Privacy Policy

Last updated: March 16, 2026

Overview

Ledgly ("we", "our", "us") is a financial management platform for student organizations, fraternities, clubs, and similar groups. This policy describes how we collect, use, and protect your information.

Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored securely using bcrypt hashing).

Organization Data

When you use Ledgly, we store financial data you create including member records, charges, payments, and expenses. This data belongs to your organization and is only accessible to authorized members.

Gmail Integration (Optional)

If you connect Gmail, we access payment notification emails from Venmo, Zelle, Cash App, and PayPal to automatically import payment records. We only read emails from these specific senders — we do not read, store, or access any other emails in your inbox. OAuth tokens are stored securely and can be revoked at any time from Settings.

Bank Connection via Plaid (Optional)

If you connect a bank account, we use Plaid Inc. to securely access your transaction data. We only read transaction history to identify peer-to-peer payment transfers (Venmo, Zelle, Cash App, PayPal). We never initiate transactions, move funds, or access your bank credentials. Plaid's own privacy policy governs how they handle your banking credentials: plaid.com/legal.

How We Use Your Information

  • To provide and maintain the Ledgly service
  • To send transactional emails (payment reminders, verification, password resets)
  • To automatically import and match payment records from connected services
  • To generate financial reports and insights for your organization

We do not sell your data. We do not use your data for advertising. We do not share your data with third parties except as described below.

Third-Party Services

  • Plaid — Bank account connection and transaction data (optional)
  • Google — Gmail API for payment email import (optional)
  • Resend — Transactional email delivery
  • Anthropic — AI assistant functionality
  • Sentry — Error tracking and monitoring (no personal data)
  • Supabase/Railway — Database and application hosting

Data Security

  • All data is encrypted in transit using TLS 1.2+
  • Database is encrypted at rest
  • Passwords are hashed using bcrypt
  • Authentication uses JWT tokens with httpOnly cookies
  • Rate limiting protects against brute-force attacks
  • Role-based access control limits data visibility

Data Retention and Deletion

We retain your data for as long as your account is active. You can disconnect Gmail or bank connections at any time from Settings, which stops future data collection. Organization owners can delete their organization, which removes all associated data. To request complete account deletion, contact us at the email below.

Your Rights

You have the right to:

  • Access your data (available through the application)
  • Export your data (CSV export available)
  • Delete your data (contact us or delete your organization)
  • Revoke third-party access (disconnect Gmail/bank from Settings)

Children's Privacy

Ledgly is not intended for use by individuals under the age of 13.

Changes to This Policy

We may update this policy from time to time. We will notify users of material changes via email or in-app notification.

Contact

For privacy questions or data deletion requests, contact: awseer09@gmail.com