Privacy Policy

Account information: email address, name, role (admin, worker, or client), organization name, and authentication credentials managed through our auth provider.

Project and job data: client names, property addresses, per-project job workflow stages (custom labels you configure), job status, schedules, messages, internal notes, and files you upload (photos, PDFs, videos, and related metadata).

Payment information: subscription and billing details are processed by Stripe. We do not store full payment card numbers on our servers.

Technical data: IP address, browser type, device information, and logs from our hosting and security systems.

• Provide and operate the Service (accounts, projects, messaging, client sharing).
• Process subscriptions and send transactional emails (verification, invites, account notices).
• Run AI-assisted features you request (summaries, categorization, timelines) on your uploaded content.
• Run automatic backups and data retention according to your organization settings and this Policy.
• Improve reliability, security, and support.
• Comply with law and enforce our Terms.

We share information only as needed to run the Service:

• Service providers: Supabase (database, auth, storage), Stripe (payments), Resend or similar (email), and cloud hosting.
• Your organization: admins, assigned workers, and clients you grant access to — clients only see files you explicitly share.
• Legal requirements: when required by law or to protect rights, safety, and security.

We do not sell your personal information.

When you use AI features, document content may be sent to third-party AI providers to generate summaries or classifications. Output may be inaccurate. You are responsible for reviewing AI results before relying on them.

We apply automated retention to project data in the Service. You are responsible for exporting or downloading records you need before retention runs. Retention does not replace your own record-keeping obligations.

Completed projects:when all jobs on a project reach the final completed stage in that project's workflow, the project — including uploaded files, project messages, and related project data — is automatically deleted after 7 days unless the status is changed before then.

Inactive projects: projects that are not in the completed stage and have no qualifying activity for 12 months are automatically deleted.

Organization backups: if your plan includes backups, we may store ZIP copies of projects in secure cloud storage (on a schedule, when a job is completed, or when you run a manual backup). We retain up to a plan-based number of completed backups per organization (5 on Starter, 15 on Professional, 30 on Enterprise); older backups are removed automatically. Organization admins may delete individual backups in billing settings to free space. Backup ZIPs may still exist for a deleted project until pruned or removed. Backups are not a guarantee of recovery.

Account and organization deletion: we do not offer self-service deletion of an entire account or organization in the app. To request deletion of your account and associated organization data, email support@ledgerstack.org from the address on the account. We will verify ownership before processing. Some information may remain in backups, logs, or payment records for a limited period as described above or as required by law.

If you revoke client access or delete content, copies already downloaded by a client or stored outside the Service may remain outside our control.

We use reasonable technical and organizational measures to protect data. No method of transmission or storage is completely secure. You are responsible for safeguarding your login credentials and controlling who you invite to your organization.

• Access and update profile information in account settings.
• Organization admins: configure per-project workflow stages, client access, worker access, and default worker permissions in organization settings.
• Organization admins: enable, schedule, download, or remove organization backups in billing settings.
• Control client access and shared files per project.
• Cancel your subscription through billing settings or the Stripe customer portal.
• Contact us to request access, correction, or account deletion where applicable.

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you access the Service from outside the United States, your information may be processed in the United States or other countries where our providers operate.

If you are in the European Economic Area, United Kingdom, or California, you may have additional rights (access, deletion, opt-out of certain sharing). Contact support@ledgerstack.org to exercise those rights.

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date.

Email: support@ledgerstack.org