Legal

Privacy Policy

How Ledger collects, uses, and protects information provided by our users and their connected financial systems.

1. Who we are

Ledger is an AI-powered accounting automation platform operated by Serendipity LLC ("Ledger", "we", "us", or "our"). Ledger is accessible at https://ledger.serendipityllc.us. Questions about this policy can be directed to support@serendipityllc.us.

2. Information we collect

Account information

When you sign in with Google, we receive your name, email address, profile photo URL, Google user identifier, and authentication assertion. Ledger restricts access to pre-approved corporate domains; accounts outside those domains cannot create a session.

Connected financial systems

Ledger allows authorized users to connect third-party accounting and financial systems. When you connect a system, we receive and store:

QuickBooks Online — OAuth 2.0 access tokens, refresh tokens, and QuickBooks "realm" identifiers. Upon your request we fetch invoices, purchases, company profile metadata, and related accounting records.
Google Drive and Google Sheets — Ledger reads spreadsheets that you have explicitly shared with Ledger's service account. We do not index or scan Drive content outside those shared spreadsheets.
Bank account data (Plaid) — Once Plaid integration is enabled, Ledger receives transaction history and account metadata via Plaid's API. We never see or store online-banking passwords; authentication is handled by Plaid directly with the financial institution.

Operational telemetry

We record audit events for every read and write performed against your connected data (actor email, action, resource, timestamp, IP address). We collect standard web server access logs and error telemetry via Google Cloud Logging.

3. How we use information

We use the information above solely to operate Ledger on your behalf: authenticating you, aggregating financial data for display, reconciling transactions, generating reports, producing AI-generated insights, and sending notifications you have configured. We do not use your financial data to train machine-learning models and we do not sell, rent, or share your information with advertisers or data brokers.

4. Third-party service providers

Ledger runs on infrastructure provided by Google Cloud Platform and uses the following sub-processors to operate:

Provider	Role
Google Cloud Platform	Compute, storage, Firestore, Secret Manager, networking (us-east4 / United States)
Google Firebase	User authentication (Google Workspace SSO)
Intuit	QuickBooks Online data access via OAuth 2.0
Plaid	Bank transaction and balance retrieval (when enabled)
Anthropic	Large-language-model inference for reconciliation and insights
Twilio SendGrid	Transactional email delivery

Each sub-processor is bound by its own terms of service and data-processing commitments. Ledger transmits only the minimum data required for the specific task.

5. Storage, location, and retention

Account profiles, connection metadata, transactional cache, and audit logs are stored in Google Firestore in the nam5 multi-region (United States). OAuth access and refresh tokens are stored in Google Secret Manager, encrypted at rest with Google-managed keys. All transport between Ledger and your browser or any sub-processor is encrypted with TLS 1.2 or higher.

Operational data is retained for the active lifetime of your account. When you disconnect a financial system or close your account, we revoke the corresponding OAuth grants and delete the associated tokens. Audit logs are retained for 13 months to support accounting and security obligations.

6. Security practices

Authentication: Google Workspace single sign-on with enforced multi-factor authentication.
Authorization: Application-layer domain enforcement; only pre-approved corporate domains can authenticate.
Secrets: OAuth tokens and API keys are held exclusively in Secret Manager; never in source code, container images, or environment variables.
Least privilege: Service accounts are scoped to the minimum roles required for their function.
Audit: Every read and write of connected financial data is logged with actor, action, and timestamp.

Ledger does not store full payment-card numbers or PINs and is explicitly out of scope for PCI DSS.

7. Your choices

You can disconnect any financial system from the Ledger dashboard at any time. Disconnection revokes the OAuth tokens and removes your ability to retrieve future data from that system. You can request export or deletion of any data Ledger stores about you by emailing support@serendipityllc.us; we will acknowledge within two business days and complete the request within 30 days.

8. Children

Ledger is not directed to children under 18 and we do not knowingly collect information from anyone under 18.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email to signed-in users at least 14 days before taking effect. The "Last updated" date at the bottom reflects the most recent revision.

10. Contact

Serendipity LLC
Email: support@serendipityllc.us
Platform: https://ledger.serendipityllc.us

Last updated: