This Privacy Policy describes how Vaultledge (“VaultLedge,” “we,” “us”) collects, uses, stores, and protects information when you use vaultledge.comand the related applications, dashboards, and APIs (the “Service”). VaultLedge is a bookkeeping, payroll, invoicing, and tax-filing platform for small businesses and accounting practices in the United States.

1. What we collect

We collect only what we need to provide the Service:

Account data — name, email, password (hashed), display name, and authentication factors you choose to enable (TOTP 2FA).
Business records — chart of accounts, journal entries, transactions, invoices, bills, contacts, documents you upload, and reports you generate. You own this data.
Payroll data — when you use payroll, we collect and store employee names, addresses, full Social Security numbers (encrypted at rest using AES-256-GCM), wages, withholdings, and related tax-form data necessary for federal and state filings.
Bank-connection data — when you connect a bank account via Plaid, we store the resulting transactions and a limited account profile (institution name, mask, balances). We do not store your bank credentials; Plaid does.
Payment information — when you subscribe, your card and billing details are collected by Stripe and never stored on our servers. We store only the Stripe customer and subscription IDs.
Usage data — IP address, user-agent, page paths, and error traces (via Sentry) to operate, secure, and debug the Service. We do not sell this data and do not use it for cross-site advertising.

2. How we use your data

To provide, secure, and improve the Service.
To run bookkeeping calculations, payroll computations, tax-form preparation, and invoicing on your behalf.
To send transactional emails (receipts, password resets, trial-ending notifications) and, with your consent, product updates.
To detect, prevent, and respond to fraud, abuse, and security incidents.
To meet legal and regulatory obligations (tax reporting, audit trails, data-retention requirements).

3. Who we share data with (sub-processors)

We share data only with the service providers we depend on to run VaultLedge:

Supabase — database, authentication, and file storage (US region).
Vercel — application hosting and edge network.
Stripe — payment processing for subscriptions and customer-facing invoices.
Plaid — bank-account aggregation when you choose to connect a bank.
Anthropic — AI categorization and assistance features. We do not send full bank-account numbers or SSNs to Anthropic.
Resend — transactional email delivery.
Sentry — error tracking and observability.

We do not sell your data to advertisers, data brokers, or any third party.

4. How we protect your data

Transport encryption (TLS 1.2+) for all traffic to and from the Service.
Encryption at rest for sensitive fields (employee SSNs, bank account/routing numbers) using AES-256-GCM with keys held outside the database.
Row-level security on all multi-tenant tables so workspaces are isolated from each other.
Optional two-factor authentication for your account (TOTP).
Audit logs of sensitive operations (SSN access, payroll runs, reconciliation sign-off, account deletion).
Daily backups with up to 30 days of point-in-time recovery on the production database.

5. Your rights

You can, at any time:

Access— export every workspace’s data as a JSON bundle from Settings → Data.
Correct — edit any record directly inside the Service.
Delete— delete a workspace (7-day soft-delete window before purge) or your entire account from Settings → Account.
Port — download invoices as PDF, ledgers as CSV, and full backup bundles as JSON.
Object— opt out of non-essential email at any time from Settings → Notifications.

Residents of Virginia (VCDPA), California (CCPA/CPRA), and the EU/UK (GDPR/UK-GDPR) have the same rights as above plus, where applicable, the right to appeal a denied request and to lodge a complaint with the appropriate supervisory authority (the Virginia Attorney General for VCDPA appeals, the California Privacy Protection Agency for CCPA, and the relevant Data Protection Authority for GDPR/UK-GDPR). VaultLedge does not sell personal information and does not engage in targeted advertising or profiling that produces legal effects, so the opt-out rights under those statutes are inherently satisfied. To exercise any right, email privacy@vaultledge.com; we will respond within 45 days as required by VCDPA.

6. Data retention

We keep your records for as long as your account is active. After account deletion, we purge personal data within 30 days, except where U.S. tax law requires us to retain payroll records for a longer minimum period (typically four years from the date the tax was due or paid, whichever is later) for legal compliance.

7. Cookies and similar technologies

VaultLedge uses a minimal set of first-party cookies for session management, CSRF protection, and idle-timeout enforcement. We do not use third-party advertising or tracking cookies.

8. Children

The Service is intended for businesses and adults (18+). We do not knowingly collect data from anyone under 13. If you believe a child has provided us data, contact privacy@vaultledge.com and we will delete it.

9. International transfers

VaultLedge stores data in the United States. If you access the Service from outside the U.S., you consent to the transfer and processing of your information in the U.S., where data-protection laws may differ from those in your country.

10. Changes to this Policy

We may update this Privacy Policy from time to time. Material changes will be announced via email or in-app notice at least 14 days before they take effect. The “Effective” date at the top reflects the most recent revision.

11. Contact

For privacy questions, data requests, or to report a security concern: privacy@vaultledge.com.