Last updated: March 2026
Ledger Starter is self-hosted, open-source accounting software. Your financial data stays on YOUR server. When you deploy Ledger Starter, your data is stored in your own Supabase project that only you control.
All data is stored in your Supabase PostgreSQL database. Connections use TLS encryption in transit. The database is provisioned in your own Supabase project — we have no access to it. Import rows (raw bank data) are never deleted, serving as an immutable audit trail.
If you connect a bank account via Plaid, an access token is stored to enable ongoing transaction sync. This token is encrypted with AES-256-GCM using an encryption key that only exists in your deployment's environment variables. Only you have the encryption key. Plaid's own privacy policy governs their handling of your bank credentials.
When AI features are enabled, financial summaries (account names and amounts, not raw bank data) are sent to Anthropic's API for processing. Anthropic does not train on API inputs. AI-generated narratives are stored in your local database. You can disable AI features by removing the ANTHROPIC_API_KEY from your environment variables.
Ledger Starter uses cookies solely for authentication (Supabase Auth session cookies). No tracking, analytics, or advertising cookies are used.
Your data is retained in your database as long as you choose to keep it. Since you control the database, you can delete any or all data at any time. Import rows are preserved by design for audit trail purposes but can be removed by directly accessing your database.
Because Ledger Starter is self-hosted, you have complete control over your data. You can export, modify, or delete any data at any time through the application or by directly accessing your Supabase database.
The demo at ledger-starter.vercel.app uses fictional data only. No real financial information is stored. Demo data is periodically reset.
For questions about this privacy policy, please open an issue on the GitHub repository.