Privacy Policy

Last updated June 28, 2026

This Privacy Policy explains how Ledgendry LLC ("Ledgendry", "we", "us") handles information when you use the Ledgendry website, application, and services (the "Service"). We built Ledgendry to collect as little as possible, and this policy describes exactly what we do.

The short version

Ledgendry is a B2B tool for trade and service businesses. We collect the account details needed to sign you in, the business data you choose to enter, and the payment metadata needed to process payments. We do not track your location or use technician telematics, and we never use your business data for advertising. We plan to add analytics and advertising cookies (Google, Meta) to improve Ledgendry and measure our ads, but only with your consent, and they are not active today. Collecting less is a deliberate design choice.

Controller and processor: who is responsible for what

Ledgendry serves contractor businesses (each, a "tenant"). When a tenant enters information about their own clients (names, addresses, contact details, job notes), the tenant is the controller of that information and Ledgendry acts as a processor, handling it on the tenant's behalf and on their instructions to provide the Service.

For the tenant's own account information (the name and email of the person who signs up), Ledgendry acts as the controller. If you are the client of a business that uses Ledgendry and you want your information accessed, corrected, or deleted, please contact that business: they control that data; we assist them as their processor.

What we collect and process

We collect and process only the following:

  • Account identity (via Clerk). Your name and email, and the login/session credentials used to authenticate you.
  • Business data you enter (in our database). Your company details, clients, jobs, estimates, and invoices. This may include personal information about your clients that you choose to enter, for which you are the controller.
  • Payment metadata (via Stripe Connect). Information needed to process invoice payments and payouts. Stripe holds the actual card and bank details. We do not store full card numbers.
  • Transactional email (via Resend). Recipient email addresses and message contents when the Service sends invoices, estimates, or notifications on your behalf.
  • Basic operational logs. Limited technical information needed to run, secure, and troubleshoot the Service.

Image hosting through Cloudinary is planned but not yet active. When it ships, uploaded images attached to jobs or line items will be stored there, and we will update this policy and our subprocessor list accordingly.

What we do NOT do

We want to be plain about this because it is unusual in our industry. Ledgendry does not: track your GPS or location; use technician or vehicle telematics; or use the business data you enter for advertising. We do not run any advertising, marketing, or cross-site tracking cookies today. We plan to add analytics and advertising cookies (Google, Meta) in the future, and if we do they will load only with your consent. See the Cookies and your consent section below. Until you opt in, there is nothing to opt out of.

How we use information

We use the information above to provide and maintain the Service, to authenticate you and keep your account secure, to process payments you initiate, to send transactional messages you ask us to send, to provide support, and to comply with our legal obligations. We do not use your business data for advertising.

Subprocessors

We rely on a small set of trusted vendors to run the Service. Each handles only the data needed for its role. The current list (Clerk, Railway/PostgreSQL, Stripe, Resend, Cloudinary (planned), and the analytics/advertising vendors Google and Meta (planned, and loaded only with your consent)) is published on our Subprocessors page.

Cookies and your consent

Essential cookies (always on). Today the only cookies we set are strictly-necessary, first-party cookies: the authentication and session cookies set by Clerk to keep you signed in and your account secure. These are required to operate the Service, so blocking them may prevent you from signing in.

Analytics and advertising cookies (only with consent). We plan to add analytics and advertising cookies, specifically Google Analytics, Google Ads, and the Meta (Facebook) Pixel, to understand how Ledgendry is used and to measure our advertising. These are not active today. When they go live, they will load only if you opt in through our cookie banner. By default they are off: we do not load any non-essential cookie until you choose "Accept all."

Changing your mind. You can review or withdraw your consent at any time using the Cookie preferenceslink in the footer. Choosing "Essential only" (or withdrawing consent) stops any non-essential cookies from loading.

EU/UK visitors. Consistent with the GDPR and the ePrivacy rules, we ask for your opt-in consent before loading any analytics or advertising cookies; essential cookies do not require consent.

California visitors.If we activate advertising cookies, that activity could be treated as "sharing" for cross-context behavioral advertising under the CCPA/CPRA. We treat your "Essential only" choice (and our default-off setting) as a Do Not Sell or Sharesignal, and we honor opt-out preference signals such as Global Privacy Control. Because non-essential cookies are off until you opt in, there is nothing to opt out of unless and until you choose "Accept all."

Your rights and choices

Depending on where you live, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. We honor these requests regardless of location. To make a request, email privacy@ledgendry.com. We will verify that you control the account email before acting on a request, and we will not discriminate against you for exercising these rights.

Data deletion

To request deletion of your personal information, email privacy@ledgendry.com from the email address on your account. Deletion is handled manually, and we commit to completing verified requests within 30 days (we may extend this where the law allows if a request is complex).

Some information may be retained after a deletion request, namely:

  • invoice, tax, and financial records we are required by law to keep;
  • payment records held by Stripe under Stripe's own retention obligations; and
  • anonymized or aggregated data that no longer identifies you.

If you are the client of a business that uses Ledgendry, that business controls your data: direct your deletion request to them, and we will assist them as their processor.

Data retention

We keep your information for as long as your account is active and as needed to provide the Service. After account closure or a deletion request, we remove personal information within the window described above, except for the legally-required and anonymized records noted in the Data deletion section.

Security

We use reasonable technical and organizational measures to protect your information, including encrypted connections and access controls through our infrastructure providers. No system is perfectly secure, but we work to keep your data safe and to respond promptly to issues.

Children's privacy

The Service is for business use by adults and is not directed to children under 18. We do not knowingly collect personal information from children.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, provide additional notice.

Contact

For any privacy question or request, email privacy@ledgendry.com, or write to Ledgendry LLC, 731 SE Alices Rd #1122, Waukee, IA 50263.