This Privacy Policy describes how LedgerStack("we," "us") collects, uses, and shares information when you use LedgerStack at https://ledgerstack.org(the "Service").
Information we collect
Account information: email address, name, role (admin, worker, or client), organization name, and authentication credentials managed through our auth provider.
Project and job data: client names, property addresses, per-project job workflow stages (custom labels you configure), job status, schedules, messages, internal notes, and files you upload (photos, PDFs, videos, and related metadata).
Payment information: subscription and billing details are processed by Stripe. We do not store full payment card numbers on our servers.
Technical data: IP address, browser type, device information, and logs from our hosting and security systems.
AI chat messages: when you use project AI chat, the messages you send in that session (and recent turns in the same conversation) are transmitted for processing. We do not store project AI chat as a permanent message history in your account.
E-signatures: when an admin requests a client signature on Professional or Enterprise plans, we send the document (or a copy) to SignWell, record signature-request status in our database, and store the completed signed PDF in your project files. SignWell may process signer name, email, IP address, timestamps, and audit-trail data according to its own privacy policy.
How we use information
- Provide and operate the Service (accounts, projects, messaging, client sharing).
- Process subscriptions and send transactional emails (verification, invites, account notices).
- Run AI-assisted features you request (summaries, categorization, timelines, and project-scoped chat) on your uploaded content and project data.
- Run automatic backups and data retention according to your organization settings and this Policy.
- Improve reliability, security, and support.
- Comply with law and enforce our Terms.
- Enforce plan limits after subscription changes while preserving data (for example, read-only admin access when over project limits, or blocking worker access when over staff limits).
- Track monthly AI summary usage per organization against your plan cap.
Subscription plans and usage limits
Your organization's plan determines feature access and numeric limits. Current tiers:
- Trial (7 days, card required) — 1 staff users (admin only; no worker or client accounts), 2 active projects, 10 AI summaries and Project AI chat replies per calendar month (shared pool), images/PDF uploads only; no exports, client portal, e-signatures, calendar, or team chat.
- Starter ($20/month) — 1 staff users (admin only; no worker or client accounts), 10 active projects, 25 AI summaries and Project AI chat replies per calendar month (shared pool), standard PDF export, automatic backups (5 retained); no client portal or e-signatures.
- Professional ($70/month) — up to 15 staff users, 25 active projects, 50 AI summaries and Project AI chat replies per calendar month (shared pool), client portal, client e-signatures (SignWell), calendar, internal notes, team messages, job packet exports, analytics, automatic backups (15 retained).
- Enterprise ($150/month) — Unlimited staff users, Unlimited active projects, unlimited AI summaries and Project AI chat replies per calendar month, client portal, client e-signatures (SignWell), advanced analytics, automatic backups (30 retained), priority support.
AI-assisted summaries and timelines count against your monthly organization limit (10 on Trial, 25 on Starter, 50 on Professional, unlimited on Enterprise). Usage resets each calendar month and does not roll over.
How we share information
We share information only as needed to run the Service:
- Service providers: Supabase (database, auth, storage), Stripe (payments), Groq (AI text and vision processing), SignWell (electronic signatures on eligible plans), Resend or similar (email), and cloud hosting.
- Your organization: admins, assigned workers, and clients you grant access to — clients only see files you explicitly share.
- Legal requirements: when required by law or to protect rights, safety, and security.
We do not sell your personal information.
Electronic signatures
Client e-signatures on Professional and Enterprise plans are provided through SignWell, a third-party e-signature service. When you request a signature, LedgerStack transmits the selected file and recipient details to SignWell, displays SignWell's embedded signing experience to the client, and saves the completed document in your project under Signed documents.
Signature-request records (status, client email, source file, signed file path, and related metadata) are stored in LedgerStack. SignWell maintains its own audit trail for signed documents. We send transactional emails and in-app notifications when signatures are requested or completed.
You are responsible for choosing appropriate documents to sign, verifying client identity (correct email and access), and determining whether electronic signatures meet your legal or contractual requirements. SignWell test-mode documents may be watermarked and not legally binding.
AI processing
When you use AI features, document content and relevant project context may be sent to third-party AI providers (including Groq) to generate summaries, timelines, classifications, or project chat replies. Output may be inaccurate. You are responsible for reviewing AI results before relying on them or sharing them with clients.
Project AI chat sends your question, recent conversation turns, and selected project data (such as job status, notes, and document excerpts) for a single reply. Chat messages are processed in real time and are not saved as a permanent chat log in the Service. Replies may include citations to project files; clicking a citation only navigates within your project.
Each organization has a monthly cap on AI summary generation based on its subscription tier (see Subscription plans and usage limits above). Project AI chat replies count toward that same monthly cap. When the cap is reached, further AI generation (including chat) is blocked until the next calendar month or until you upgrade.
Data retention and deletion
We apply automated retention to project data in the Service. You are responsible for exporting or downloading records you need before retention runs. Retention does not replace your own record-keeping obligations.
Completed projects:when all jobs on a project reach the final completed stage in that project's workflow, the project — including uploaded files, project messages, and related project data — is automatically deleted after 7 days unless the status is changed before then.
Inactive projects: projects that are not in the completed stage and have no qualifying activity for 12 months are automatically deleted.
Organization backups: if your plan includes backups, we may store ZIP copies of projects in secure cloud storage (on a schedule, when a job is completed, or when you run a manual backup). We retain up to a plan-based number of completed backups per organization (5 on Starter, 15 on Professional, 30 on Enterprise); older backups are removed automatically. Organization admins may delete individual backups in billing settings to free space. Backup ZIPs may still exist for a deleted project until pruned or removed. Backups are not a guarantee of recovery.
Plan downgrade safeguards: if your organization downgrades and exceeds lower-tier limits, we may restrict actions (such as creating projects or worker project access) until limits are satisfied. These restrictions are access controls only; we do not automatically delete project files, projects, or worker accounts solely due to downgrade overages.
Account and organization deletion: we do not offer self-service deletion of an entire account or organization in the app. To request deletion of your account and associated organization data, email support@ledgerstack.org from the address on the account. We will verify ownership before processing. Some information may remain in backups, logs, or payment records for a limited period as described above or as required by law.
If you revoke client access or delete content, copies already downloaded by a client or stored outside the Service may remain outside our control.
Security
We use reasonable technical and organizational measures to protect data. No method of transmission or storage is completely secure. You are responsible for safeguarding your login credentials and controlling who you invite to your organization.
Your choices
- Access and update profile information in account settings.
- Organization admins: configure per-project workflow stages, client access, worker access, and default worker permissions (including AI project chat) in organization settings.
- Organization admins: enable, schedule, download, or remove organization backups in billing settings.
- Control client access and shared files per project.
- Change subscription tier using Upgrade or Downgrade in Billing (Stripe plan-change flow).
- End subscription renewal at period end using End subscription in Billing.
- Update payment methods and view invoices using Manage card & invoices (Stripe billing portal).
- Contact us to request access, correction, or account deletion where applicable.
Children
The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.
International users
If you access the Service from outside the United States, your information may be processed in the United States or other countries where our providers operate.
If you are in the European Economic Area, United Kingdom, or California, you may have additional rights (access, deletion, opt-out of certain sharing). Contact support@ledgerstack.org to exercise those rights.
Changes
We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date.
Contact
Email: support@ledgerstack.org
