevice locationNo
H. Audio, electronic, sensory, or similar informationImages and audio, video or call recordings created in connection with our business activitiesNo
I. Professional or employment-related informationBusiness contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with usNo
J. Education InformationStudent records and directory informationNo
K. Inferences drawn from collected personal informationInferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristicsYes
L. Sensitive personal InformationAccount login informationYes

We may also collect other personal information outside of these categories through instances where you interact with us in person, online, or by phone or mail in the context of receiving help through our customer support channels, participation in customer surveys or contests, and facilitation in the delivery of our Services and to respond to your inquiries.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

Purposes for Processing Your Information

  • To facilitate account creation and authentication and otherwise manage user accounts. We process your information so you can create and log in to your account, as well as keep your account in working order.
  • To deliver and facilitate delivery of services to the user. We process your information to provide you with the requested service, including financial tracking, expense categorization, budgeting, and social/group features.
  • To respond to user inquiries/offer support to users. We process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
  • To send administrative information to you. We process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
  • To request feedback. We process your information when necessary to request feedback and to contact you about your use of our Services.
  • To send you marketing and promotional communications. We process the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time.
  • To deliver targeted advertising to you. We process your information to develop and display personalised content and advertising tailored to your interests, location, and more.
  • To protect our Services. We process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
  • To identify usage trends. We process information about how you use our Services to better understand how they are being used so we can improve them.
  • To save or protect an individual's vital interest. We process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.

Automated and Manual Data Processing Activities

  • Automated Email Processing: Parsing and extracting transaction data from bank emails using AI/ML and rule-based systems.
  • Transaction Categorization: Automated and manual categorization of expenses and income, including time-based and AI-powered categorization.
  • Data Synchronization: Syncing data between local device storage and our servers to ensure consistency and backup.
  • Real-time Notifications: Sending push notifications (via FCM) and email notifications for transaction alerts, budget status, friend/group activity, and trip updates.
  • Background Data Refresh: Refreshing data in the background when the app resumes or at scheduled intervals.
  • Analytics & Reporting: Generating category summaries, budget tracking, balance calculations, transaction history, and group expense summaries for user insights.
  • Automated Email Actions: Setting up Gmail filters, forwarding rules, and webhook subscriptions for real-time email notifications and processing.
  • AI/ML Processing: Using large language models (LLMs) and machine learning for transaction extraction, merchant/category identification, and spending pattern analysis.
  • Security and Fraud Prevention: Monitoring for suspicious activity, enforcing authentication, and protecting user data with encryption and secure protocols.

User-Initiated Actions

  • Manual transaction entry, editing, and deletion
  • Category assignment and budget management
  • Friend and group management (sending/accepting/declining requests, creating groups, adding/removing members)
  • Expense splitting calculations and trip expense tracking
  • Exporting data and managing notification/ad preferences
  • Account deletion and data access requests

Third-Party Integrations and Data Sharing

  • Google Services: Gmail OAuth, Gmail forwarding setup, Google Cloud Platform for authentication
  • Firebase Services: Push notifications, app initialization, local notifications
  • Advertising: Google Mobile Ads (AdMob), App Tracking Transparency (iOS), ad unit IDs, ad confirmation tracking
  • Cloud Services: AWS S3 (email storage), AWS SQS (message queuing), AWS Lambda (serverless automation)
  • Communication Services: SendGrid (email delivery), Redis (caching/session management)
  • AI/ML Services: LLM integration for transaction extraction and categorization
  • Other: Device info collection for bug reports, URL launcher for external links, email services for bug reporting

Legal and Compliance Processing

  • Complying with legal obligations, financial data regulations, and local/international privacy laws
  • Enforcing age restrictions and geographic limitations
  • Maintaining audit logs and access controls for data protection

We process your information only when we have a valid legal reason to do so, as described in the next section.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following third parties.

Situations in Which We May Share Your Personal Information

  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Notice. Affiliates include our parent company and any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
  • Offer Wall: Our application(s) may display a third-party hosted 'offer wall'. Such an offer wall allows third-party advertisers to offer virtual currency, gifts, or other items to users in return for the acceptance and completion of an advertisement offer. When you click on an offer wall, you will be brought to an external website belonging to other persons and will leave our application(s). A unique identifier, such as your user ID, will be shared with the offer wall provider in order to prevent fraud and properly credit your account with the relevant reward.
  • Legal Requirements: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
  • Protection of Rights: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

Third-Party Service Providers and Integrations

  • Google Services: Gmail API (email access, filtering, forwarding), Google OAuth 2.0 (authentication and authorization), Google Pub/Sub (real-time email notifications), Google Cloud Platform (OAuth authentication)
  • Firebase Services: Firebase Core (app initialization), Firebase Cloud Messaging (push notifications), local notifications
  • Cloud Services: AWS S3 (email storage and retrieval), AWS SQS (message queuing for email processing), AWS Lambda (serverless email forwarding automation)
  • Communication Services: SendGrid (email delivery service), Redis (caching and session management)
  • AI/ML Services: LLM integration (transaction extraction from emails, categorization), time-based categorization (historical pattern analysis)
  • Advertising: Google Mobile Ads (AdMob integration), App Tracking Transparency (iOS tracking permission), ad unit IDs, ad confirmation tracking
  • Other: Device info collection (for bug reports), URL launcher (for external links), email services (for bug reporting)

Social and Group Data Sharing

  • Friends and Groups: When you use social features, such as splitting expenses, creating groups, or sharing transactions, your information (such as name, email, transaction details, group membership, and split configurations) may be shared with other users you interact with, such as friends, group members, or trip participants.
  • Expense Splitting: When you split expenses with friends or groups, relevant transaction and split information is shared with the involved parties to facilitate accurate record-keeping and notifications.
  • Trip Management: When you participate in group trips, trip-related expenses, splits, and updates may be shared with all trip members.

Other Sharing Scenarios

  • Service Providers: We may share your information with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include payment processing, data analysis, email delivery, hosting services, customer service, and marketing efforts. We may allow selected third parties to use tracking technology on the Services, which will enable them to collect data about how you interact with the Services over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content, pages, or features, and better understand online activity.
  • With Your Consent: We may disclose your personal information for any other purpose with your consent.

Data Sharing and Retention Practices

  • We only share your personal information with third parties as described in this Privacy Notice and as required to provide our Services.
  • We do not sell or rent your personal information to third parties for their marketing purposes.
  • We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

For more information about your rights and how to exercise them, see the "WHAT ARE YOUR PRIVACY RIGHTS?" section below.

5. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

In Short: We are not responsible for the safety of any information that you share with third parties that we may link to or who advertise on our Services, but are not affiliated with, our Services.

The Services, including our offer wall, may link to third-party websites, online services, or mobile applications and/or contain advertisements from third parties that are not affiliated with us and which may link to other websites, services, or applications. Accordingly, we do not make any guarantee regarding any such third parties, and we will not be liable for any loss or damage caused by the use of such third-party websites, services, or applications. The inclusion of a link towards a third-party website, service, or application does not imply an endorsement by us. We cannot guarantee the safety and privacy of data you provide to any third-party websites. Any data collected by third parties is not covered by this Privacy Notice. We are not responsible for the content or privacy and security practices and policies of any third parties, including other websites, services, or applications that may be linked to or from the Services. You should review the policies of such third parties and contact them directly to respond to your questions.

This includes, but is not limited to, integrations with Google, Firebase, AWS, SendGrid, AdMob, and any other external services or links provided through our app. When you interact with these third-party services, their own privacy policies and terms of service will apply.

6. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.

We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders (depending on your communication preferences). The third parties and service providers use their technology to provide advertising about products and services tailored to your interests which may appear either on our Services or on other websites.

To the extent these online tracking technologies are deemed to be a 'sale'/'sharing' (which includes targeted advertising, as defined under the applicable laws) under applicable US state laws, you can opt out of these online tracking technologies by submitting a request as described below under section 'DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?'

Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice (if available).

Examples of Tracking Technologies Used

  • Cookies (session and persistent)
  • Web beacons and pixels
  • Google Analytics and Firebase Analytics
  • AdMob and other advertising SDKs
  • Crash reporting and bug tracking tools
  • Push notification tokens (FCM)

Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. You may also opt out of interest-based advertising by advertisers on our Services.

7. DO WE OFFER ARTIFICIAL INTELLIGENCE-BASED PRODUCTS?

In Short: We offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies.

As part of our Services, we offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies (collectively, "AI Products"). These tools are designed to enhance your experience and provide you with innovative solutions. The terms in this Privacy Notice govern your use of the AI Products within our Services.

Use of AI Technologies

We provide the AI Products through third-party service providers ("AI Service Providers"), including Amazon Web Services (AWS) AI and other LLM/ML providers. Your input, output, and personal information may be shared with and processed by these AI Service Providers to enable your use of our AI Products for purposes outlined in this Privacy Notice. You must not use the AI Products in any way that violates the terms or policies of any AI Service Provider.

Our AI Products

  • Automated transaction extraction and categorization from bank emails (LLM-powered)
  • Time-based categorization using historical patterns and machine learning
  • Spending analytics and budget projections
  • Text analysis and data extraction from emails and financial documents

How We Process Your Data Using AI

All personal information processed using our AI Products is handled in line with this Privacy Notice and our agreements with third parties. This ensures high security and safeguards your personal information throughout the process, giving you peace of mind about your data's safety. We do not use AI/ML for profiling or automated decision-making that produces legal or similarly significant effects without your explicit consent.

If you have questions about our use of AI/ML technologies, please contact us at support@ledgeitall.com.

8. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this Privacy Notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us keeping your personal information for longer than three (3) months past the termination of the user's account, unless otherwise required by law or for legitimate business purposes.

Retention Periods by Data Type

  • User Accounts: Retained while your account is active. Upon account deletion, data is deleted or anonymized within 3 months unless otherwise required by law.
  • Transaction Data: Historical transaction data is maintained for as long as your account is active and for a limited period after deletion for compliance, fraud prevention, and legitimate business purposes.
  • Email Data: Processed emails are stored in AWS S3 and retained as long as necessary for transaction processing, compliance, and user support.
  • OAuth Tokens: Stored with refresh capabilities until revoked, expired, or the user deletes their account.
  • FCM Tokens: Retained for notification delivery while the app is installed and notifications are enabled.
  • Analytics and Usage Data: Retained for as long as necessary to analyze and improve the Services, or as required by law.
  • Social/Group Data: Friend, group, and trip data is retained while your account is active and for a limited period after deletion for compliance and fraud prevention.
  • Bug Reports and Device Info: Retained as long as necessary for troubleshooting and support.

Data Deletion and Anonymization

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Legal and Regulatory Requirements

We may retain certain information as required by law, such as for tax, accounting, anti-fraud, or other legal obligations. In such cases, your information will be retained only as long as necessary to fulfill those obligations.

If you have questions about our data retention practices, please contact us at support@ledgeitall.com.

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. These measures include, but are not limited to:

  • Encryption: Data is encrypted in transit (HTTPS) and at rest (where supported) to protect sensitive information.
  • Authentication: JWT-based authentication and secure token storage for all API and app access.
  • HTTPS Enforcement: All communications between your device and our servers are encrypted using HTTPS.
  • API Rate Limiting: Rate limiting is enforced to prevent abuse and protect against denial-of-service attacks.
  • Access Controls: Role-based access controls and user-based data access restrictions are in place to ensure only authorized personnel can access sensitive data.
  • Audit Logging: Data access and modification logs are maintained to monitor and review access to sensitive information.
  • Data Minimization: We only collect and retain the minimum amount of personal information necessary for the purposes described in this Privacy Notice.
  • Session Management: Automatic logout and token expiration to reduce the risk of unauthorized access.
  • Secure Storage: Sensitive data, such as tokens and credentials, are stored securely using industry best practices.
  • Regular Security Reviews: Our systems and processes are regularly reviewed and updated to address new security threats and vulnerabilities.

However, despite our safeguards and efforts to secure your information, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

User Responsibilities

You are responsible for maintaining the security of your account credentials and for any activity that occurs under your account. Please notify us immediately if you suspect any unauthorized access or use of your account.

10. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: Depending on your state of residence in the US or in some regions, such as the European Economic Area (EEA), United Kingdom (UK), Switzerland, and Canada, you have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your account at any time, depending on your country, province, or state of residence.

Your Rights

  • Right to Access: You have the right to request access to the personal information we collect from you and details about how we have processed it.
  • Right to Correction: You have the right to request correction of inaccurate or incomplete personal information.
  • Right to Deletion: You have the right to request deletion of your personal information, subject to certain exceptions (such as legal or regulatory requirements).
  • Right to Restrict Processing: You may request that we restrict the processing of your personal information in certain circumstances.
  • Right to Data Portability: You may request a copy of your personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: You may object to the processing of your personal information in certain circumstances, including for direct marketing purposes.
  • Right to Withdraw Consent: If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time.
  • Right to Opt Out of Marketing and Ads: You can unsubscribe from our marketing and promotional communications at any time by following the instructions in those communications or by contacting us. You may also opt out of interest-based advertising and notification preferences within the app.
  • Right to Manage Notifications: You may manage your notification preferences (including push notifications) within the app or device settings.
  • Right to Account Deletion: You may request to terminate your account at any time. Upon your request, we will deactivate or delete your account and information from our active databases, subject to legal retention requirements.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

How to Exercise Your Rights

You can make such a request by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below. We will consider and act upon any request in accordance with applicable data protection laws.

International Rights

  • EEA/UK/Switzerland: You have rights under the GDPR and UK GDPR, including the right to lodge a complaint with your local data protection authority.
  • Canada: You have rights under Canadian privacy laws, including the right to withdraw consent and to access/correct your information.
  • US States (e.g., California, Colorado, etc.): You have rights under state privacy laws, including the right to access, correct, delete, and opt out of certain processing. See the "DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?" section for more details.
  • Other Regions: You may have additional rights based on your country of residence. See the "DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?" section for more details.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can contact us using the contact information provided. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

Cookies and Similar Technologies

Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. You may also opt out of interest-based advertising by advertisers on our Services.

Questions or Comments

If you have questions or comments about your privacy rights, you may email us at support@ledgeitall.com.

11. CONTROLS FOR DO-NOT-TRACK FEATURES

In Short: Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Notice.

California law requires us to let you know how we respond to web browser DNT signals. Because there currently is not an industry or legal standard for recognising or honouring DNT signals, we do not respond to them at this time.

12. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you and how we have processed it, correct inaccuracies, get a copy of, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

Categories of Personal Information We Collect

We have collected the following categories of personal information in the past twelve (12) months:

CategoryExamplesCollected
A. IdentifiersContact details, such as real name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, Internet Protocol address, email address, and account nameYes
B. Personal information as defined in the California Customer Records statuteName, contact information, education, employment, employment history, and financial informationYes
C. Protected classification characteristics under state or federal lawGender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic dataYes
D. Commercial informationTransaction information, purchase history, financial details, and payment informationYes
E. Biometric informationFingerprints and voiceprintsNo
F. Internet or other similar network activityBrowsing history, search history, online behaviour, interest data, and interactions with our and other websites, applications, systems, and advertisementsNo
G. Geolocation dataDevice locationNo
H. Audio, electronic, sensory, or similar informationImages and audio, video or call recordings created in connection with our business activitiesNo
I. Professional or employment-related informationBusiness contact details in order to provide you our Services at a business level or job title, work history, and professional qualifications if you apply for a job with usNo
J. Education InformationStudent records and directory informationNo
K. Inferences drawn from collected personal informationInferences drawn from any of the collected personal information listed above to create a profile or summary about, for example, an individual’s preferences and characteristicsYes
L. Sensitive personal InformationAccount login informationYes

Your Rights

  • Right to know whether or not we are processing your personal data
  • Right to access your personal data
  • Right to correct inaccuracies in your personal data
  • Right to request the deletion of your personal data
  • Right to obtain a copy of the personal data you previously shared with us
  • Right to non-discrimination for exercising your rights
  • Right to opt out of the processing of your personal data if it is used for targeted advertising (or sharing as defined under California’s privacy law), the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects ("profiling")
  • Depending upon the state where you live, you may also have the following rights:
    • Right to access the categories of personal data being processed
    • Right to obtain a list of the categories of third parties to which we have disclosed personal data
    • Right to obtain a list of specific third parties to which we have disclosed personal data
    • Right to review, understand, question, and correct how personal data has been profiled
    • Right to limit use and disclosure of sensitive personal data
    • Right to opt out of the collection of sensitive data and personal data collected through the operation of a voice or facial recognition feature

How to Exercise Your Rights

To exercise these rights, you can contact us by submitting a data subject access request, by emailing us at support@ledgeitall.com, or by referring to the contact details at the bottom of this document.

Request Verification

Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes.

Appeals

Under certain US state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing us at support@ledgeitall.com. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to your state attorney general.

California 'Shine The Light' Law

California Civil Code Section 1798.83, also known as the 'Shine The Light' law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us by using the contact details provided in the section 'HOW CAN YOU CONTACT US ABOUT THIS NOTICE?'

Other Disclosures

  • We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We will not sell or share personal information in the future belonging to website visitors, users, and other consumers.
  • We may disclose your personal information with our service providers pursuant to a written contract between us and each service provider.
  • We may use your personal information for our own business purposes, such as for undertaking internal research for technological development and demonstration. This is not considered to be 'selling' of your personal information.

For more information about your rights and how to exercise them, see the "WHAT ARE YOUR PRIVACY RIGHTS?" section above.

13. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: You may have additional rights based on the country you reside in.

Australia and New Zealand

We collect and process your personal information under the obligations and conditions set by Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020 (Privacy Act).

This Privacy Notice satisfies the notice requirements defined in both Privacy Acts, in particular: what personal information we collect from you, from which sources, for which purposes, and other recipients of your personal information.

If you do not wish to provide the personal information necessary to fulfil their applicable purpose, it may affect our ability to provide our services, in particular:

  • Offer you the products or services that you want
  • Respond to or help with your requests
  • Manage your account with us
  • Confirm your identity and protect your account

At any time, you have the right to request access to or correction of your personal information. You can make such a request by contacting us by using the contact details provided in the section 'HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?'

If you believe we are unlawfully processing your personal information, you have the right to submit a complaint about a breach of the Australian Privacy Principles to the Office of the Australian Information Commissioner and a breach of New Zealand's Privacy Principles to the Office of New Zealand Privacy Commissioner.

Republic of South Africa

At any time, you have the right to request access to or correction of your personal information. You can make such a request by contacting us by using the contact details provided in the section 'HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?'

If you are unsatisfied with the manner in which we address any complaint with regard to our processing of personal information, you can contact the office of the regulator, the details of which are:

Other Regions

If you reside in a country or region not specifically mentioned above, you may have additional rights under your local laws. Please contact us for more information or to exercise your rights.

14. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes to this Privacy Notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

Your continued use of our Services after the posting of changes constitutes your acceptance of such changes. If you do not agree with the updated Privacy Notice, you should discontinue use of our Services.

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may email us at support@ledgeitall.com.

16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

In Short: You have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law.

How to Make a Request

You can make such a request by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" above.

We will respond to your request within a reasonable timeframe and in accordance with applicable data protection laws.