Last Updated: November 28, 2025
LedgerDroid ("we," "our," or "the App") is designed with privacy as its core principle. This Privacy Policy explains how we handle your data. In short: We do not collect, store, or share your personal or financial data. Your data stays on your device and in your personal Google Drive.
LedgerDroid operates on a "Zero-Backend" model. We do not operate servers that receive, store, or process your financial data. All data processing, including parsing, categorization, and reporting, is performed locally on your Android device.
LedgerDroid requests specific permissions to provide its core functionality. Here is how we use them:
- Scope Used:
https://www.googleapis.com/auth/drive.file - Purpose: To sync your ledger files and attachments across your devices.
- Usage: The App only accesses files and folders that it has created or that you have explicitly opened with the App. It cannot see or access other files in your Google Drive.
- Encryption: All ledger files are encrypted with AES-256-GCM before being uploaded to your Google Drive.
- Scope Used:
https://www.googleapis.com/auth/gmail.readonly - Purpose: To import transaction details (date, amount, merchant) from bank and merchant notification emails.
- Usage: The App scans emails on your device to extract transaction data based on parsing rules.
- Privacy: Email content is processed entirely on-device. No email data is ever sent to us or any third-party server.
- Permission:
android.permission.USE_BIOMETRIC - Purpose: To provide secure app locking (Fingerprint/Face Unlock).
- Usage: Authentication is handled by the Android system. The App never accesses or stores your raw biometric data.
- Service: Google Gemini API
- Purpose: To assist in generating Regular Expressions (Regex) for parsing transaction emails.
- Usage: If you choose to enable this feature, you must provide your own Google Gemini API Key. The App sends the subject line and a sanitized, truncated portion of the email body to Google's Gemini API.
- Privacy:
- Sanitization: Before sending, the App runs a local sanitization process to redact sensitive information such as credit card numbers, account numbers, and government IDs.
- Direct Connection: Your device connects directly to the Gemini API using your personal API key. No data is routed through LedgerDroid's developers or servers.
- Data Retention: The data sent is subject to Google's Gemini API Terms of Service and Privacy Policy. We do not store the data sent to or received from the AI model, except for the final generated regex pattern which is saved locally as a rule.
- Local Storage: Your data (ledger files, rules, settings) is stored locally on your device.
- Encryption: Sensitive data is encrypted using Android Keystore and SQLCipher.
- Cloud Storage: If sync is enabled, encrypted copies of your files are stored in your personal Google Drive account.
We do not share your data with third parties. Since we do not collect your data, we cannot sell or distribute it.
The App interacts directly with Google Services (Drive and Gmail) using your device's Google Account. Use of these services is subject to Google's Privacy Policy.
We may update this Privacy Policy from time to time. Any changes will be reflected in the App and on our repository. Continued use of the App implies acceptance of the updated policy.
If you have any questions about this Privacy Policy, please contact us at: [email protected]