LedgerSwitch Privacy Policy

Effective date: 2026-06-02

Last updated: 2026-06-02

1. Introduction & Scope

This Privacy Policy explains how Martello Systems LLC ("Martello Systems," "we," "us," or "our") collects, uses, shares, and protects personal information when you use LedgerSwitch at ledgerswitch.com and related applications and services (the "Service"). It applies to information we process about visitors, account holders, and the bookkeepers, accountants, and controllers who use the Service.

By using the Service, you agree to the practices described in this Policy. This Policy is incorporated into and subject to our Terms of Service. If you do not agree with this Policy, please do not use the Service.

2. Information We Collect

  • Account information. When you register, we collect information such as your name, email address, and a password stored in hashed form. If you sign in with a third-party provider (such as Google), we receive basic profile information (such as name and email) from that provider.
  • Financial and accounting data you connect. We collect and process the entity, account, transaction, profit-and-loss, balance-sheet, and company-profile data you connect, import, or enter — including data retrieved from connected platforms such as QuickBooks Online (Intuit) via authorized OAuth tokens. This may include business financial information and the identities of vendors, customers, and accounts within your books.
  • Connection tokens. When you authorize a QBO or other third-party connection, we store the access and refresh tokens needed to synchronize data on your behalf.
  • Payment information (via Stripe). Subscription payments are processed by Stripe, Inc. We do not collect or store your full payment card numbers. Stripe processes your payment details directly; we receive limited information such as a transaction identifier, the last four digits and card brand, subscription status, and billing metadata.
  • Usage, device, and log data. We automatically collect information such as IP address, browser and device type, pages and features used, referring URLs, timestamps, and diagnostic/log data.
  • Cookies and similar technologies. We use strictly necessary cookies and session tokens as described in Section 6.
  • Communications. If you contact us (for example, at support@ledgerswitch.com), we collect the content of your messages and our correspondence.

We do not intentionally collect special categories of sensitive personal information, and we ask that you not submit them.

3. Financial Data Accessed via QuickBooks Online

When you connect a QBO company file, you authorize us, through Intuit's OAuth flow, to access and synchronize accounting data from that file — such as the chart of accounts, transactions, profit-and-loss and balance-sheet figures, and company profile — solely to provide the Service's switching, consolidation, reporting, and export features. We use this financial data only to operate the Service for you and at your direction. We do not sell this data, and we do not use it for advertising. You may disconnect a QBO connection at any time; doing so stops further synchronization, and we will delete or stop processing the associated tokens and synchronized data in accordance with Section 7. Your use of QuickBooks Online and Intuit's handling of your data are also governed by Intuit's own terms and privacy policy.

4. How We Use Information

We use personal information to: provide, operate, and maintain the Service and your account; authenticate you and secure your account; connect, synchronize, switch between, and consolidate your financial data; generate reports, exports, and shareable report links at your direction; process subscriptions, billing, and payments through Stripe; send transactional and account communications (such as verification, account, and billing notices); provide customer support; monitor, secure, debug, and improve the Service; detect and prevent fraud, abuse, and security issues; and comply with legal obligations and enforce our agreements. We do not use your data for automated decisions producing legal or similarly significant effects without human involvement, and we do not sell your personal information.

5. Legal Bases for Processing (EEA/UK)

Where the GDPR or UK GDPR applies, we process personal information on the bases of: performance of a contract (to provide the Service and process your subscription); legitimate interests (to secure, improve, and analyze the Service and prevent fraud, balanced against your rights); consent (for optional features and certain cookies, which you may withdraw at any time); and legal obligation (to comply with applicable laws, including tax and recordkeeping requirements).

6. Cookies & Sessions

We use strictly necessary cookies and session tokens to keep you signed in, secure the Service, and operate core functionality. These are required for authentication and cannot be disabled without affecting the Service. Where we use any non-essential cookies or analytics, we will do so in aggregate and, where required by law, request your consent.

7. How We Share Information

We share personal information only as described below. We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

  • Service providers (processors). Stripe, Inc. (payment processing and subscription billing); Intuit / QuickBooks Online (the source you authorize us to connect to and synchronize accounting data from); Google (where you choose to sign in with Google); and hosting and infrastructure providers (including our cloud database provider) that operate and store the Service.
  • Shareable report links. When you create a read-only share link, the report it points to is viewable by anyone who has the link, as described in our Terms. We display that report to whoever opens the link at your direction.
  • Legal and safety. We may disclose information if required by law or legal process, or to protect the rights, property, or safety of Martello Systems, our users, or others, or to enforce our Terms.
  • Business transfers. If we are involved in a merger, acquisition, financing, or sale of assets, your information may be transferred as part of that transaction, subject to this Policy.
  • With your direction. We share information when you ask us to or otherwise consent.

8. Data Retention

We retain personal information and connected financial data for as long as your account is active and as needed to provide the Service, then for a reasonable period afterward to comply with legal, tax, accounting, and recordkeeping obligations, resolve disputes, and enforce our agreements. When you disconnect a data source or close your account, we delete or anonymize the associated data and tokens after a reasonable period, except where retention is required by law. You may request deletion as described in Section 10.

9. Security

We use reasonable administrative, technical, and organizational measures designed to protect personal information, including encryption in transit (HTTPS), hashed passwords, access controls, scoped third-party tokens, and reputable infrastructure and payment providers. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and for managing who can access reports you share. If we become aware of a breach affecting your personal information, we will notify you and authorities as required by law.

10. Your Privacy Rights

Depending on where you live, you may have rights to: access a copy of the personal information we hold; correct inaccurate information; delete your personal information; port/export your data; object to or restrict certain processing; withdraw consent where processing is based on consent; and non-discrimination for exercising your rights.

California residents (CCPA/CPRA). You have rights to know, access, correct, and delete personal information, and to opt out of any "sale" or "sharing" — note that we do not sell or share personal information as those terms are defined.

EEA/UK residents (GDPR/UK GDPR). You have the rights listed above and the right to lodge a complaint with your local data protection authority.

To exercise any right, email support@ledgerswitch.com. We will verify your request and respond within the timeframes required by applicable law.

11. Children's Privacy

The Service is intended for business use by adults and is not directed to children. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected such information, we will delete it. If you believe a minor has provided us information, contact support@ledgerswitch.com.

12. International Users

We operate in the United States, and the Service is intended primarily for U.S.-based users. If you access the Service from outside the United States, you understand that your information will be processed in the United States, where data-protection laws may differ from those in your country. By using the Service, you consent to this transfer and processing, subject to this Policy and applicable law.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and may provide additional notice. Your continued use of the Service after the changes take effect constitutes acceptance of the updated Policy.

14. Contact

If you have questions or requests regarding this Privacy Policy or your personal information, contact Martello Systems LLC — LedgerSwitch, at support@ledgerswitch.com (ledgerswitch.com).

Terms of ServicePrivacy PolicyHome