Privacy Policy

Last updated: May 9, 2026

Notice: This policy is currently a working draft pending review by qualified legal counsel. It reflects our actual practices but the wording is not yet legally vetted. Please email legal@fimm.pk with any questions or concerns.

This Privacy Policy explains how LedgerFlow ("we", "us", "our") collects, uses, and protects information when you use our invoicing and financial management service at ledgerflow.fimm.app (the "Service").

1. Information we collect

Account information

  • Name, email address, phone number
  • Business name, address, tax registration numbers (NTN/STRN), logo
  • Password (stored as a one-way bcrypt hash; we never see your plaintext password)
  • Two-factor authentication secrets (encrypted at rest)

Business data you enter

  • Your customers' contact details, invoices, quotations, payments, expenses, vendors, products, inventory
  • Bank account details you choose to display on invoices
  • Files you upload (logos, receipts)

Automatically collected

  • IP address, browser/user-agent, pages visited, timestamps
  • Activity logs of significant actions you take in the Service (creating, updating, sending documents)

2. How we use information

  • To operate the Service, including generating invoices, sending email, calculating totals, and producing reports
  • To authenticate you and protect your account from unauthorised access
  • To respond to support requests
  • To send service-related notifications (account, security, billing)
  • To detect and prevent fraud or abuse
  • To improve the Service through aggregate, non-identifying usage analysis

We do not sell your data. We do not use your business data to train machine-learning models.

3. Third-party services we use

  • Google Cloud Platform — hosting and storage. Data resides on GCP infrastructure.
  • Email delivery — invoice and notification emails are sent via SMTP; in transit, we use the email provider configured for your account or our default provider.
  • Sentry — error and performance monitoring. We strip passwords, two-factor secrets, and authorisation headers before sending error reports.
  • Google OAuth (optional) — if you choose "Sign in with Google", Google shares your name, email, and profile picture with us. We do not receive your Google password.

4. Data retention

We retain your data for as long as your account is active. After cancellation, data is retained for up to 90 days for recovery purposes, then permanently deleted, except where we are legally required to retain it (e.g., tax records, law-enforcement requests).

5. Your rights

  • Access — You can view all your data through the Service interface.
  • Export — You can request a complete export of your data at any time.
  • Correction — You can edit or update any information through the Service.
  • Deletion — You can request permanent deletion of your account and data.
  • Portability — Exports are provided in standard formats (CSV, PDF).

To exercise any of these rights, email legal@fimm.pk.

6. Security

We protect your data with TLS encryption in transit, bcrypt-hashed passwords, encrypted-at-rest sensitive fields (mail credentials, 2FA secrets), and tenant-isolated database access. No system is perfectly secure; if you believe your account has been compromised, change your password and contact us immediately.

7. Cookies

See our Cookies Policy for details on the cookies we set.

8. Children's privacy

The Service is not intended for users under 18. We do not knowingly collect data from minors.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email or in-product notice at least 14 days before they take effect.

10. Contact

Questions or requests: legal@fimm.pk