Privacy Policy

Ledgerline Payments ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and the rights you have over your information when you use our software, websites, and integration services (collectively, the "Services").

1. Information We Collect

We collect the following categories of information in connection with the Services:

• Account information: name, business name, email address, and contact details provided when you engage our Services.
• Authentication credentials: OAuth access tokens and refresh tokens issued by third-party platforms (e.g., Intuit) that authorize the integration to act on your behalf. These credentials are stored encrypted and used only to make authorized API calls to the connected platform.
• Order and invoice metadata: for each transaction processed by the integration, we store the order identifier, invoice identifier, total amount, and status (pending, sent, paid, error). We do not collect or store full payment card data, bank account numbers, or sensitive financial credentials.
• Customer contact information: the name, email address, and (where provided) phone number associated with each order, used solely to create invoice records in the connected accounting platform.
• Usage and diagnostic data: server logs, error reports, and webhook delivery records used to maintain and troubleshoot the Services.

2. How We Use Information

We use the information we collect to:

• Provide, operate, and maintain the Services;
• Authenticate to third-party platforms on your behalf;
• Create, send, and reconcile invoices in connected accounting systems;
• Detect, prevent, and respond to fraud, abuse, and security incidents;
• Comply with legal obligations;
• Communicate with you about the Services.

3. What We Do Not Collect

We do not collect or store payment card numbers, CVV codes, expiration dates, bank account credentials, or other cardholder data. All card payments processed through invoices generated by our integrations are handled directly by the third-party payment processor (e.g., Intuit Payments). We are not in the cardholder data path.

4. Sharing of Information

We do not sell your personal information. We may share information in the following limited circumstances:

• Service providers: with infrastructure, hosting, and security vendors that help us operate the Services, bound by confidentiality and data-protection obligations.
• Connected platforms: the integrations transmit invoice and customer information to third-party platforms you have authorized (e.g., Intuit QuickBooks Online), as necessary to perform their function.
• Legal compliance: when required to comply with applicable law, court orders, or governmental requests, or to protect the rights, safety, or property of Ledgerline Payments, our users, or the public.
• Business transfers: in connection with a merger, acquisition, or sale of assets, subject to standard confidentiality protections.

5. Data Security

We implement industry-standard administrative, technical, and physical safeguards designed to protect information from unauthorized access, disclosure, or loss. Authentication tokens are stored encrypted at rest. Webhook payloads are signed using HMAC-SHA256 and verified before processing. All connections to third-party APIs use TLS 1.2 or higher.

6. Data Retention

We retain account information and integration records for as long as your engagement with us is active and as needed to comply with legal, accounting, or reporting obligations. You may request deletion of your information at any time by contacting us, subject to retention requirements imposed by law or our connected platforms.

7. Your Rights

Depending on your jurisdiction, you may have the right to: (a) access the personal information we hold about you; (b) request correction of inaccurate information; (c) request deletion of your information; (d) restrict or object to certain processing; (e) request portability of your information; and (f) lodge a complaint with a supervisory authority. To exercise these rights, contact us at support@ledgerlinepayments.com.

8. California Residents (CCPA)

California residents have specific rights under the California Consumer Privacy Act, including the right to know what personal information we collect, the right to delete personal information, the right to opt out of the sale of personal information (we do not sell personal information), and the right not to be discriminated against for exercising these rights.

9. International Users

The Services are operated from the United States. If you access the Services from outside the United States, you understand that your information may be transferred to, stored, and processed in the United States, where data-protection laws may differ from those in your jurisdiction.

10. Children's Privacy

The Services are not directed to individuals under 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child without verified parental consent, we will delete it.

11. Disconnecting Third-Party Connections

You may disconnect a connected third-party platform (such as QuickBooks Online) at any time. When you initiate a disconnect through the integration's admin interface, the following actions occur automatically:

• The OAuth refresh token is revoked at the third-party authorization server (e.g., Intuit's /oauth2/tokens/revoke endpoint).
• All access and refresh tokens are deleted from our integration's storage.
• The webhook subscription stops processing new events for the disconnected account.
• Connection metadata (realm IDs, company identifiers) are cleared from the integration database.

Historical transaction records (order identifier, invoice identifier, amount, status, timestamps) may be retained for accounting, audit, and legal compliance purposes for up to seven (7) years. You may request deletion of these records, subject to retention obligations imposed by law or by your accounting platform.

12. Use of Third-Party Trademarks

QuickBooks, Intuit, WooCommerce, Shopify, and other third-party trademarks referenced on this site are the property of their respective owners. Ledgerline Payments is independent and is not affiliated with, endorsed by, or sponsored by Intuit Inc. or any other trademark owner. References to these platforms describe the technical compatibility of our integrations only.

13. Changes to this Policy

We may update this Privacy Policy from time to time. The most current version will be posted on this page with an updated "Last updated" date.

14. Contact

For privacy questions or to exercise your rights, contact us at support@ledgerlinepayments.com.