Legal & policies

Everything we promise, in one place

LedgerMCP holds real financial data, so the policies are public, short where they can be, and written in plain language first. Nothing here contradicts what the marketing pages say. That is the point.

Privacy Policy

What we collect, how we use it, and your rights, including exactly how bank data flows through Plaid and the promise that your books are never sold or used to train models.
Read the policy →

Terms of Service

The agreement that governs your use of LedgerMCP: your account, your content, our responsibilities, and the boring-but-important legal machinery.
Read the policy →

Billing & Refund Policy

Paid plans cover one thing: live bank feeds. How billing, cancellation, and refunds work, and why the free tier needs no policy at all.
Read the policy →

Acceptable Use Policy

What you and your AI agent may do with the Service, written for a product where the primary user is often an agent holding your key.
Read the policy →

Cookie Policy

One session cookie plus Google Analytics for aggregate page stats, and that is the entire list: no ad tech, no cross-site tracking, and your books are never in the analytics.
Read the policy →

Data Retention & Disposal

How long each class of data lives, what happens when you delete something or close your account, and how disposal actually works.
Read the policy →

Subprocessors

The short list of providers that touch customer data (Supabase, Plaid, Fly.io, Resend), what each does, and how we announce changes.
Read the policy →

Responsible Disclosure

Found a security issue? How to report it privately, what is in scope, our response commitment, and our good-faith promise to researchers.
Read the policy →

The commitments behind the policies

Your data is yours

Export every book to CSV in one click, whenever you like. No exit fees, no export caps, no retention hostage-taking. Closing your account removes your data on the schedule in the retention policy.

No surveillance business model

The business model is bank-feed subscriptions, period. No ads, no selling data, no training AI models on your books. The cookie policy fits on a page: one session cookie plus aggregate analytics, and your books are never in either.

Agent actions are accountable

Every AI write is logged append-only and reversible in one click. The acceptable use policy spells out the deal: your key, your agent, your responsibility, and our audit trail to keep it honest.

Security architecture (the four database-enforced invariants, encryption, and key handling) lives on the security page. Questions about any policy: support@ledgermcp.com.

Read it, then try it

The audit log inside the product shows you the same honesty the policies promise.