Privacy Policy
Last updated: April 2026 (10 April 2026)
Template pending legal review
This document is an engineering-prepared template published for transparency. It has not yet been reviewed by external legal counsel and should not be relied on as legal advice. It will be superseded by a lawyer-reviewed version before the Service accepts paid customers. If you are evaluating Ledger for a regulated use case, please contact us at [email protected] and we will share the most current draft.
1. Introduction — Who We Are
Ledger ("the Service") is operated by Jumpstone Technology Inc. ("we", "us", "our"), a company incorporated in the Province of Ontario, Canada. We are the data controller for personal information you provide to the Service.
This Privacy Policy explains what personal information we collect, why we collect it, who we share it with, how long we keep it, and the rights you have over it. It applies to the ledger.lk and ledgerpro.ai websites and the Ledger application.
2. Information We Collect
Account information
When you create an account we collect your name, email address, phone number, business name, country, and a hashed password. We need this to create your account and communicate with you.
Financial data you enter
The financial records you create in Ledger — transactions, invoices, receipts, customer and supplier records, chart of accounts, and bank feeds — are stored so we can provide the Service to you. We treat this data as confidential. We do not mine it for advertising, sell it, or use it to train machine learning models. Our staff only access this data if you explicitly request support that requires it, or in the rare case that we must investigate a security incident or comply with a lawful order.
Usage and device telemetry
We automatically record which pages you visit inside the app, which features you use, your device type, browser, approximate location derived from IP address, and the timestamps of requests. This helps us diagnose problems and improve the product.
Error logs
When something breaks, we capture a structured error report and send it to Sentry (our error-monitoring sub-processor). Error reports may include the URL you were on, the action you were taking, and a stack trace. We scrub these reports for obvious personal or financial data before they leave your browser, but you should assume that some contextual data may be included.
Cookies
We use a very small number of cookies, all of which are strictly necessary for the Service to function. See our Cookie Policy for the full list.
3. How We Use Your Information
We use your information to:
- Provide, operate, and maintain the Service
- Authenticate you and keep your account secure
- Process payments and manage your subscription
- Send transactional messages (security alerts, billing notices, changes to our terms)
- Respond to your support requests
- Diagnose bugs and improve the product
- Detect and prevent fraud, abuse, and security incidents
- Comply with legal, tax, and accounting obligations that apply to us or to you
We do not sell your personal information. We do not use your financial data for advertising, marketing, or model training.
4. Legal Basis for Processing
For users in jurisdictions that require a lawful basis for each processing activity (such as the EU/UK GDPR, and the Sri Lanka Personal Data Protection Act No. 9 of 2022), we rely on the following bases:
- Performance of a contract: most processing is required to deliver the Service under our Terms of Service (your contract with us).
- Legitimate interest: securing the Service, preventing fraud, debugging, and general product improvement, where that interest is not overridden by your rights.
- Consent: any optional marketing communications, and any non-essential cookies we may introduce in the future.
- Legal obligation: retention of financial and tax records, responding to lawful requests from regulators or courts.
5. Data Sharing and Sub-Processors
We share your data only with the third-party service providers ("sub-processors") strictly necessary to run the Service. We do not share your data with advertisers, data brokers, or any party not listed below.
| Provider | Purpose | Data shared |
|---|---|---|
| Cloudflare | Hosting, global edge network, DDoS and bot protection | All service data (stored and processed on Cloudflare Workers, D1, Durable Objects, R2, KV) |
| Stripe | Payment processing and subscription billing | Name, email, billing address, payment method (card data is handled directly by Stripe; we never see it) |
| SendGrid | Transactional email delivery | Email address, name, and the content of transactional emails |
| Sentry | Error monitoring | Error reports, browser and device information, stack traces |
| GitHub | Source hosting and issue tracking | Support tickets you file via GitHub, and any data you choose to include in them |
All sub-processors maintain SOC 2 Type II certification or an equivalent independently audited security standard. We maintain an up-to-date sub-processor register and will notify customers of material changes before they take effect.
6. Data Location
The Service runs on Cloudflare's global edge network. Your data is stored in Cloudflare storage primitives (D1, Durable Objects, R2) that may be replicated across Cloudflare data centres worldwide for availability and durability. This means data belonging to Sri Lankan, European, and other international customers may be processed outside their home jurisdiction.
For users in the EU/UK, international transfers are made under the Standard Contractual Clauses incorporated into our agreement with Cloudflare. Cloudflare is SOC 2 Type II, ISO 27001, and ISO 27701 certified.
7. Data Retention
We retain your data according to the following schedule:
- Active account data: retained for as long as your account is active.
- Financial records (invoices, journal entries, tax filings): retained for 7 years after the relevant accounting period, to comply with accounting and tax record-keeping obligations in Sri Lanka, Canada, and other jurisdictions where we operate.
- Application and access logs: retained for 90 days for security monitoring and incident investigation, then automatically deleted.
- Deleted accounts: when you delete your account, data enters a 30-day grace period during which it can be restored on request. After 30 days, active records are purged; financial records we are legally required to retain are moved to a restricted archive for the 7-year retention period and then permanently deleted.
- Backups: encrypted backups age out on a rolling basis within 35 days.
8. Your Rights
Depending on where you live, you have some or all of the following rights over your personal information:
- Access — ask for a copy of the personal data we hold about you.
- Correct — have inaccurate or incomplete data fixed.
- Delete — have your data erased, subject to legal retention requirements.
- Export (portability) — receive your data in a structured, machine-readable format.
- Object — object to processing based on legitimate interest, including profiling.
- Withdraw consent — where processing is based on your consent.
- Lodge a complaint — with a data protection authority (see below).
To exercise any of these rights, email [email protected]. We will verify your identity and respond within 30 days.
Where to complain
If you believe we have mishandled your data, we would prefer you contact us first so we can put it right. You also have the right to lodge a complaint with the data protection authority for your country, including:
- Sri Lanka: the Data Protection Authority of Sri Lanka, established under the Personal Data Protection Act No. 9 of 2022.
- European Union / UK: the supervisory authority in the EU member state where you live, work, or where the alleged infringement took place; or the UK Information Commissioner's Office (ICO).
- Canada: Office of the Privacy Commissioner of Canada (OPC), or the privacy commissioner of your province.
- California, USA: California Privacy Protection Agency (CPPA), for rights available under the CCPA/CPRA.
9. Data Security
We protect your data with defence-in-depth controls:
- TLS 1.2+ for all data in transit, with HSTS enforced
- Encryption at rest on all Cloudflare storage primitives
- Tenant isolation at the database level (each firm's data lives in its own Durable Object)
- Hash-chained, append-only audit trail on every write
- Strict access controls and least-privilege for Jumpstone staff
- Session revocation on password change and on suspicious activity
We are actively working toward SOC 2 Type II and ISO 27001 certification. Certification has not yet been achieved. See our Security page for the full, candid status.
10. International Data Transfers
See section 6 above. In short: the Service runs on Cloudflare's global network, your data may be processed outside your home jurisdiction, and we rely on Standard Contractual Clauses and Cloudflare's independently audited controls to safeguard those transfers.
11. Cookies
We use a minimal set of strictly necessary cookies — no analytics, no advertising, no third-party tracking. Details are in our Cookie Policy. If we ever introduce non-essential cookies, we will gate them behind a consent mechanism before setting them.
12. Children's Privacy
The Service is not intended for anyone under the age of 18. We do not knowingly collect personal information from children. If you believe a child has given us personal information, please contact [email protected] and we will delete it promptly.
13. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes we will notify you by email or by posting a notice inside the application at least 30 days before the changes take effect. The "Last updated" date at the top of this page always reflects the most recent revision.
14. Contact Us
Questions about this Privacy Policy, or want to exercise a privacy right? Email [email protected].
For general support, use [email protected]. Our postal address: Jumpstone Technology Inc., Ontario, Canada (full registered address provided on request).