LedgAR

Privacy Policy

Last Updated: June 29, 2026

LedgAR ("LedgAR," "we," "us," or "our") provides a multi-business finance and operations platform for founders, including organizational tools for transactions, records, and business resources, and Marketing OS features for campaign planning, content drafting, publishing, and performance review.

This Privacy Policy describes how we collect, use, store, share, and delete information when you use the LedgAR website, application, and related services (collectively, the "Platform").

By using the Platform, you acknowledge that you may upload or connect business and marketing information. If you do not agree with this policy, do not use the Platform.

Information We Collect

We collect information in the following categories, depending on how you use the Platform:

Account and profile information

  • Name, email address, authentication identifiers, and profile details you provide or that are supplied by an authentication provider.

Business and finance information

  • Business names, entity details, transaction records, categorizations, receipts, documents, vault metadata, team member information, notes, and other records you upload or enter.

Marketing OS information

  • Campaign briefs, content drafts, captions, image and video prompts, generated media, publishing schedules, channel selections, and workflow activity related to marketing operations.

Connected integration data

  • When you connect third-party services, we may receive account identifiers, access tokens, connected page or ad account metadata, publish status, and performance metrics authorized by you through those services.

Usage, device, and log data

  • Pages viewed, features used, timestamps, IP address, browser type, device information, error logs, security logs, and similar technical data generated by your use of the Platform.

Communications

  • Messages you send to support, feedback you submit, and records of legal acknowledgements or account requests.

We do not intentionally collect government ID numbers, bank login credentials, or other highly sensitive personal data. Please avoid submitting information you are not comfortable storing in a cloud business application.

How We Use Information

We use collected information to:

  • provide, operate, maintain, and improve the Platform;
  • authenticate users and secure accounts;
  • organize business and marketing workflows you request;
  • generate, store, schedule, publish, and review marketing content you direct us to process;
  • sync analytics and publish status from connected marketing channels;
  • respond to support requests and legal or security inquiries;
  • monitor performance, troubleshoot errors, and protect against abuse;
  • comply with law and enforce our Terms of Service.

We use business and marketing data to deliver the features you enable. We do not sell your personal information.

Authentication Providers

LedgAR uses Supabase Auth and may support the following sign-in methods:

  • Email magic link — we send a one-time sign-in link to the email address you provide.
  • Email and password — when enabled for your account or environment.
  • Google OAuth — when enabled, Google may share basic profile information such as your name, email address, and profile image with LedgAR for account creation and sign-in.

Authentication providers process information according to their own privacy policies. You can review Google's privacy policy at https://policies.google.com/privacy.

We receive only the account information needed to authenticate you and maintain your LedgAR profile.

Supabase

LedgAR uses Supabase for core application infrastructure, including authentication, PostgreSQL database storage, file storage, and related backend services.

Information you submit to the Platform may be stored and processed in Supabase-managed systems subject to access controls, row-level security, and our operational policies. Supabase processes data as our service provider. See Supabase's privacy documentation at https://supabase.com/privacy.

OpenAI

LedgAR may send prompts, campaign briefs, draft text, image-generation instructions, and related context to OpenAI when you use AI-assisted features in Marketing OS or other parts of the Platform.

OpenAI processes this information to generate responses, draft content, or images you request. We do not send OpenAI your authentication credentials or payment card numbers. Generated outputs and associated usage metadata may be stored in LedgAR so you can review, edit, publish, or delete them.

OpenAI's use of data is governed by its terms and privacy policy at https://openai.com/policies/privacy-policy.

Meta APIs

Marketing OS may connect to Meta technologies, including Facebook and Instagram, through authorized APIs such as the Meta Graph API and Meta Ads Manager-related endpoints, either directly or through an approved integration partner.

When you connect a Meta account, page, profile, or ad account, we may access only the data you authorize, which may include:

  • account, page, or ad account identifiers and names;
  • access tokens and connection status;
  • content you choose to publish or schedule;
  • post or campaign delivery status;
  • engagement and advertising performance metrics exposed by Meta for the connected assets;
  • audience or placement metadata needed to display analytics in LedgAR.

We use Meta-derived data to operate Marketing OS features you request, such as publishing, reviewing campaign performance, and managing connected channels. We do not use Meta ad account data for unrelated advertising on behalf of third parties.

You can disconnect Meta-connected assets by revoking LedgAR's access in your Meta Business Integrations settings and removing the connection in LedgAR where available. Meta's data practices are described at https://www.facebook.com/privacy/policy.

Postiz

LedgAR may use Postiz as an integration layer for social publishing and channel analytics. When configured, Postiz may receive draft content, media files, scheduling instructions, connected channel identifiers, and publish or analytics responses for platforms such as Facebook, Instagram, LinkedIn, and Reddit.

Postiz processes this information to publish content and return status or metrics to LedgAR. Postiz acts as a service provider supporting features you enable. Do not connect channels or content you are not authorized to manage.

Higgsfield

LedgAR may send video or image generation prompts and related creative instructions to Higgsfield when you choose Higgsfield-backed media generation in Marketing OS.

Higgsfield processes those prompts to generate media assets for your review inside LedgAR. We store resulting assets and associated metadata only as needed to display, download, publish, or delete them at your direction.

Cookies and Similar Technologies

LedgAR uses cookies and similar technologies for essential operation of the Platform, including:

  • Authentication and session cookies — to keep you signed in and protect account access.
  • Preference cookies — such as theme selection.
  • Security and rate-limiting signals — to help prevent abuse of sign-in and API endpoints.

We may also use privacy-oriented analytics technologies that collect aggregated or pseudonymous usage information, such as page views and feature interactions, to understand how the Platform is used and to improve reliability.

You can control cookies through your browser settings. Disabling essential cookies may prevent some parts of the Platform from working correctly.

Analytics

LedgAR uses analytics to understand product usage and improve performance. This may include:

  • Vercel Analytics on our marketing site and application shell for aggregated traffic and page-view metrics;
  • Product and security logs stored in our infrastructure for troubleshooting, audit, and abuse prevention;
  • Marketing performance analytics retrieved from connected providers such as Postiz or Meta when you enable those integrations.

Analytics data is used to operate and improve LedgAR, not to sell personal information to data brokers.

How We Share Information

We may share information only as needed to operate the Platform:

  • with infrastructure and service providers such as Supabase, hosting providers, email delivery services, OpenAI, Postiz, Higgsfield, and Meta when you connect those services;
  • with team members or collaborators you explicitly authorize within a business workspace;
  • to comply with law, court order, or lawful government request;
  • to protect the rights, safety, and security of LedgAR, our users, or others;
  • in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate confidentiality obligations.

We require service providers to handle information for LedgAR's instructions and applicable law. Their own privacy policies govern their direct collection practices.

Data Security

We use commercially reasonable administrative, technical, and organizational safeguards designed to protect user information, including access controls, encrypted transport, and provider security features.

No online platform, database, cloud service, API integration, or internet transmission is completely secure. We cannot guarantee that information will never be accessed, disclosed, altered, lost, corrupted, or destroyed. Users assume the risk of storing information online and should maintain independent backups of important records.

Data Retention

We retain information for as long as reasonably necessary to:

  • provide the Platform and features you use;
  • maintain business, security, and audit records;
  • resolve disputes and enforce our agreements;
  • comply with legal obligations.

Retention periods vary by data type. For example, connected integration tokens remain until you disconnect the integration or delete your account; marketing drafts may remain until you delete them; backups and security logs may persist for a limited period after deletion.

Deleted information may not be immediately removed from backups, logs, caches, or third-party systems. See our [Data Retention and Deletion Policy](/data-retention) for additional detail.

Your Choices and Rights

Depending on your location, you may have rights to access, correct, export, restrict, or delete certain personal information.

Within the Platform, you can:

  • update profile and business information where editing is available;
  • disconnect third-party integrations you previously authorized;
  • delete drafts, uploads, or other records you control;
  • request account deletion as described below.

We may need to retain limited information where required by law or for legitimate security, fraud-prevention, or recordkeeping purposes.

User Deletion Request Process

You may request deletion of your LedgAR account and associated personal information by: 1. In-product request — go to Settings and use the account deletion flow, confirming with the required phrase shown in the interface; or 2. Email request — send a deletion request from the email address associated with your account to hello@ledgar.online with the subject line "Account Deletion Request."

Before requesting deletion, export any business, finance, or marketing records you wish to keep. Account deletion is permanent and may remove drafts, uploads, connected integration data stored in LedgAR, workspace settings, and team access tied to your account.

We will verify your request and process eligible deletion within a reasonable period, subject to backup retention, legal holds, fraud prevention, and obligations to connected providers you must revoke separately in Meta, Google, or other third-party accounts.

For more detail, see our [Account Deletion policy](/account-deletion).

Children's Privacy

The Platform is intended for business users and is not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children.

International Users

LedgAR may process and store information in the United States and other countries where we or our service providers operate. By using the Platform, you understand that information may be transferred to jurisdictions that may have different data protection laws than your own.

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date above. Material changes may also be communicated through the Platform or by email where appropriate. Continued use of the Platform after an update constitutes acceptance of the revised policy.

Contact

For privacy questions, data requests, or Meta integration support: hello@ledgar.online

Related: Terms of Service · Legal Disclosures · Privacy Policy · User Acknowledgement · Security · Acceptable Use · Data Retention · Third-Party Integrations · Beta Disclaimer · Billing Terms · Account Deletion · Breach Response