Privacy Policy

Last updated: May 1, 2026

Overview

LedgerLift ("we", "us", or "our") operates ledgerlift.com. This policy explains what data we collect, why we collect it, and how we use it. We do not sell your data. We do not use your financial documents for advertising or model training.

Data we collect

  • Account information — your email address and authentication credentials when you sign up.
  • Uploaded files — bank statement PDFs, images, and CSVs you upload for conversion. Files are stored in encrypted private storage.
  • Extracted transactions — the structured transaction data produced from your statements, stored so you can access your conversion history.
  • Billing information — payment is handled entirely by Stripe. We store only your Stripe customer ID; we never see or store your full card number.
  • Usage data — conversion counts and job metadata used to enforce plan limits and display your history.

How we use your data

  • To process your uploaded files and return extracted transaction data.
  • To authenticate you and manage your account and subscription.
  • To enforce plan limits and display usage in the app.
  • To send transactional emails related to your account (e.g. billing receipts). We do not send marketing email without your consent.

Third-party services

  • Anthropic Claude — your uploaded files are sent to Anthropic's API for transaction extraction. Anthropic's API usage policy prohibits using API inputs to train models. Files are transmitted over TLS and not retained by Anthropic beyond the request.
  • Supabase — we use Supabase for authentication and encrypted file storage. Data is hosted on AWS infrastructure.
  • Stripe — all payment processing is handled by Stripe. Your card data goes directly to Stripe and never passes through our servers.
  • AWS Textract — scanned PDF and image files may be processed via AWS Textract for OCR before AI extraction. Files are not retained by AWS beyond the OCR request.

Data retention

Uploaded files are stored in encrypted private storage for as long as your account is active. Extracted transaction records and conversion history are retained while your account is active. You may delete your account at any time by contacting us, which will permanently remove all associated data.

Security

All data is transmitted over TLS. Uploaded files are stored in private, encrypted buckets with no public access. Access to storage requires a valid authenticated session. We do not log or store the contents of your financial documents beyond what is necessary for extraction.

Your rights

You may request a copy of your data, correction of inaccurate data, or deletion of your account and all associated data at any time. To make a request, contact us at the address below.

Contact

Questions about this policy? Email us at help@ledgerlift.me.