Privacy Policy

Ledgerly Pro (“we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains what data we collect, why we collect it, how we use and protect it, and the rights you have under UK GDPR.

Ledgerly Pro is a financial management platform for UK self-employed individuals and small businesses. For UK GDPR purposes, we act as the Data Controller for the personal data you provide.

See also our Data Protection Policy.

Personal Information

• Name, business name, email address
• Country and time zone
• Profile photo (optional)

Financial Information (Stripe Financial Connections)

When you connect your bank account, you authorise our payment partner Stripe through their Financial Connections product, which uses FCA-regulated Open Banking. We receive read-only AIS (Account Information Services) transaction data — we never see your online banking login details, and we cannot move money or initiate payments from your bank.

Technical & Usage Data

• IP address (truncated for analytics)
• Browser type, device, operating system
• Pages visited and interactions inside the product
• Cookies (see Cookie Policy)

Receipt & Document Data

If you scan a receipt, upload an invoice, or attach a document, we process the image and extracted text to populate your expense or invoice record.

We use your data to:

• Provide the bookkeeping, invoicing and payroll-summary services you signed up for
• Process subscription payments via Stripe
• Send transactional emails (verification, password reset, invoice reminders, accountant packs)
• Improve the product (aggregated analytics only)
• Comply with legal obligations (e.g. retention of financial records)
• Detect and prevent fraud or abuse

Under UK GDPR we rely on the following legal bases:

• Contract — to provide the services you’ve subscribed to.
• Consent — for optional features (e.g. marketing emails, bank connection authorisation).
• Legitimate Interests — to keep the service secure, improve product quality, and prevent fraud, where this does not override your rights.
• Legal Obligation — e.g. retaining financial records for HMRC-mandated periods.

You can withdraw consent at any time; this does not affect prior lawful processing.

Ledgerly Pro uses AI to assist with expense categorisation, receipt scanning, anomaly detection and written summaries. This involves automated processing of the data you upload.

AI suggestions are estimates and may not always be accurate. They do not produce automated decisions with legal or similarly significant effects on you — every AI output is reviewable and editable. AI does not replace an accountant.

Where AI processing involves third-party model providers (e.g. OpenAI), your data is sent under contractual data-processing agreements, is not used to train their models, and is processed transiently.

We share data only with essential service providers:

• Stripe — payments and Financial Connections (Open Banking)
• Resend — transactional email delivery
• OpenAI — AI categorisation, receipt scanning, summaries
• Cloud hosting — secure UK / EU-region servers

We do not sell your data. We share data with HMRC or law-enforcement only when legally required.

If data is transferred outside the UK/EU (e.g. to OpenAI in the US), we ensure safeguards such as:

• Standard Contractual Clauses (SCCs)
• Adequacy decisions where applicable

We retain data only as long as necessary to:

• Provide the service while your account is active
• Meet legal obligations (UK financial records typically 6 years)
• Resolve disputes and enforce our agreements

When you delete your account via Settings → Danger Zone, we immediately purge your invoices, expenses, integrations and notifications. Anonymised aggregate data may be retained for analytics.

Under UK GDPR you have the right to:

• Right of access — access the personal data we hold about you
• Right to rectification — rectify inaccurate or incomplete data
• Right to erasure — erase your data (“right to be forgotten”)
• Right to restrict processing — restrict processing in specific circumstances
• Right to object — object to processing based on legitimate interests
• Right to data portability — receive your data in a portable format
• Right to withdraw consent — at any time where consent was the legal basis

To exercise any of these rights, contact support@ledgerlypro.co.uk.

If you’re unhappy with how we handle your personal data, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

• Website: ico.org.uk
• Helpline: 0303 123 1113

We’d appreciate the chance to address your concern directly first — please email us before raising a complaint.

We use:

• Encryption in transit (TLS) and at rest
• UK / EU-region cloud hosting with daily backups
• Role-based access controls — staff cannot see your books
• Regular security and dependency audits

For privacy questions or to exercise your rights: support@ledgerlypro.co.uk