Privacy Policy

A. Landlord Account Information

• Identity Data: First name, last name, email address, phone number, and company name (optional).
• Authentication Data: Password (hashed and salted), or Google OAuth tokens (email, display name, profile photo URL) when using third-party login.
• Property Data: Addresses, unit details, rent amounts, occupancy status, property photos, and building configurations (multi-unit, co-living, etc.).
• Financial Data: Expense records, income entries, IRS Schedule E categorizations, and transaction history.
• Maintenance Data: Ticket descriptions, photos of issues, contractor details, repair costs, and vendor assignments.
• Lease Data: Lease terms, agreements, and electronic signatures processed through DocuSeal.

B. Resident Information

• Identity Data: First name, last name, email address, and phone number (provided during Landlord-initiated invitation).
• Authentication Data: Password or Google OAuth tokens.
• Payment Data: Bank account or credit/debit card details processed securely through Stripe. LedgeFlow does not store raw card or bank account numbers.
• Lease Data: Signed lease documents, lease terms, and move-in/move-out dates.
• Communication Data: In-app messages with Landlords, maintenance ticket submissions, and support requests.

C. Automatically Collected Information

• Device & Browser Data: IP address, browser type and version, operating system, device identifiers, and screen resolution.
• Usage Data: Pages visited, features used, click patterns, session duration, and referring URLs.
• Location Data: Approximate location derived from IP address (we do not collect precise GPS data).
• Log Data: Server logs including access times, error logs, and API request metadata.

LedgeFlow does not store your full SSN or raw ID documents on our servers. This sensitive data is transmitted directly to Stripe via encrypted channels to meet "Know Your Customer" (KYC) and Anti-Money Laundering (AML) regulations.

• We may store the last four digits of your SSN for identification verification purposes.
• KYC verification status (approved, pending, or rejected) is stored in our database.
• Banking transaction records (deposits, withdrawals, transfers) are retained for financial reporting and regulatory compliance.
• Security deposit escrow records are maintained for the duration of the tenancy plus applicable statutory retention periods.

Tenant screening services are powered by TransUnion (SmartMove). When a screening is requested:

• LedgeFlow facilitates the connection, but TransUnion collects the sensitive applicant data (e.g., full SSN) directly through their secure portal. This data does not pass through LedgeFlow servers.
• The resulting Credit, Criminal, and Eviction reports are stored in our encrypted database so they can be viewed by the authorized Landlord.
• Screening reports are accessible only to the Landlord who requested them and are not shared with other users.
• We comply with the Fair Credit Reporting Act (FCRA) regarding the handling, storage, and disposal of consumer report data.
• Screening reports are retained for the period required by FCRA regulations, after which they are securely deleted.

When prospective tenants submit rental applications through LedgeFlow (including through Landlord white-label websites), we collect:

• Application Data: Full legal name, email address, phone number, gross monthly income, estimated credit score, desired move-in date, pet ownership status, Section 8 voucher status, and any additional notes provided by the applicant.
• Pre-Qualification Data: Income verification information used for automated 3x rent pre-qualification screening.
• Communication Records: Correspondence related to the application, including automated drip campaign emails and follow-up messages.

We use the information we collect for the following purposes:

• Legal Compliance: Fulfilling regulatory obligations including tax reporting, AML/KYC requirements, and responding to lawful legal requests.
• Fraud Prevention: Detecting and preventing fraudulent activity, unauthorized access, and abuse of the platform.
• Lead Management: Facilitating the applicant funnel, automated pre-qualification, and follow-up communications on behalf of Landlords.

What Data AI Agents Access

• Property portfolio data (addresses, units, occupancy, rent amounts).
• Financial records (expenses, income, transaction history, categorizations).
• Maintenance tickets and work order history.
• Resident information (names, lease status, payment history).
• Communication history for context-aware drafting.

How AI Data Is Handled

• AI processing occurs in real-time using your account data. Data is not used to train third-party AI models.
• Conversation logs with the AI Portfolio Agent may be retained to improve response quality and for debugging purposes.
• Financial insights and analytics use anonymized and aggregated transaction data.
• AI agents operate within user-configured autonomy levels. Actions requiring approval will not execute without your confirmation.

We do not sell, rent, or trade your personal information. We share data only with essential service partners and only to the extent necessary to provide the Service:

We may also disclose your information in the following circumstances:

• Legal Requirements: When required by law, subpoena, court order, or governmental regulation.
• Safety & Security: To protect the rights, safety, or property of LedgeFlow, our users, or the public.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the successor entity. You will be notified of any such transfer.
• With Your Consent: We may share data with additional parties when you provide explicit consent.

LedgeFlow uses cookies and similar technologies to enhance your experience. When you first visit our platform, you will be presented with a cookie consent banner allowing you to accept or reject non-essential cookies.

Types of Cookies We Use

Google reCAPTCHA: We use Google reCAPTCHA on certain forms to protect against spam and abuse. This service may collect hardware and software information, such as device and application data, and send it to Google for analysis. Use of reCAPTCHA is subject to Google's Privacy Policy and Terms of Service.

Do Not Track: LedgeFlow currently does not respond to "Do Not Track" browser signals. We will update this policy if we adopt a DNT standard in the future.

LedgeFlow employs industry-standard security measures to protect your data:

• AES-256 Encryption: All property, financial, and personal data is encrypted at rest.
• TLS 1.3: All data transmitted between your device and our servers is protected by transport-layer encryption.
• Tokenization: We never store raw credit card or bank account numbers. All payment data is tokenized through Stripe.
• Firebase Security Rules: Granular access controls ensure users can only access their own data.
• Authentication Security: Passwords are hashed using industry-standard algorithms. We support Google OAuth for secure third-party authentication.
• Screening Report Encryption: Tenant screening reports containing sensitive consumer data are stored with additional encryption layers.

We retain your personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law:

• Active Accounts: Data is retained for the duration of your active subscription.
• Closed Accounts: After account cancellation, data is retained for 90 days to allow for reactivation, after which it is permanently deleted.
• Financial Records: Transaction records, expense logs, and tax-related data (Schedule E reports) are retained for a minimum of 7 years to comply with IRS record-keeping requirements.
• Tenant Screening Reports: Retained in accordance with FCRA requirements and securely deleted thereafter.
• Lease Documents: Retained for the duration of the lease term plus any applicable statutory retention period.
• Lead/Application Data: Retained for 2 years from the date of application, or until deletion is requested by the applicant.
• AI Conversation Logs: Retained for up to 12 months for service improvement and debugging purposes.
• Server Logs: Retained for up to 90 days for security and operational purposes.

When data is deleted, we use industry-standard secure deletion methods to ensure it cannot be recovered.

Depending on your location, you may have the following rights regarding your personal data. We honor these rights regardless of whether your state has enacted specific privacy legislation:

How to Exercise Your Rights

• Submit a request via email to support@ledgeflow.com with the subject line "Privacy Rights Request."
• Use the data export feature in your Settings dashboard for self-service data portability.
• We will verify your identity before processing any request and respond within 30 days (or 45 days for complex requests, with notice).

California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). In the preceding 12 months, we have collected the categories of personal information described in Section 1 of this policy. We do not sell personal information as defined by the CCPA. You may designate an authorized agent to submit requests on your behalf.

LedgeFlow is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal data from a child under 18, we will take steps to promptly delete that information. If you believe a child has provided us with personal information, please contact us at support@ledgeflow.com.

LedgeFlow is based in the United States. If you access our Service from outside the United States, please be aware that your data may be transferred to, stored, and processed in the United States where our servers and central database are located.

• By using LedgeFlow, you consent to the transfer of your data to the United States.
• We ensure that data transfers comply with applicable data protection laws, including implementing appropriate safeguards where required.
• For EU/EEA users: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission as a legal basis for international data transfers where applicable.

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes:

• We will provide at least 30 days' advance notice via email or in-app notification.
• The "Last Updated" date and version number at the top of this page will be revised.
• The updated policy will be posted on our website.
• Continued use of the Service after the effective date constitutes acceptance of the updated policy.
• Previous versions of this policy are available upon request.

For data requests, privacy concerns, or questions about this Privacy Policy, please contact our Privacy Team: