Privacy Policy

At Ledgiva, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at ledgiva.com and our invoicing and business management platform (collectively, the "Service").

By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not access or use our Service.

1. Information We Collect

We collect several types of information from and about users of our Service:

1.1 Personal Information

When you register for an account or use the Service, we collect personal information that you voluntarily provide, including:

• Full name and business name
• Email address and phone number
• Business address and location
• Tax identification numbers (if provided)
• Job title and role information
• Profile photo (if uploaded)

1.2 Billing and Payment Information

When you subscribe to a paid plan, we collect:

• Billing name and address
• Payment card information (processed securely through our payment provider, PayFast)
• Transaction history and payment records

Important: We do not directly store your complete credit card information. Payment processing is handled by our third-party payment provider, PayFast, which is PCI-DSS compliant.

1.3 Business and Customer Data

As part of providing the Service, we store the business data you create and manage, including:

• Customer and vendor contact information
• Invoice details, amounts, and payment records
• Expense records and receipts
• Product and service catalogs
• Financial reports and analytics
• Notes, comments, and custom fields

1.4 Usage Data

We automatically collect information about how you interact with the Service:

• IP address and device information
• Browser type and version
• Operating system
• Pages visited and features used
• Time and date of access
• Referring website addresses
• Clickstream data and navigation patterns

1.5 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to collect usage information and improve the Service. See Section 7 for more details about our use of cookies.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 To Provide and Maintain the Service

• Create and manage your account
• Process invoices, expenses, and financial data
• Generate reports and analytics
• Enable collaboration features for team members
• Provide customer support and respond to inquiries
• Send service-related notifications and updates

2.2 To Process Payments

• Process subscription payments and billing
• Manage invoices and payment records
• Detect and prevent fraudulent transactions
• Handle refunds and chargebacks

2.3 To Improve and Optimize the Service

• Analyze usage patterns and trends
• Conduct research and development
• Test new features and improvements
• Monitor and analyze performance and reliability
• Troubleshoot technical issues

2.4 To Communicate With You

• Send account-related notifications
• Provide customer support and technical assistance
• Send marketing communications (with your consent, where required)
• Notify you of updates, new features, and promotions
• Request feedback and conduct surveys

2.5 To Ensure Security and Prevent Fraud

• Detect and prevent unauthorized access
• Protect against fraud, abuse, and security threats
• Monitor for suspicious activity
• Enforce our Terms of Service

2.6 To Comply With Legal Obligations

• Respond to legal requests and court orders
• Comply with applicable laws and regulations
• Protect our rights and property
• Resolve disputes and enforce agreements

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:

3.1 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including:

• Payment Processing: PayFast processes payment transactions securely
• Cloud Hosting: Our infrastructure and database providers
• Email Services: Transactional and marketing email delivery
• Analytics: Usage analytics and performance monitoring
• Customer Support: Help desk and ticketing systems

These service providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your information and not use it for other purposes.

3.2 Business Transfers

If Ledgiva is involved in a merger, acquisition, asset sale, or bankruptcy, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership or use of your personal information.

3.3 Legal Requirements

We may disclose your information when required by law or in response to valid legal requests, including:

• Subpoenas, court orders, or legal processes
• Requests from government authorities
• To establish or exercise our legal rights
• To defend against legal claims
• To investigate potential violations of our Terms
• To protect the safety and security of our users

3.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so, such as when you authorize integration with third-party applications.

4. Data Security

We implement industry-standard security measures to protect your information from unauthorized access, alteration, disclosure, or destruction:

• Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS protocols
• Data Encryption at Rest: Sensitive data is encrypted when stored in our databases
• Access Controls: Strict access controls and authentication mechanisms
• Regular Security Audits: We conduct regular security assessments and penetration testing
• Employee Training: Our team is trained on data security best practices
• Secure Infrastructure: Our servers are hosted in secure, SOC 2 compliant data centers
• Monitoring: Continuous monitoring for suspicious activity and security threats

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to improve our security measures.

5. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy:

• Active Accounts: Your data is retained while your account is active
• Canceled Accounts: We retain your data for 30 days after cancellation to allow for account recovery
• Legal Requirements: Certain information may be retained longer to comply with legal obligations (e.g., tax records, transaction history)
• Aggregated Data: De-identified and aggregated data may be retained indefinitely for analytics

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.

6. Your Rights and Choices

You have certain rights regarding your personal information, depending on your location:

6.1 Access and Correction

You can access and update your account information at any time through your account settings. If you need assistance accessing or correcting your information, contact us at contact@ledgiva.com.

6.2 Data Portability

You have the right to request a copy of your data in a machine-readable format. You can export your data directly through the Service or contact us for assistance.

6.3 Deletion

You can delete your account at any time through your account settings. Upon deletion, your personal information will be removed within 30 days, subject to legal retention requirements.

6.4 Marketing Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by adjusting your email preferences in your account settings. Note that you will still receive transactional emails related to your account and the Service.

6.5 Do Not Track

Some browsers have a "Do Not Track" feature that lets you tell websites not to track your online activities. We currently do not respond to Do Not Track signals.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

7.1 Types of Cookies We Use

• Essential Cookies: Required for the Service to function properly (authentication, security)
• Performance Cookies: Help us understand how visitors use the Service
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Provide insights into usage patterns and trends

7.2 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit your ability to use some features of the Service.

8. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information.

If you believe that a child has provided us with personal information, please contact us at contact@ledgiva.com.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

When we transfer your information internationally, we implement appropriate safeguards to ensure your information receives an adequate level of protection, including using standard contractual clauses approved by regulatory authorities.

10. Third-Party Links

The Service may contain links to third-party websites, applications, or services that are not operated by us. We are not responsible for the privacy practices of these third parties.

We encourage you to review the privacy policies of any third-party sites you visit. This Privacy Policy applies only to information collected by Ledgiva.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated Privacy Policy on this page
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (for significant changes)
• Displaying a prominent notice on the Service (for significant changes)

Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

13. Additional Rights for EU and California Residents

If you are located in the European Union or California, you may have additional rights under the GDPR or CCPA, including:

• Right to know what personal information we collect and how it is used
• Right to access your personal information
• Right to request deletion of your personal information
• Right to correct inaccurate personal information
• Right to restrict or object to processing of your data
• Right to data portability
• Right to withdraw consent at any time
• Right to lodge a complaint with a supervisory authority

To exercise these rights, please contact us at contact@ledgiva.com. We will respond to your request within the timeframes required by applicable law.