Privacy Policy

Guest Mode (no account): When you use Ledger without signing in, all data — your transactions, categories, budgets, and settings — stays entirely on your device. We collect no personal information whatsoever.

Signed-In Mode (optional): If you choose to sign in with Google, we receive from Google only the information you've authorized:

• Your name and profile picture (for display purposes only)
• Your email address (to identify your account)
• A unique Google user ID

Financial Data: Transactions, amounts, categories, notes, and dates you manually enter are automatically synced to PawStrike's secure cloud database (powered by Appwrite) when you are signed in. Your data is stored on PawStrike-managed infrastructure — not in your personal cloud storage. This data is never sold, shared, or used for advertising.

Usage Data: We do not use third-party analytics trackers. We may collect anonymized, aggregated crash reports and performance diagnostics to improve the app. These contain no personally identifiable information.

Ledger uses Google OAuth 2.0 for optional account authentication. This integration allows you to create and access your account securely without a separate password.

When you sign in with Google, the authentication is handled through Google's secure servers. Ledger only requests the minimum necessary scopes:

• openid — to verify your identity
• email — to associate your data with your account
• profile — to display your name and avatar

We do not access your Google Drive, Gmail, Google Calendar, contacts, or any other Google services. You may revoke Ledger's access at any time through your Google Account permissions.

We use the information we collect solely to:

• Authenticate your account and keep it secure
• Sync and back up your financial records across your devices
• Display your profile information within the app
• Restore your data when you sign in on a new device
• Respond to support requests you initiate
• Improve app performance and fix bugs

We will never: sell your data, use it for advertising, share it with third parties for marketing purposes, or use your financial information to build profiles about your spending habits outside of the app.

Local Storage: In Guest Mode, all data is stored using your device's local storage and IndexedDB. It never leaves your device.

Cloud Storage (PawStrike-Managed): When signed in, your transaction data is stored in PawStrike's Appwrite-powered cloud database. PawStrike is the data controller for all cloud-stored data. All data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Document-level security ensures you can only ever access your own data — even our engineering team cannot read your individual records.

Data Retention: We retain your cloud data for as long as your account is active. Upon account deletion, all your data is permanently and irreversibly removed from PawStrike's servers within 30 days.

Authentication: Session tokens are stored securely and rotated regularly. We do not store your Google account password.

App Lock (PIN / Biometric): The optional PIN or biometric lock is handled entirely on-device. No PIN or biometric data is ever transmitted to our servers.

You are in full control of your data:

• Access: Export all your data at any time in CSV, TXT, or Excel format from the Profile page.
• Correction: Edit or delete any transaction directly in the app at any time.
• Deletion: Delete your account and all associated cloud data permanently from the Profile page → "Delete Account". Local data on your device is also cleared.
• Portability: Use the export feature to download your data in standard formats before deletion.
• Opt-out of sync: Simply sign out to stop all cloud sync. Your data will remain on-device in Guest Mode.

If you are located in the EU/EEA, you may also have rights under GDPR, including the right to lodge a complaint with your local supervisory authority.

Ledger uses the following third-party services, each with their own privacy policies:

We do not integrate advertising networks, social media trackers, or data brokers.

Ledger is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us at customer@pawstrike.com and we will promptly delete it.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, through an in-app notification.

Your continued use of Ledger after any changes constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

If you have questions, concerns, or requests about this Privacy Policy or how we handle your data, please reach out: