What happens to your uploaded file
When you upload a bank statement or ledger file, here's exactly what happens — step by step.
-
1File received and parsed in memory Your file is uploaded over HTTPS, parsed into rows/columns, then the original is immediately deleted from disk. We don't keep your original file — only the parsed data needed to produce your output.
-
2Column headers sent to AI for mapping We send only your column headers and a few sample rows (no account numbers, no full transaction lists) to our AI model to identify which columns are Date, Debit, Credit, etc. This is the minimum needed for accurate mapping.
-
3Standardized output file generated Your full dataset is processed server-side in memory. The standardized XLSX output is written to temporary storage and made available to download.
-
4Output available for 30 days, then purged Your processed output file is stored temporarily and associated with your account. It's automatically deleted after 30 days. You can delete it earlier from your File History at any time.
Who can access your files
Every file is tied to your account. Download links require a valid session token — they cannot be accessed by anyone who isn't logged in as you.
No public file URLs. If someone finds or guesses a job ID, they still cannot download the file without your authentication credentials. All download endpoints verify both identity and file ownership before serving any content.
-
✓Authenticated downloads only All /api/download/* endpoints require a valid JWT session token. Unauthenticated requests are rejected with 401.
-
✓Ownership verified on every request Even authenticated users can only access jobs they created. Cross-user access returns 403 Forbidden.
-
✓LedgerReady staff cannot access your files Processed output files are stored in temporary server filesystem storage. We do not have a browseable file store or admin download UI. Files are not exported or backed up outside the server instance.
How long we keep your data
| Data Type | Retention | Notes |
|---|---|---|
| Original uploaded file | Deleted immediately | Deleted from disk after parsing. Never stored permanently. |
| Processed output file (XLSX) | 30 days | Auto-purged after 30 days. Delete manually anytime from File History. |
| Annotated original (color-coded) | 30 days | Same retention as standardized output. |
| Job metadata (filename, row count, anomalies) | Account lifetime | Lightweight record used to populate your File History. No financial data, no file contents. |
| Account credentials | Until account deletion | Email + bcrypt-hashed password only. Plain passwords never stored. |
To delete your processed files, go to File History in the app and click the delete button next to any job. To delete your account entirely, email support@ledgerready.app.
Who else sees your data
Your financial data is not sold, shared, or provided to any third party for their own purposes. Here's the complete list of external systems that touch your data:
-
✓AI model (column mapping only) We send column headers and up to 5 sample rows to an AI API for column mapping purposes. This is a small, non-identifying subset — no account numbers, no transaction descriptions, no amounts from more than a few rows. The AI provider does not store or train on this data under our usage agreement.
-
✓Infrastructure providers (Render, Neon) Our server runs on Render (web hosting) and our database runs on Neon (PostgreSQL). These are infrastructure-only providers — they provide compute and storage but have no application-level access to your data. Both are SOC 2 Type II compliant.
No marketing, analytics, or ad platforms receive your data. We don't use Google Analytics, Facebook Pixel, or any behavior tracking on the app pages. Your file processing activity is not profiled or monetized.
Where your data is processed and stored
| Component | Provider | Compliance |
|---|---|---|
| Web server / file processing | Render (US) | SOC 2 Type II, GDPR |
| Database (job metadata) | Neon PostgreSQL (US) | SOC 2 Type II, GDPR |
| Transit encryption | TLS 1.2 / 1.3 | HTTPS enforced |
| Password storage | bcrypt (cost factor 10) | One-way hash, never plaintext |
| Session tokens | JWT (HS256, 30-day expiry) | Stored client-side only |
Talk to us about security
If you have a specific compliance question before uploading client data — HIPAA, SOC 2, firm security policy, anything — reach out directly. We'll answer plainly.
Email: support@ledgerready.app