Privacy Policy
Effective 8 July 2026
This policy explains what Ledger ("we", "us") collects when you use the Ledger app and ledgerapp.uk, and how we handle it. We keep it deliberately plain.
1. What we collect
- No account is required. The app currently works without registration. We do not collect your name, email or contact details unless you email us.
- Usage analytics. The app records product events (screens viewed, features used, subscription funnel steps) tied to a random device-generated identifier — not your identity. We use Amplitude and our own infrastructure for this.
- Your bet journal stays on your device. Entries you log in the Journal are stored locally on your phone. They are not uploaded to our servers.
- Preferences such as followed leagues, teams and strategies are stored on your device; anonymous copies of follow/notification choices may be processed server-side to deliver push notifications you request.
- Push tokens. If you enable notifications, we store the token needed to deliver them.
- Purchases. Subscriptions are processed by Apple. We receive subscription status (e.g. active/expired) — never your card details.
- Server logs. Our infrastructure provider (Cloudflare) processes IP addresses transiently for security, rate limiting and abuse prevention.
2. What we do NOT do
- We do not sell your data.
- We do not take bets or handle your money.
- We do not build gambling-behaviour profiles of identified individuals.
3. Why we process data (legal bases)
We process the data above to run and improve the Service (legitimate interests), to deliver features you request such as notifications (performance of a contract), and where required, with your consent (e.g. iOS App Tracking Transparency, if ever requested). You can use the core app without granting optional permissions.
4. Third parties
We share only what each provider needs to do its job: Amplitude (product analytics), Cloudflare (hosting, security), Apple (payments, notifications), sports data providers (match data flows to us, not your data to them). Future versions may add Firebase (anonymous sign-in, notifications), RevenueCat and Superwall (subscription management) — each will receive only subscription/device-level data, and this policy will be updated.
5. Retention
Analytics events are retained in aggregate form for product improvement. Device-local data (journal, preferences) lives on your phone and is deleted when you delete the app. Server-side push tokens are removed when notifications are disabled or invalid.
6. Your rights
Under UK GDPR you may request access, correction or deletion of personal data we hold, object to processing, or complain to the ICO. Because we hold no account data, most requests concern the device identifier — include it where possible, or simply reset it by reinstalling the app. Contact: support@ledgerapp.uk.
7. Children
The Service is for adults aged 18+. We do not knowingly process data of anyone under 18.
8. Changes
We will post any changes here with a new effective date; material changes will be signposted in the app.