đ Introduction
Welcome to LedgerPortal ("App", "We", "Our", "Us"), developed by RadhaMadhaviTechIndia. We are committed to protecting your privacy and ensuring you have a positive experience on our mobile application.
This Privacy Policy explains:
- What information we collect from you
- How we use and protect that information
- Your rights regarding your personal data
- How we comply with applicable laws
By downloading and using LedgerPortal, you agree to this Privacy Policy. If you do not agree with our practices, please do not use the App.
đ Quick Navigation
- Information We Collect
- How We Use Your Information
- Data Security & Encryption
- Third-Party Services
- Permissions We Request
- Data Sharing & Disclosure
- Data Retention
- Your Rights & Control
- Offline Data & Local Storage
- Compliance with Indian Laws
- Children's Privacy
- Contact & Grievance Redressal
1ī¸âŖ Information We Collect
1.1 Account Information
To create your account and authenticate your identity, we collect:
- Phone Number: Required for OTP-based authentication and account verification
- Company Name: For business profile personalization
- Email Address: Optional, for account management and communication
- Company Address: For GST compliance and business identification
- Company GST Number: For GST-related features and compliance
- Owner/POC Name: For business contact purposes
1.2 Business & Financial Data
LedgerPortal is designed to manage your complete business operations. We store:
đ Invoicing Data: GST invoices, bill details, invoice numbers, dates, amounts
đĨ Client/Supplier Data: Names, phone numbers, addresses, GST numbers, email addresses
đ° Financial Data: Income records, expense tracking, payment details, bank account information
đĻ Inventory Data: Item details, stock levels, HSN codes, quantities, pricing
đŗ Payment Records: Payment modes, receipt numbers, payment dates, transaction amounts
đ Financial Reports: Profit & Loss, Balance Sheet, Day Book, Ledger, Trial Balance
1.3 Media & Documents
- Profile Photos: Your business logo or profile picture
- Invoice Images: Photos of receipts, bills, and invoices for documentation
- Signature Images: Digital signatures for invoices and documents
- Exported Documents: PDFs and Excel files you generate
1.4 Device & Technical Information
- Device Type: iPhone/Android model, OS version
- Device Identifiers: Unique device ID for app analytics
- App Usage Data: Features accessed, frequency of use, session duration
- Crash Reports: App errors and stability issues (via Firebase Crashlytics)
- Performance Metrics: App performance data (via Firebase Analytics)
- IP Address: Your device's IP for security and troubleshooting
1.5 Permissions-Based Data
When you grant specific permissions, we collect:
- Contacts: If you grant permission, we access your device contacts to help you add customers/suppliers (stored locally on your device)
- Camera: Photos you capture for profile pictures, documents, and invoices
- Photo Gallery: Images you select from your device
- Microphone: Audio for voice input features (not stored on servers)
- Location: General location (city/state) only for GST compliance purposes
â Important: We only collect data you actively provide or that is necessary for the App to function. We do NOT access your device data without permission.
2ī¸âŖ How We Use Your Information
We use your information exclusively for the following purposes:
2.1 Core Service Delivery
- Create and manage your account
- Verify your identity via OTP authentication
- Generate invoices and bills with GST compliance
- Track customers, suppliers, and payments
- Manage inventory and stock levels
- Create financial reports (P&L, Balance Sheet, Ledger, etc.)
- Process payment information
- Enable offline mode functionality
- Sync data when you reconnect to internet
2.2 Communication & Notifications
- Send OTP codes for authentication
- Send app updates and feature notifications
- Alert you about important account activities
- Remind you of GST filing deadlines
- Send low stock alerts
- Respond to your support requests
2.3 Technical & Security Purposes
- Troubleshoot app errors and crashes
- Improve app performance and stability
- Detect and prevent fraud or unauthorized access
- Monitor app usage patterns to improve features
- Ensure data integrity and security
- Maintain secure servers and infrastructure
2.4 Legal & Compliance
- Comply with Indian GST regulations
- Comply with Indian Income Tax requirements
- Maintain audit trails for business records
- Respond to legal requests from authorities
- Enforce our Terms of Service
âšī¸ What We DON'T Do:
- â We do NOT sell your data to third parties
- â We do NOT share your financial data with marketers
- â We do NOT use your data for advertising
- â We do NOT rent or lease your information
- â We do NOT track you outside the App
3ī¸âŖ Data Security & Encryption
Your data security is our highest priority. We implement enterprise-grade security measures:
3.1 Data in Transit (Moving Data)
- HTTPS/SSL Encryption: All communication between your device and our servers is encrypted using 256-bit SSL/TLS encryption
- Secure Protocols: We use industry-standard secure protocols for all data transmission
- Certificate Pinning: We verify server authenticity to prevent man-in-the-middle attacks
3.2 Data at Rest (Stored Data)
- Server Encryption: All sensitive data stored on our servers is encrypted
- Database Security: Databases are protected with encryption and access controls
- Local Device Storage: Data stored on your device is encrypted using device-level encryption
- Backup Encryption: All backups are encrypted both in transit and at rest
3.3 Authentication & Access Control
- OTP Authentication: Two-factor authentication via OTP for secure login
- Password Security: Passwords are hashed using industry-standard algorithms (never stored in plain text)
- Session Management: Automatic logout after inactivity to prevent unauthorized access
- Role-Based Access: Only authorized personnel can access user data
- Audit Logs: All data access is logged for security monitoring
3.4 Infrastructure Security
- Secure Servers: Hosted on secure, compliant infrastructure
- Firewall Protection: Multi-layer firewalls prevent unauthorized access
- Regular Security Audits: Periodic security assessments and penetration testing
- Intrusion Detection: Real-time monitoring for suspicious activities
- DDoS Protection: Protected against distributed denial of service attacks
â ī¸ Important Security Note: While we implement robust security measures, no system is 100% secure.
You are responsible for keeping your login credentials confidential. Never share your password with anyone.
4ī¸âŖ Third-Party Services & Integrations
To provide you the best experience, we use the following third-party services:
4.1 Firebase (by Google)
We use Firebase for app functionality and analytics:
| Service |
Purpose |
Data Collected |
| Firebase Crashlytics |
App crash reporting & error tracking |
Crash logs, error messages, stack traces (anonymized) |
| Firebase Analytics |
Usage statistics & feature popularity |
Features used, session duration, event tracking (anonymized) |
| Firebase Cloud Messaging |
Push notifications & app updates |
Device tokens (for notification delivery only) |
Google's Privacy Policy: https://policies.google.com/privacy
4.2 Backend API Service
Your business data is processed and stored on our secure backend servers (api.ledgerportal.in). This service:
- Stores all your financial and business data
- Provides real-time data synchronization
- Generates reports and analytics
- Maintains backup copies of your data
4.3 Communication Services (if applicable)
For sending WhatsApp messages, SMS, and emails, we may use:
- WhatsApp Business API (for business messages)
- SMS gateways (for OTP and notifications)
- Email services (for account notifications)
You control these: You must explicitly choose to send messages via WhatsApp or SMS. We do not automatically send unsolicited messages.
4.4 External APIs & Services
- GST Portal Integration: For GST compliance features
- Bank APIs: (if enabled) For bank transaction synchronization
- Payment Gateways: If you use payment features in the App
âšī¸ Important: These third-party services have their own privacy policies. We recommend reviewing them:
5ī¸âŖ Permissions We Request & Why
LedgerPortal requires certain permissions to function properly. Here's why we need each one:
| Permission |
Purpose |
Mandatory? |
Data Collected |
| Internet |
Sync data with servers, access online features |
â
Yes |
Network access only |
| Contacts |
Import customers/suppliers from your device |
â Optional |
Only contacts you explicitly add |
| Camera |
Capture photos for invoices and profiles |
â Optional |
Photos you take |
| Photo Gallery |
Select images from your device |
â Optional |
Images you select |
| Microphone |
Voice input for notes and search |
â Optional |
Audio input only (not recorded) |
| File Storage |
Save reports, backups, exported files |
â
Yes |
Files you create |
| Notifications |
Send alerts and reminders |
â Optional |
Notification preferences only |
| Location |
GST compliance (city/state level only) |
â Optional |
General area only (not precise) |
đ¯ You Have Control: You can grant or deny these permissions at any time through your device Settings.
Denying optional permissions will not prevent you from using the App's core features, but it may limit certain functionality.
6ī¸âŖ Data Sharing & Disclosure
6.1 We Do NOT Share Your Data
We do not sell, trade, rent, or lease your personal or business information to third parties for marketing, advertising, or any other purpose.
6.2 When We MAY Share Data
Your data may only be shared in these specific circumstances:
â
With Your Explicit Consent
- When you explicitly authorize sharing with a specific third party
- When you choose to share reports or data via WhatsApp, email, or other platforms
- These are always your decisions - we never auto-share
â
Legal Requirements
- If required by court order or legal process
- If required by government authorities (GST, Income Tax, Police)
- To comply with Indian law and regulations
- We will notify you of such requests unless legally prohibited
â
Service Providers
- Our hosting provider (for server maintenance)
- Firebase (limited analytics data only - anonymized)
- Payment processors (only payment information, only if you use payments)
- All service providers are bound by strict confidentiality agreements
â
Business Transfer
- In case of merger, acquisition, or asset sale
- We will notify users and give them options
- This is rare but possible
6.3 What We Will NEVER Do
- â Never sell your financial data
- â Never share your client/customer lists
- â Never give your data to competitors
- â Never use your data for spam/marketing without permission
- â Never share with social media platforms for profiling
- â Never share with insurance companies or financial institutions
- â Never share with unauthorized third parties
âšī¸ Government Requests: If government authorities (GST, Income Tax, RBI, etc.) request your data,
we will comply with legal requirements. You may be notified unless prohibited by law.
7ī¸âŖ Data Retention & Deletion
7.1 How Long We Keep Your Data
While Your Account is Active
- All your business data, invoices, customers, inventory - kept as long as needed
- You can access, modify, or export your data anytime
- No automatic deletion while account is active
After Account Deletion
- Immediate Deletion: Your account and most data is deleted immediately
- Financial Records: Kept for 7 years (as required by Indian Income Tax Act for audit purposes)
- Backup Copies: May take up to 60 days to remove from backups
- Legal Holds: Data retained if required for legal proceedings
7.2 How to Delete Your Account
You can request account deletion anytime:
- Contact our support team (see contact section below)
- Provide your phone number for verification
- Confirm deletion (this action cannot be undone)
- Your data will be deleted within 30 days
7.3 Data Export
Before deletion, you can export your data:
- Generate PDF reports of your financial data
- Export invoices as PDFs
- Export inventory lists as Excel
- All exports are encrypted and secure
â ī¸ Warning: Account deletion is permanent. You will lose access to all your data immediately.
Please export/backup your important data before deletion.
8ī¸âŖ Your Rights & Control Over Your Data
Under Indian law and international privacy standards, you have the following rights:
8.1 Right to Access
- You can access all your personal and business data anytime through the App
- You can request a complete copy of your data in portable format
- We will provide this within 15 days of your request
8.2 Right to Correction
- You can correct or update any information you've provided
- You can edit your profile, business details, customer information, etc.
- Changes are effective immediately
8.3 Right to Deletion
- You can request deletion of your account and data
- Financial records will be retained for 7 years as required by law
- After 7 years, all data will be permanently deleted
8.4 Right to Data Portability
- You can request your data in a portable format (CSV, JSON, PDF)
- You can transfer your data to another service
- We will assist in the export process
8.5 Right to Object
- You can object to certain data processing activities
- You can opt-out of non-essential communications
- You can disable analytics and crash reporting
8.6 Right to Withdraw Consent
- You can withdraw consent for data processing anytime
- This does not affect past processing
- Some core functions may not work without certain data
8.7 How to Exercise Your Rights
To exercise any of these rights, contact us with:
- Your phone number (for verification)
- Specific right you want to exercise
- Any supporting information
We will respond within 15 business days.
9ī¸âŖ Offline Data & Local Storage
9.1 Offline Functionality
LedgerPortal works offline for uninterrupted productivity:
- Create invoices, add customers, track expenses offline
- All data is stored locally on your device
- Data automatically syncs when you reconnect to internet
- No data loss - everything is preserved
9.2 Local Storage Security
- Encrypted Storage: Data is encrypted using your device's built-in encryption
- Secure Keychain: Passwords stored in device's secure keychain (iOS) or Keystore (Android)
- Authentication Required: OTP required to access sensitive data
- Session Lock: Auto-locks after inactivity
9.3 Local Backups
- Device automatically creates local backups
- You can enable cloud backup (optional)
- All backups are encrypted
- You control backup frequency
9.4 Important Reminders
- If your device is lost/stolen, your data may be at risk
- Uninstalling the App may delete local data (use backup first)
- We are not responsible for data loss due to device issues
- Enable device-level security (fingerprint, password)
đ Compliance with Indian Laws
LedgerPortal complies with all applicable Indian laws and regulations:
10.1 Information Technology Act, 2000
- We implement reasonable security measures as per Section 43A
- We maintain data protection standards
- We report security breaches as required
10.2 Rules Under IT Act, 2000
- We implement Information Security Practices (Reasonable Security Procedures)
- We maintain secure networks
- We encrypt sensitive data
- We implement access controls
10.3 GST Law Compliance
- Invoice formats comply with GST regulations
- We help with GSTR filing requirements
- We maintain GST compliant records
- HSN codes and tax rates are accurate
10.4 Income Tax Act, 1961
- We maintain financial records as required by law
- We retain records for required periods
- We support audit trail requirements
10.5 Indian Contract Act & Consumer Protection Act
- We honor our commitments to you
- We provide support and service guarantees
- We comply with consumer protection laws
10.6 RBI Regulations (if applicable)
- For any financial integrations, we comply with RBI guidelines
- We follow Know Your Customer (KYC) principles
1ī¸âŖ1ī¸âŖ Children's Privacy
LedgerPortal is NOT designed for children.
Age Restrictions
- This App is intended for business users (typically 18+ years old)
- We do not knowingly collect data from children under 13
- We do not knowingly collect data from users under 18 without guardian consent
If We Discover Child Usage
- If we become aware a child is using the App, we will delete their data
- We will notify guardians/parents
- We will suspend the account
For Parents/Guardians
If your child has used this App, please contact us immediately.
1ī¸âŖ2ī¸âŖ Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect:
- Changes in our practices
- New features added to the App
- Changes in applicable laws
- Feedback from users
How We Notify You
- We will update the "Last Updated" date at the top
- We will notify you through the App for significant changes
- We may send email notifications for material changes
- Your continued use means you accept the updated policy
Significant Changes
If we make material changes that negatively impact your privacy, we will:
- Provide prominent notice (in-app notification)
- Give you time to review (at least 15 days)
- Allow you to delete your account if you disagree
Contact & Grievance Redressal
If you have questions, concerns, or privacy complaints, please contact us:
How to File a Complaint
If you have a privacy concern:
- Email us: Describe your concern in detail
- Provide evidence: Share any relevant screenshots or details
- Include your phone number: For verification purposes
- We will investigate: Within 15 days
- We will respond: With our findings and resolution
Escalation Process
If you're unsatisfied with our response:
- You can escalate your complaint to our senior management
- Request an independent review
- Contact the Consumer Protection Authority in your state
- File a complaint with the Data Protection Authority (when available)
Your Right to Legal Recourse
Nothing in this privacy policy limits your legal rights. You have the right to:
- File complaints with consumer protection organizations
- Pursue legal action if our practices violate applicable law
- Seek damages for privacy violations
Data Breach Notification
If Your Data Is Compromised
In the event of a data breach, we will:
- Notify you immediately: Within 72 hours as per best practices
- Explain what happened: Clear description of the breach
- Identify affected data: What information was compromised
- Tell you what we're doing: Our response measures
- Provide guidance: Steps you should take
- Offer support: Credit monitoring if applicable
How You'll Be Notified
- Email to the address on file
- In-app notification
- SMS to your phone number
- Public announcement (if required by law)
Your Acknowledgment
By downloading and using LedgerPortal, you acknowledge that:
- â
You have read and understood this Privacy Policy
- â
You consent to our data collection and usage practices
- â
You understand how your data is protected and shared
- â
You agree with how we comply with applicable laws
- â
You understand your rights regarding your data
If you do not agree with this Privacy Policy, please do not use LedgerPortal.