Privacy Policy
Last updated: 27 March 2026
1. Overview
This Privacy Policy explains how Ledger collects, uses, stores, and protects your personal information when you use our platform and services.
By using Ledger, you agree to the collection and use of your information as described in this policy. If you do not agree, you must not use the Services.
This policy should be read alongside our Terms of Use.
In other words,
This is our Privacy Policy... exciti- you've read this before on our Terms of Use page, haven't you? Same deal here: we've summarized the key points on the right so you don't have to read every word. This one covers what data we collect, how we use it, and what rights you have. It's here to protect both you and us; if you don't agree, you know where the browser's exit button is.
2. Who We Are
Ledger is operated by Theo Rawls trading as Next Generation Media (NZBN 9429052725937), based in New Zealand.
References to "Ledger", "we", "us", or "our" in this policy refer to Next Generation Media and its services operated under the Ledger brand.
In other words,
We're Ledger, operated by Next Generation Media out of New Zealand. Now you know who's behind the curtain!
3. What We Collect
We collect the following types of information:
Information you provide:
- name and email address
- account credentials
- financial data you enter or import into Ledger
- support requests and communications
Information collected automatically:
- IP address
- browser type and version
- device information
- usage data and access logs
In other words,
We collect the basics: your name, email, login details, and the financial data you put in. We also grab some technical stuff like your IP address and browser type. Nothing creepy, we promise.
4. Your Data
You retain ownership of all data you provide to Ledger.
We do not claim ownership of your data. We only use it to provide and operate the Services as described in this policy.
In other words,
Your data is yours, not ours. We just need it to make Ledger work for you.
5. How We Use Your Data
We use your information to:
- provide, maintain, and improve the Services
- generate financial reports and analytics
- process billing and payments
- send transactional communications (e.g. receipts, alerts)
- respond to support requests
- maintain system security and prevent abuse
We do not sell, rent, or share your personal information with third parties for marketing purposes.
In other words,
We use your data to run Ledger, generate reports, improve the product, and help you when you need support. That's it. No sneaky business plans involving your spreadsheets.
6. Sharing Your Data
We do not sell your personal information.
We may share your data with:
- service providers located in New Zealand who help us operate the platform (e.g. hosting, payment processing)
- third-party services you choose to connect to Ledger
- authorities where required by law
Where you connect a third-party service, their privacy policy applies to any data shared with them.
In other words,
We don't sell your data. Ever. We only share it with service providers in New Zealand that help us run Ledger. If you connect a third-party service, their rules apply too.
7. Third-Party Services
Ledger may integrate with third-party services at your request.
When you connect a third-party service, data may be shared with that provider in accordance with their own privacy policy. We are not responsible for the privacy practices of third-party services.
You should review the privacy policies of any third-party services you connect to Ledger.
In other words,
If you hook up third-party tools, they play by their own rules. We can't babysit what they do with your data once it leaves our hands. Choose wisely!
8. Data Storage & Security
We implement appropriate technical and organisational measures to protect your data, including:
- encryption in transit
- access controls and authentication safeguards
- restricted internal access to customer data
- monitoring for abuse and unauthorised access
No system is completely secure. You are responsible for maintaining the security of your account credentials.
In other words,
We lock things down with encryption, access controls, and monitoring. But no system is perfect – so keep your password safe! And no, ‘password123’ doesn't count.
9. Data Retention
We retain your personal information for as long as your account is active and for a reasonable period after closure to fulfil legal, accounting, or reporting obligations.
Where required by law, we may retain certain data for longer periods.
In other words,
We keep your data while your account is active and for a bit after. If the law says we need to keep it longer, we will. We're not hoarders, but we follow the rules.
10. Access, Deletion & Control
You may:
- access and review your personal data at any time
- update or correct your information
- export your data while your account is in good standing
- request deletion of your account and personal data
To request deletion, contact us at hey@ledgerhq.nz. Some data may be retained where required by law or to fulfil outstanding obligations.
In other words,
You can access, update, or export your data anytime. Want it deleted? Hit us up. Heads up: deleting your account doesn't mean everything vanishes instantly – it takes a little time to untangle.
11. Cookies & Tracking
We use essential cookies for authentication and session management.
We do not use tracking cookies, third-party analytics cookies, or advertising pixels.
In other words,
We use cookies to keep you logged in and make things work. That's about it. No creepy tracking pixels following you around the internet.
12. Children
You must be at least 13 years old to use Ledger.
If you are under 16, you must have the consent of a parent or legal guardian.
We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13 without appropriate consent, we will take steps to delete that information.
In other words,
You need to be at least 13 to use Ledger. Sorry to all you pre-teen book keepers, but rules are rules. Under 16? Get a parent or guardian on board.
13. Legal Basis (GDPR)
If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data on one or more of the following legal bases:
- Contract: processing is necessary to perform our contract with you
- Legitimate interest: processing is necessary for our legitimate business interests (e.g. improving the service, preventing fraud)
- Consent: you have given explicit consent
- Legal obligation: processing is required to comply with applicable law
In other words,
For our friends in Europe: we process your data because we have a contract with you, it's in our legitimate interest, you've given consent, or the law requires it.
14. Your Rights (GDPR)
If you are located in the EEA or United Kingdom, you have the right to:
- access the personal data we hold about you
- request correction of inaccurate data
- request deletion of your data
- object to or restrict processing
- data portability
- withdraw consent at any time
To exercise any of these rights, contact us at hey@ledgerhq.nz.
In other words,
If you're in the EEA or UK, you've got rights – access, correction, deletion, portability, and more. Just get in touch and we'll sort it out.
15. Data Location
All data is stored in New Zealand. We do not operate servers in the European Union or the United States.
If you connect third-party services, those providers may process data in other jurisdictions according to their own policies.
In other words,
Your data lives in New Zealand. We don't have servers in the EU or US. If you connect third-party services though, they might process data elsewhere.
16. Data Controller
For the purposes of the GDPR, the data controller is:
Theo Rawls trading as Next Generation Media
NZBN 9429052725937
New Zealand
Contact: hey@ledgerhq.nz
In other words,
For GDPR purposes, we're the data controller. That means the buck stops with us when it comes to your data.
17. Complaints
If you are located in the EEA or United Kingdom, you have the right to lodge a complaint with your local data protection authority.
If you are in New Zealand, you may contact the Office of the Privacy Commissioner:
Office of the Privacy Commissioner (OPC)
Website: www.privacy.org.nz
Email: enquiries@privacy.org.nz
Phone: 0800 803 909
In other words,
Not happy with how we handle your data? If you're in the EEA or UK, you can complain to your local data protection authority. In NZ, the Office of the Privacy Commissioner has your back.
18. New Zealand Privacy Act
We handle personal information in accordance with the Privacy Act 2020.
In other words,
It does what it says on the tin. We follow New Zealand's Privacy Act 2020.
19. Changes to This Policy
We may update this Privacy Policy from time to time.
If changes are material, we will provide reasonable notice (for example, via email or within the product).
Your continued use of Ledger after the effective date of an updated policy constitutes acceptance of that policy.
In other words,
We might tweak this policy from time to time. Big changes? We'll let you know. Keep using Ledger? You're agreeing to the updates.
20. Contact
For privacy-related enquiries, contact us at hey@ledgerhq.nz.
In other words,
Got questions? Drop us a line at hey@ledgerhq.nz. We're friendly, we promise!