LEGAL

Privacy Policy

We believe in plain language. This policy explains exactly what data we collect, why we collect it, and what control you have over it.

Company
Scalable Innovations LLC
Last updated
March 22, 2026
Applies to
www.ezledgr.com

1. Information We Collect

Information you provide directly

  • Account information: name, email address, and password when you create an account.
  • Business information: business name, entity type, state of incorporation, and EIN (for tax filing features).
  • Payment information: billing details for your EZ Ledgr subscription (processed by our payment provider; we do not store card numbers).
  • Communications: any messages you send to our support team.

Financial data (via Plaid)

When you connect your bank account, we use Plaid Technologies, Inc. to retrieve your financial data. With your explicit consent, we may collect:

  • Account balances and account identifiers
  • Transaction history (descriptions, amounts, dates, merchant names)
  • Account type and institution name

We do not collect or store your bank login credentials. Plaid handles authentication directly with your financial institution using read-only access. See Section 3 for full details.

Automatically collected information

  • IP address, browser type, and device information
  • Pages visited, features used, and time spent in the app
  • Error logs and performance data

2. How We Use Your Information

We use the information we collect to:

  • Provide the service: power bookkeeping, invoicing, bank sync, mileage tracking, tax filing, and all other EZ Ledgr features.
  • Categorize transactions: automatically classify expenses and income in your ledger.
  • Send you important notices: account confirmations, payment receipts, and security alerts.
  • Improve the product: analyze usage patterns to fix bugs and build new features.
  • Comply with legal obligations: respond to lawful government requests and fulfill our regulatory duties.
We do not sell your personal data. We do not sell, rent, or share your personal or financial information with third parties for their own marketing purposes.

3. Financial Data & Plaid

EZ Ledgr uses Plaid to enable secure bank connections. When you choose to connect a financial account:

  • You will be shown a clear disclosure and asked for your explicit consent before any data is retrieved.
  • Plaid connects directly to your financial institution using read-only access — we cannot move money or make changes to your accounts.
  • Your bank credentials are never shared with or stored by EZ Ledgr.
  • Financial data retrieved through Plaid is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access to your financial data is limited to the EZ Ledgr engineering team on a strict need-to-know basis, protected by multi-factor authentication.
You are in control. You can disconnect your bank account at any time from your account settings. Upon disconnection, we will stop retrieving new data. You may also request deletion of your stored financial data (see Section 6).

Plaid's handling of your data is governed by Plaid's End User Privacy Policy.

4. How We Share Information

We share your information only in these limited circumstances:

Service providers

We work with trusted third-party service providers who process data on our behalf under strict data processing agreements. These include:

  • Plaid — bank account connectivity
  • Supabase — database and authentication infrastructure
  • Vercel — application hosting
  • Resend — transactional email delivery
  • Stripe — payment processing

Legal requirements

We may disclose your information if required by law, court order, or to protect the safety and rights of our users or the public.

Business transfers

If Scalable Innovations LLC is acquired or merged with another company, your information may be transferred. We will notify you before your data is subject to a different privacy policy.

We never sell your data. We will never sell or trade your personal or financial information to data brokers, advertisers, or other third parties.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit: All data between your browser and our servers is encrypted using TLS 1.2 or higher.
  • Encryption at rest: All consumer financial data is stored using AES-256 encryption.
  • Access controls: Production systems are protected by multi-factor authentication and role-based access control. Only authorized personnel can access your data.
  • Vulnerability management: We regularly scan our systems and perform annual third-party security testing.
  • Incident response: We maintain a documented incident response plan and will notify affected users promptly in the event of a breach.

No method of transmission or storage is 100% secure. If you discover a security vulnerability, please report it to security@scalable-innovations.com.

6. Data Retention & Deletion

How long we keep your data

  • Account data: Retained while your account is active and for 2 years after closure.
  • Financial transaction data: Retained for 7 years to satisfy financial recordkeeping requirements, then securely deleted.
  • Application logs: Automatically purged after 90 days.

Requesting deletion

You can request deletion of your account and personal data at any time by:

We will complete your deletion request within 30 days and send you a confirmation. Note that some data may be retained where required by law (e.g., tax records) or to resolve active disputes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access

Request a copy of the personal data we hold about you.

Correction

Request correction of inaccurate or incomplete data.

Deletion

Request deletion of your personal data (subject to legal exceptions).

Portability

Receive your data in a structured, machine-readable format.

Opt-Out

Opt out of any sale or sharing of personal data (we don't sell data).

Restriction

Request that we limit processing of your data in certain circumstances.

To exercise any of these rights, contact us at security@scalable-innovations.com. We will respond within 30 days. We may need to verify your identity before processing certain requests.

California residents have additional rights under the CCPA/CPRA. Texas residents may have rights under the Texas Data Privacy and Security Act (TDPSA). We honor these rights for all eligible users.

8. Cookies & Tracking

We use cookies and similar technologies to keep you signed in, remember your preferences, and understand how the product is used. We do not use third-party advertising cookies.

  • Essential cookies: Required for authentication and security. Cannot be disabled.
  • Analytics cookies: Help us understand feature usage and improve the product. You can opt out in your account settings.

9. Children's Privacy

EZ Ledgr is designed for small business owners and is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe we have inadvertently collected such information, please contact us immediately at security@scalable-innovations.com.

10. Changes to This Policy

We may update this policy periodically. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Send an email notification to your registered address
  • Display an in-app banner for 30 days after the change

Your continued use of EZ Ledgr after the effective date of any changes constitutes your acceptance of the updated policy.

11. Contact Us

Privacy inquiries

For questions, requests, or concerns about this policy or your personal data, please contact our Privacy Officer:

Scalable Innovations LLC
Privacy Officer
security@scalable-innovations.com
Fort Worth, Texas, USA

We aim to respond to all privacy inquiries within 2 business days.