LedgerPulse — Privacy Policy
LedgerPulse is built by Glippin Toys, LLC. We respect your privacy. This page describes what LedgerPulse collects, why, and how you control it. Plain-English summary first, then the details.
Summary
- No account, no email, no password. LedgerPulse signs you in anonymously on first launch (a per-device Firebase user kept in the iOS keychain). We never ask for your name, email, phone, or contact information.
- Your portfolio data (apps, costs, revenue entries, health snapshots, notes) lives under your anonymous user ID in Firestore. Owner-scoped rules mean only your device can read it.
- Device transfer. You can move your data to a new device with a one-time 15-minute code — no login required. The code is hashed server-side; we never store the plaintext.
- Optional Sign in with Apple later if you want multi-device access. Apple shares an opaque user identifier with us; we never see your real email.
- Connector credentials (Pro): if you wire up App Store Connect / Play Reporting / RevenueCat / GCP billing, those credentials live in our backend's environment, never in the app binary and never on your device.
- No advertising. No third-party trackers.
- Subscriptions processed by Apple, Google, and RevenueCat. We never see your payment details.
What we collect
| Data | Why | Retention |
|---|---|---|
| Anonymous Firebase user ID | Identify your device's data | Until account deleted |
| Portfolio data (apps, costs, revenue, snapshots, notes) | The whole point of the app | Until you delete or delete account |
| Subscription status (free / pro) | Gate Pro automation features | Until subscription expires + 90 days |
| Device-transfer code (SHA-256 hash only) | Verify a "move my data" request is from you | 15-minute TTL; deleted on claim or expiry |
| Apple Sign-In opaque user ID (optional) | Multi-device sync if you opt in | Until you unlink or delete account |
| Connector credentials (Pro, optional) | Pull revenue, cost, and health data from your services | Until you remove the connector; stored server-side only |
| Crash reports | Diagnose bugs | 90 days |
What we never collect
- Names, emails, phone numbers, mailing addresses, government IDs
- Real email (if you Sign in with Apple, we get an opaque relay ID only)
- Your end users' data — LedgerPulse aggregates data about your apps, never from them
- Anything from advertising or tracking SDKs (we use none)
Connector credentials (Pro)
If you enable Pro automation, you'll connect external services (App Store Connect API key, Play Reporting service account, RevenueCat API key, GCP billing export). Those credentials are stored server-side in our backend's environment configuration — never in the app binary, never logged, never returned to the device. The credentials are scoped to your business document; only the backend can read them when running your scheduled jobs.
You can revoke any connector at any time from Settings → Connectors. Doing so deletes the credentials from our backend immediately.
Third parties
- Firebase (Google) — anonymous auth, Firestore, Cloud Functions, scheduled jobs, crash reporting
- RevenueCat — subscription processing and entitlement state
- Apple App Store / Google Play Store — installation, updates, subscription billing
- Your connectors (Pro only, optional) — App Store Connect, Google Play Reporting, RevenueCat (reading your own data), GCP Cloud Billing. We act only as a relay between your services and your dashboard.
Your rights
- Delete account + all data: Settings → Delete Account. Irreversible, immediate. Portfolio data, snapshots, and connector credentials are removed.
- Delete a single app or entry: swipe-to-delete in the relevant screen.
- Remove a connector: Settings → Connectors → revoke.
- Move to another device: Settings → Move to another device (generates the 15-minute code).
- Request your data: email support@glippintoys.com
Not financial advice
LedgerPulse aggregates revenue and cost data you provide or connect. It does not constitute accounting, tax, or financial advice. Reconcile against your own books and consult a licensed professional before making decisions that depend on the numbers.
Children
LedgerPulse is intended for indie developers running app businesses; it is not designed for or marketed to children under 13.
Changes
Material changes update the "Last updated" date above and are surfaced in-app.
Contact
support@glippintoys.com
Glippin Toys, LLC