Back to Home

Last updated: May 2026

Privacy Policy

How we protect and handle your data

Introduction

This Privacy Policy explains how Ledge collects, uses, and discloses your information when you use our mobile application (iOS, Android) and our website at ledge.today, including the community forum. We are committed to protecting your privacy and handling your data with transparency.

Information We Collect

2.1 Information You Provide

  • Account information: When you register, we collect your email address and password (encrypted). If you sign in with Google or Apple, we receive your email address and a stable account identifier from that provider — we never receive your Google or Apple password.
  • Financial information: data you manually enter about your assets and portfolio holdings. We do NOT collect or store your actual bank account credentials, credit card numbers, or other sensitive financial account access information.
  • User preferences: Your settings, preferences, language choice, and customizations within the app.
  • Forum content: When you participate in the Ledge community forum, we store your forum display name, the posts and comments you submit, the posts you upvote, any screenshots you attach to a post (up to 3 per post, 5 MB each), and any optional bug metadata you include with a bug report (platform, app version, OS version, device model).

2.2 Automatically Collected Information

  • Device information: Device type, operating system, unique device identifiers, app version.
  • Usage data: How you interact with our app, features you use, time spent, and crash reports.
  • Location information: General location based on IP address. We do not collect precise GPS location unless explicitly enabled by you for specific features.

Data Storage and Processing

We store and process your data to provide our services effectively. Mobile app data — your portfolio entries, asset positions, and preferences — is synced to your Ledge account and stored on our managed cloud provider (Supabase), with a local cache on your device for offline access. Forum data — your forum display name, posts, comments, upvotes, and attached screenshots — is stored on Supabase for as long as the post and your account exist.

  • Data is encrypted both in transit (using SSL/TLS) and at rest on our managed cloud provider
  • Transaction history and asset information are processed to generate insights and analytics for you
  • User preferences and settings are saved to personalize your experience
  • Data may be processed for analytics to improve our services
  • We retain your data as long as your account is active or as needed to provide services
  • Backups are maintained for disaster recovery purposes (30 days) and are also encrypted
  • Upon account deletion, your data is permanently deleted within 30 days (except where retention is required by law)

How We Use Your Information

  • Provide and improve our services
  • Personalize your experience
  • Process transactions and financial data
  • Communicate with you about your account or our services
  • Analyze usage patterns to enhance our application
  • Protect against fraudulent or unauthorized activity

How We Share Your Information

We may share your information in the following limited circumstances:

IMPORTANT: We never sell your personal information to third parties for marketing or advertising purposes.

  • Service providers: Trusted companies that help us deliver our services. These currently include Supabase (authentication, database, and file storage for forum screenshots), a transactional email provider used to send forum notifications, and Google (advertising and conversion measurement on our website). These providers are contractually obligated to protect your data.
  • Legal requirements: When required by law, court order, or government request, or to protect our rights, privacy, safety, or property.
  • Business transfers: In connection with a merger, acquisition, or sale of assets. You will be notified of any such change and your data will remain protected under this policy.
  • With your consent: We may share information with third parties when you explicitly consent.

Payment and Subscription Information

When you subscribe to Ledge Pro:

  • All payment processing is handled exclusively by Apple (App Store) or Google (Google Play Store). We do not collect, store, or process your credit card or payment information directly.
  • We receive only basic subscription status information (active/inactive, subscription tier, renewal date) from Apple and Google to provide you with appropriate service access.
  • Purchase receipts are validated through Apple and Google's systems to verify your subscription status.
  • We may collect anonymous, aggregated purchase analytics to understand subscription trends and improve our offerings.
  • Your payment information, including credit card details, is subject to Apple's or Google's privacy policies, not ours.

Authentication Providers

When you sign in to the Ledge website to use the community forum, you can authenticate with Google or Apple. The provider verifies your identity and shares a minimal profile with us — typically your email address and a stable user identifier. We never receive your Google or Apple password. Use of these sign-in options is governed by the provider's own privacy policy:

  • Google: policies.google.com/privacy
  • Apple: apple.com/legal/privacy

You can revoke Ledge's access at any time from your Google or Apple account settings. Doing so prevents future sign-in but does not automatically delete content you have already submitted to the forum — contact privacy@ledge.today to request deletion.

Data Security

We implement industry-standard technical, administrative, and physical safeguards to protect your information. However, no method of transmission over the internet is 100% secure. We strive to protect your data but cannot guarantee absolute security.

Your Rights

Depending on your location (including GDPR for EU residents and CCPA for California residents), you may have the following rights:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information (right to be forgotten)
  • Restriction: Request to restrict processing of your information
  • Objection: Object to certain types of processing
  • Data Portability: Request your data in a portable, machine-readable format
  • Withdraw Consent: Withdraw consent for data processing where consent was the legal basis

To exercise these rights, contact us at privacy@ledge.today. We will respond within 30 days. Note: Subscription and payment data is managed by Apple or Google; please contact them directly for payment-related inquiries.

Children's Privacy

Our services are not directed to children under 13 (or 16 in the EU, or the applicable age in your jurisdiction). We do not knowingly collect information from children under these ages. If you believe we have collected information from a child, please contact us immediately at privacy@ledge.today, and we will promptly delete such information.

Cookies, Tracking, and Advertising

8.1.1 Mobile App

Our mobile app may use cookies and similar tracking technologies for:

  • Authentication and security
  • Remembering your preferences
  • Analytics to understand how users interact with our app
  • Crash reporting and error tracking

You can control cookie preferences through your device settings. Disabling certain cookies may limit functionality.

8.1.2 Website Advertising and Conversion Measurement

Our website (ledge.today) loads Google's gtag.js script. We use it to measure ad-conversion events (for example, when a visitor clicks a subscribe call-to-action) so that we can evaluate how well our marketing reaches the right people. This sets advertising cookies that are governed by Google.

  • Opt out of personalized ads via Google Ads Settings: adssettings.google.com
  • Block third-party cookies or enable 'Do Not Track' / 'Global Privacy Control' in your browser to limit this tracking
  • Use a privacy-focused browser or extension (e.g. uBlock Origin) to block the gtag script entirely

To request deletion of any identifiers Ledge has associated with you for advertising purposes, email privacy@ledge.today.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy, wherever it is processed.

Data Retention

We retain your personal information for the following periods:

  • Provide you with our services
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain backups for disaster recovery (30 days)

After account deletion, your data is permanently deleted within 30 days, except where we are legally required to retain certain information (e.g., for tax or legal purposes).

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy in the app or through other appropriate means.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

We will respond to your inquiry within 30 days. For rights requests under GDPR or CCPA, we will respond within the legally required timeframe.

Your Data is Safe

We take your privacy seriously. All your data is encrypted and protected with industry-standard security protocols. We never sell your personal information or share it with unauthorized third parties.