Privacy Policy for LedgraPoint

1. Introduction

LedgraPoint (“we”, “our”, “us”) provides digital tools for bookkeeping and ledger management. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information. It also includes GDPR and Cookie Policy disclosures for users in the EEA/UK and describes alignment with Canadian privacy requirements (e.g., PIPEDA and applicable provincial laws).

2. Data Controller and Contact

The data controller is LedgraPoint. For questions or requests related to privacy, contact privacy@ledgrapoint.com.

3. Information We Collect

  • Account details: name, email address, password, and optional organization or role.
  • Workspace content: bookkeeping records, ledgers, receipts, statements, and related metadata uploaded by you.
  • Usage data: settings, preferences, feature interactions, timestamps, and event logs.
  • Support data: messages and attachments you submit to our help channels.
  • Technical data: IP address, device identifiers, browser type, pages viewed, and diagnostics.

4. Purposes of Processing and Legal Bases (GDPR/UK GDPR)

  • Provide the service (contract): account creation, authentication, and core functionality.
  • Legitimate interests: platform security, reliability, product improvement, and aggregated analytics that respect your rights.
  • Consent: certain cookies or similar technologies where required; you may withdraw consent at any time.
  • Legal obligations: meeting applicable regulatory and record-keeping duties.

5. How We Use Personal Information

  • Operate and maintain the platform and its features.
  • Host, process, and store documents you upload at your direction.
  • Generate summaries and exports you request within your workspace.
  • Provide user support, service notices, and administrative communications.
  • Monitor, prevent, and address security incidents or misuse.

6. Retention

We retain information as long as necessary to provide services, comply with legal requirements, resolve disputes, and enforce agreements. You may request deletion of specific records or your account; residual backups may persist for a limited period consistent with our backup policy.

7. Sharing and Service Providers

  • We engage vetted providers for hosting, infrastructure, analytics, customer support, and security.
  • Providers process data solely under our instructions and are bound by confidentiality obligations.
  • We do not sell personal information.

8. International Transfers

Where data is transferred outside your jurisdiction, we rely on appropriate safeguards (e.g., Standard Contractual Clauses under the GDPR or comparable mechanisms) to protect your information in accordance with applicable law.

9. Security

We apply administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, alteration, and loss. No method of transmission or storage is entirely risk-free; we periodically assess and improve our measures.

10. Your Rights

  • Access and correction: request a copy of your data and corrections to inaccurate information.
  • Deletion: request deletion of certain data, subject to legal exceptions.
  • Restriction and objection (GDPR): request limits on processing where applicable.
  • Portability (GDPR): receive certain data in a commonly used, machine-readable format.
  • Consent withdrawal: change cookie/analytics choices at any time.
  • Complaint: contact a privacy regulator (e.g., Office of the Privacy Commissioner of Canada) or your local authority.

11. Cookie Policy

Cookies are small files saved on your device to support functionality and improve your experience.

  • Essential: login, session continuity, and core features.
  • Preferences: language, layout, and interface choices.
  • Analytics: aggregated insights that help us enhance usability.

Consent: Where required, a banner allows you to accept, reject, or manage categories. Adjust settings anytime via the cookie preferences link in the footer. Disabling certain cookies may limit functionality.

12. Children’s Privacy

The service is intended for professional use and is not directed to children. If a minor’s data has been provided, contact us for removal.

13. Changes to this Policy

We may update this Policy to reflect operational, legal, or regulatory changes. We will post the revised version with an updated “Effective date.”

14. Contact

Privacy inquiries and rights requests: privacy@ledgrapoint.com.