LedgerAI Privacy Notice

Welcome to Ledger Holdings Inc, dba LedgerAI ('we', 'our', 'us'). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at support@ledger.ai.

When you visit our website http://ledger.ai and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy notice, we describe our privacy policy. We seek to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Sites and our services.

This privacy policy applies to all information collected through our website, web app, and/or any related services, sales, marketing, or events (we refer to them collectively in this privacy policy as the 'Sites').

Sign-Up and Sign-In Process

When users sign up or sign in to our application, we ensure the security of user credentials. We also offer social login options, including Google, for a more seamless user experience.

Information Collected

During this process, we collect certain information necessary for authentication and account management. This includes:

• Basic Information: Name, email address, and profile picture (if available).
• Authentication Data: Unique user ID, authentication tokens, and login timestamps.
• Social Login Data: If you choose to sign in via Google, we collect your Google account's name, email address, and profile picture.

Data Usage

The data collected during sign-up and sign-in is used to:

• Authenticate your identity and provide access to your account.
• Facilitate secure login and manage your session.
• Personalize your user experience within the application.

Storage and Security

All authentication data is securely stored and managed. We implement industry-standard security measures to protect your data from unauthorized access and breaches.

Third-Party Providers

• Auth0: As our authentication provider, Auth0 has access to the data necessary to perform authentication and manage user sessions. Auth0's privacy policy governs their use of your data.
• Google: When using Google for social login, Google’s privacy policy applies to the data shared through their service.

Data Collection and Use During OAuth Connections

To provide enhanced functionality and seamless integration with third-party services, we offer OAuth connections to QuickBooks Online and Slack. This allows us to securely access your data on these platforms with your explicit permission.

Access Tokens:

When you connect to QuickBooks Online or Slack via OAuth, we obtain access tokens. These tokens enable us to interact with these services on your behalf while maintaining security and privacy.

Scopes of Connection:

QuickBooks Online:

• Scopes: We request specific permissions to access necessary data from your QuickBooks Online account. During the connection process, all scopes are listed.
• Purpose: These permissions allow us to manage invoices, access transaction data, etc.

Slack:

• Scopes: We request specific following permissions to access necessary data from your Slack workspace. During the connection process, all scopes are listed.
• Purpose: These permissions allow us to send messages, access channels, etc.

Data Usage

The access tokens and data obtained through OAuth connections are used to:

• Facilitate seamless integration and interaction with QuickBooks Online and Slack.
• Provide enhanced features and services within our application.
• Ensure that data flow between platforms is secure and efficient.

Storage and Security

Access tokens are securely stored and encrypted. We implement stringent security measures to protect your data from unauthorized access and breaches.

User Control and Rights

Revoking Access:

Users have the right to revoke OAuth permissions at any time through their QuickBooks Online or Slack account settings. Revoking permissions will terminate our access to your data on these platforms.

Data Management:

Users can manage the data shared through OAuth connections by adjusting their settings within QuickBooks Online and Slack.

Third-Party Providers:

• QuickBooks Online: The use of data accessed through QuickBooks Online is governed by Intuit's privacy policy.
• Slack: The use of data accessed through Slack is governed by Slack's privacy policy.

Data Interaction After Authentication

After you provide authentication through OAuth, we use the access tokens to interact with QuickBooks Online, Slack, and other third-party services to deliver enhanced functionality and seamless integration within our application.

QuickBooks Online:

Data Access and Usage: Using the provided access tokens, we access and interact with your QuickBooks Online data to manage invoices, retrieve transaction data, etc.

Slack:

Data Access and Usage: Using the provided access tokens, we interact with your Slack workspace to send messages, access channels, etc.

OpenAI:

API Interaction: We use our own enterprise API key to interact with OpenAI services to process data. Your data is sent to OpenAI for the purposes of processing unstructured data or training the model.

Google Drive:

Data Storage and Interaction: We use our own API key to store and manage data in a Google Drive account that is shared with you. This enables us to store files that you can easily access as well.

n8n:

Workflow Automation: We use n8n, a workflow automation tool, to streamline and manage various processes within our application. This involves automating tasks and interactions between different services based on predefined workflows.

Data Processing: n8n helps us efficiently process and route data between QuickBooks Online, Slack, OpenAI, Google Drive, and other integrated services, ensuring seamless operation and enhanced functionality.

Data Storage and Security

Data Storage: Your data is securely stored in a database hosted by LedgerAI. This includes all relevant information necessary for the functioning of our application.

Security Measures: We implement industry-standard security practices to protect your data, including encryption, access controls, and regular security audits.

Data Usage

The data accessed and stored is used to:

• Provide the core functionality of our application.
• Enhance user experience by integrating with third-party services.
• Ensure the smooth operation of workflows involving multiple services.

User Control and Rights

Users have the right to manage their data, including updating or deleting information stored in our application.

Revoking Access

Users can revoke OAuth permissions at any time through their QuickBooks Online, Slack, or Google account settings, which will terminate our access to your data on these platforms.

Data Policies

The use of data accessed through QuickBooks Online, Slack, OpenAI, Google Drive, and n8n is governed by their respective privacy policies. We recommend reviewing these policies to understand how they handle your data.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Sites is at your own risk. You should only access the services within a secure environment.

You have the following rights in relation to your personal information:

• Access: You have the right to request access to the personal information we hold about you and to request certain information about our processing of your personal information.
• Correction: You have the right to request that we correct any inaccurate or incomplete personal information that we hold about you.
• Erasure: You have the right to request that we delete your personal information, subject to certain exceptions.
• Restriction: You have the right to request that we restrict the processing of your personal information in certain circumstances.
• Objection: You have the right to object to our processing of your personal information where we are relying on a legitimate interest.
• Portability: You have the right to request that we provide your personal information to you in a structured, commonly used, and machine-readable format, or to transmit it directly to another data controller, where technically feasible.

To exercise any of these rights, please contact us at support@ledger.ai. We will respond to your request in accordance with applicable data protection laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated 'Revised' date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

If you have questions or comments about this notice, you may email us at support@ledger.ai.