AutoLedger
Back to home

Legal

Privacy Policy

Last updated: 26 April 2026

1. Introduction

AutoLedger ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our platform and website. Please read it carefully. If you do not agree with the terms of this policy, please discontinue use of the Service.

2. Information We Collect

We may collect the following categories of information:

  • Account Data: Name, email address, and password when you register.
  • Business Data: Vehicle inventory records, sales data, expense records, and documents you upload.
  • Usage Data: Log files, IP addresses, browser type, pages visited, and actions taken within the Service.
  • Communications: Messages you send us via the contact form or email.
  • Payment Data: Billing details processed securely by our payment provider (Stripe). We do not store full card numbers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Process transactions and send related information such as invoices and receipts.
  • Respond to your enquiries and support requests.
  • Send administrative information, such as updates to our Terms or this Policy.
  • Improve the Service through analytics and usage insights.
  • Comply with legal obligations.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases:

  • Contract: Processing necessary to provide the Service you have subscribed to.
  • Legitimate interests: Improving the Service and preventing fraud.
  • Legal obligation: Compliance with applicable laws.
  • Consent: Where you have given explicit consent, such as marketing communications.

5. Data Sharing & Disclosure

We do not sell your personal data. We may share it with trusted third-party service providers who assist us in operating the Service, subject to confidentiality obligations, including:

  • Supabase – Database, authentication, and storage infrastructure.
  • Resend – Transactional email delivery.
  • Stripe – Payment processing.
  • OpenAI – AI document processing (document content only, not personal account data).
  • Netlify – Hosting and content delivery.

We may also disclose your data if required by law or to protect our legal rights.

6. Data Retention

We retain your personal data for as long as your account is active or as necessary to provide the Service. After account closure, we may retain certain data for up to 90 days before deletion, unless a longer retention period is required by law.

7. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, and role-based access controls. However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but we will notify you of any breach as required by applicable law.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your data in certain circumstances.
  • Restriction: Request that we limit how we process your data.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.

To exercise any of these rights, please contact us. We will respond within 30 days.

9. Cookies

We use essential cookies to maintain your session and preferences. We do not currently use tracking or advertising cookies. You can control cookie settings through your browser, though disabling essential cookies may affect Service functionality.

10. International Transfers

Your data may be processed in countries outside your own, including the United States, where our service providers are based. Where such transfers occur, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date and, where appropriate, by email. We encourage you to review this page periodically.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us via the website contact form.