Ledgiva

Security

Last Updated: February 28, 2026

1. Our Commitment to Security

At Ledgiva, we take the security of your financial data seriously. We implement industry-standard security measures to ensure your business information is protected at every level of our platform.

2. Data Encryption

  • In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2+ (HTTPS). This ensures that your data cannot be intercepted during transmission.
  • At Rest: Sensitive data stored in our databases is encrypted. Passwords are hashed using bcrypt with salt rounds, making them unreadable even in the event of a data breach.

3. Authentication & Access Control

  • Secure Authentication: We use NextAuth.js with JWT-based session management and CSRF protection.
  • Email Verification: All new accounts require email verification before access is granted.
  • Password Security: Passwords must meet minimum complexity requirements. We provide secure password reset flows via time-limited tokens.
  • Organization Isolation: Each organization's data is logically isolated. Users can only access data belonging to their own organization.

4. Payment Security

We use PayFast, a PCI DSS Level 1 compliant payment processor, for all subscription billing and invoice payments. Ledgiva never stores your credit card numbers or banking details. All payment processing is handled securely by PayFast.

5. Infrastructure Security

  • Server Security: Our servers are hosted with firewalls, SSH key-only access, and regular security updates.
  • Database Security: PostgreSQL databases are configured with role-based access control and are not publicly accessible.
  • Regular Backups: Automated database backups ensure your data can be recovered in the event of an incident.

6. Audit Logging

Ledgiva maintains audit logs for key account actions including logins, data modifications, and administrative changes. These logs help detect unauthorized activity and support compliance requirements.

7. Vulnerability Reporting

If you discover a security vulnerability in Ledgiva, please report it responsibly by emailing contact@ledgiva.com. We will investigate and address the issue promptly.

Home
About
Login
Pricing
Contact