← Back to FlexLedger
Privacy Policy
Effective: July 2026. Contact: hello@flexledger.app
FlexLedger ("we", "us") makes a personal-finance mobile app for gig workers, creators, and tradespeople. This policy explains what data we collect, why, and how you can control it. Written in plain English on purpose.
1. What we collect
- Account data — email, hashed password, name.
- Financial data you enter — expenses, income, jobs, receipts, and tax jar transactions.
- Receipt images — stored securely when you upload them for AI parsing.
- Device data — device model, OS version, push notification token (only if you enable push).
- Usage data — anonymized crash reports and feature usage counts to improve the product.
- Payment data — handled entirely by Stripe. We never see your card number.
2. Why we collect it
- To provide the app functionality you signed up for (dashboards, receipt scanning, tax estimation).
- To send you the Sunday coach email and delivery/open engagement events (if you're a Premium subscriber and haven't opted out).
- To improve the app — fix bugs, understand which features get used.
- To meet legal and tax obligations for our business.
3. Who we share it with
We share the minimum necessary data with:
- OpenAI / Anthropic / Google — to parse receipts and generate weekly insights. Your data is not used to train their models.
- Stripe — to process payments.
- Resend — to send transactional email.
- MongoDB Atlas — for encrypted data storage.
We never sell your data. Ever.
4. How long we keep it
We keep your data as long as your account is active. When you delete your account, we permanently delete all your financial data within 30 days, except records we're legally required to retain (invoices, tax records).
5. Your rights
- Access — download all your data as a PDF or JSON export from Settings.
- Delete — wipe your entire account with one tap from Settings.
- Opt out — disable email and push notifications any time from Settings.
- Correct — all data you enter is fully editable in-app.
6. Security
All data is encrypted in transit (TLS) and at rest. Passwords are hashed with bcrypt. We do not log passwords, card details, or receipt images in server logs.
7. Children
FlexLedger is not intended for anyone under 18. We do not knowingly collect data from children.
8. Changes to this policy
If we make material changes, we'll email you and post a notice in the app at least 30 days before the change takes effect.
9. Contact
Questions or requests: hello@flexledger.app