Privacy Policy
Last Updated: June 30, 2026
At MyLifeLedger, protecting your family's privacy is our fundamental obligation. We built this platform on a "Map, Not Vault" philosophy — meaning we help you organize where things are, without requiring you to store the keys (passwords) to open them.
This Privacy Policy applies to both the MyLifeLedger website (mylifeledger.com), our web app (app.mylifeledger.com), and the MyLifeLedger mobile app (iOS & Android) — collectively, the "Service." By using either, you agree to the data practices described here.
Not Professional Advice. MyLifeLedger is an organizational tool — not a law firm, financial advisor, tax professional, or licensed estate planner. Nothing in this Service or generated by our AI features constitutes legal, financial, tax, or professional advice. Please consult a licensed professional for guidance specific to your situation.
1. Information We Collect
A. Information You Provide
- Account Information: When you register, we collect your name and email address. Payment details are handled directly by our secure payment processors — we never see or store your full card number.
- Ledger Data: Institution names (e.g., "Chase Bank," "State Farm"), physical locations (e.g., "Home Safe," "Filing Cabinet"), and contact names. We do not request or require account numbers, PINs, or passwords.
- Voice Recordings & Stories: If you use our voice memory features, audio recordings are processed by our secure AI voice partners for transcription and playback synthesis. If you use the AI story rewrite feature, transcribed text may be sent to our AI text partners for enhancement.
- Trustee Information: If you invite family members or advisors ("Trustees"), we collect their email addresses solely to send access invitations.
B. Information Collected Automatically
- Usage & Analytics Data: We use Google Analytics 4 to collect anonymized data about how visitors interact with our website — pages visited, session duration, and general usage patterns.
- Advertising Data: We use the Facebook Pixel to measure the effectiveness of our advertising campaigns. This collects browser data and pages you visit on our marketing website.
- Device & Technical Information: Browser type, device type, operating system, and IP address — collected for security and service optimization.
- Error & Crash Data: Our mobile app uses automated crash-reporting tools to report errors and crashes. These tools may capture technical context including page URLs and anonymized session data.
- Push Notification Tokens: If you enable push notifications in the mobile app, we store your device push token via our mobile infrastructure provider to deliver reminders and alerts.
2. How We Use Your Information
- To provide, maintain, and improve the MyLifeLedger Service (website and mobile app).
- To process your subscription payments.
- To send you Annual Update Reminders — ensuring your ledger stays current.
- To send transactional emails (invitations, receipts, notifications).
- To power AI features including Ledger AI guidance, voice transcription, and story enhancements.
- To monitor application health and diagnose errors.
- To analyze website traffic and improve our product via Google Analytics.
- To measure advertising effectiveness via the Meta (Facebook) Pixel.
- To notify you about changes to our service or policies.
- To provide customer support.
We STRICTLY DO NOT sell, rent, or trade your personal information to third parties, advertisers, or data brokers.
Legal Bases for Processing (GDPR)
- Contract (Art. 6(1)(b)): Processing necessary to deliver the Service — account management, ledger storage, payments, email delivery.
- Legitimate Interest (Art. 6(1)(f)): Error monitoring, security, product analytics, and service improvement.
- Consent (Art. 6(1)(a)): Advertising pixels and marketing communications. You may withdraw consent at any time.
3. Professional Disclaimers
MyLifeLedger is an organizational tool — not a licensed professional service. We want to be completely transparent about what we are and are not:
- Not Legal Advice: We are not a law firm. Nothing in this Service constitutes legal advice or creates an attorney-client relationship. Consult a licensed attorney for wills, trusts, estate planning, or any legal matter.
- Not Financial Advice: We are not a licensed financial advisor, broker, or investment professional. Nothing in this Service constitutes financial or investment advice.
- Not Tax Advice: We are not a CPA or tax professional. Nothing in this Service constitutes tax advice. Consult a licensed tax professional.
- Not a Substitute for Estate Planning: MyLifeLedger helps you organize information — it is not a substitute for a formal Will, Trust, Power of Attorney, Advance Directive, or professional estate plan.
- Not HIPAA Compliant: MyLifeLedger is not a HIPAA Covered Entity or Business Associate. Do not store Protected Health Information (PHI) requiring HIPAA-compliant handling in the Service.
- AI Features Are Not Professional Advice: Ledger AI suggestions, story rewrites, and any AI-generated content are provided for organizational convenience only. AI outputs may be inaccurate or incomplete. Always verify important information with a qualified professional before acting on it.
4. Data Security
We employ industry-standard security measures to protect your information:
- Encryption at Rest: Your data is encrypted in our database using AES-256 encryption, the industry standard for financial and sensitive data.
- Encryption in Transit: All data transmitted between your device and our servers is protected using Transport Layer Security (TLS/SSL).
- Secure Infrastructure: Our database and backend are hosted by Supabase in secure, US-based data centers with strict access controls.
- Payment Security: We do not store your full credit card information. Payments are processed by Stripe, a PCI-DSS Level 1 compliant processor.
No system is 100% secure. If you believe your account has been compromised, contact us immediately at support@mylifeledger.com.
5. Third-Party Sub-Processors
We share data with trusted sub-processors solely to operate the Service. We strictly vet our partners and contractually obligate them to protect your data. We share data across the following categories of service providers:
- Cloud Infrastructure & Database Hosting: To securely store and encrypt your ledger data.
- Payment Processors: To securely handle subscription billing.
- AI & Machine Learning Providers: To power our voice transcription, text-to-speech synthesis, and Ledger AI features. All AI processing is performed server-side and these providers do not use your data to train their models.
- Communication & Email Providers: To deliver important transactional emails and reminders.
- Analytics & Error Tracking: To monitor app stability and measure website performance, including Google Analytics (web usage data) and the Meta (Facebook) Pixel (advertising measurement). Note that use of the Meta Pixel may constitute “sharing” of personal data for cross-context behavioral advertising under CCPA. You may opt out via Facebook Ad Preferences or the DAA Opt-Out Tool.
A full list of our specific, current sub-processors is available to active subscribers upon request for compliance purposes by contacting support.
6. Cookies & Tracking Technologies
We use cookies and tracking technologies on our website. The MyLifeLedger mobile app does not use browser cookies.
Essential Cookies
Required for the Service to function — authentication sessions and security tokens. Cannot be disabled.
Analytics Cookies — Google Analytics 4
Aggregated, anonymized usage data to improve our product. Opt out via the Google Analytics Opt-out Add-on.
Advertising Tracking — Facebook Pixel
Measures advertising performance. May share browsing data with Meta. Opt out via Facebook Ad Preferences or the DAA Opt-Out Tool.
Do Not Track (DNT): Our website does not currently respond to browser DNT signals, as there is no industry-wide standard for interpreting them.
7. International Data Transfers
MyLifeLedger is based in the United States, and all sub-processors operate on US-based infrastructure. If you access the Service from outside the United States — including from the EU, EEA, or UK — your personal information will be transferred to and processed in the United States.
For EU/EEA/UK users, such transfers occur under appropriate safeguards including Standard Contractual Clauses (SCCs) as provided by our sub-processors. By using the Service, you acknowledge this international transfer.
8. Data Retention
We retain your data only as long as necessary to provide the Service and meet our legal obligations:
- Active Accounts: Data is retained for as long as your account remains active.
- Cancelled Subscriptions: When you cancel your subscription, your account is downgraded to a free tier. Your account information and ledger data are retained indefinitely so you (and your shared Trustees) can continue to access them, but you will not be able to make edits. You may export your ledger data or reactivate your subscription at any time.
- Deletion Requests: We will permanently delete your personal data within 30 days of a verified request, subject to legal retention requirements.
- Backups: Deleted data may persist in encrypted backup snapshots for up to an additional 30 days before being fully purged.
- Legal Holds: We may retain certain data longer if required by applicable law, court order, or regulatory obligation.
9. Your Rights & Choices
Regardless of where you live, you have the following rights:
- Access & Correction: View and edit your information at any time by logging into your account.
- Data Portability: Download a copy of your ledger data at any time from account settings.
- Cancellation: Cancelling your subscription downgrades your account to a free, read-only tier — your data is retained so you and your Trustees can continue to access it.
- Full Deletion: To permanently delete your account and all associated data, email support@mylifeledger.com. This is a separate, irreversible action from cancellation.
- Restrict Processing: Ask us to stop processing your data for certain purposes while retaining your account.
- Opt Out of Marketing: Unsubscribe via the link in any email, or contact us directly.
We respond to all privacy rights requests within 30 days.
10. GDPR Rights — EU, EEA & UK Residents
We comply with the General Data Protection Regulation (GDPR) standards. If you are located in the EU, EEA, or UK, you have the right to access, rectify, port, and request deletion of your personal data, as well as the right to restrict or object to certain processing of your data.
Data Controller: MyLifeLedger is the Data Controller for personal data collected through the Service. To exercise your GDPR rights, email support@mylifeledger.com with “GDPR Rights Request” in the subject line.
11. California & US State Privacy Rights
If you are a California resident, the CCPA (as amended by CPRA) gives you the right to know what personal information we collect and why, delete your personal information, and not be discriminated against for exercising these rights. We will never deny you service, charge you a different price, or provide a degraded experience because you exercised a privacy right.
We do NOT sell your personal information. Ever.
Advertising Opt-Out: Our use of the Meta (Facebook) Pixel may constitute “sharing” of personal data for cross-context behavioral advertising under CCPA/CPRA. You may opt out at any time via Facebook Ad Preferences or the DAA Opt-Out Tool. Your ledger data is never used for advertising purposes.
Residents of Virginia, Colorado, Connecticut, Nevada, and other US states with comparable privacy laws have similar rights to access, delete, and opt out. We honor these rights for all users regardless of state. To submit any privacy rights request, email support@mylifeledger.com with “Privacy Rights Request” in the subject line.
12. Children's Privacy (COPPA)
MyLifeLedger is intended for users who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 13, in compliance with the Children's Online Privacy Protection Act (COPPA).
If we discover that we have inadvertently collected information from a child under 13, we will immediately and permanently delete that account and all associated data, and notify any known guardian. If you believe a child under 13 has created an account, contact us immediately at support@mylifeledger.com.
13. Changes to This Policy & Data Breach Notification
We may update this Privacy Policy to reflect changes in our practices, technology, or applicable law. When we make material changes, we will:
- Post the updated policy on this page with a revised “Last Updated” date.
- Send an email notification to all active subscribers at least 30 days before material changes take effect.
Data Breach Notification: In the event of a breach affecting your personal information, we will notify you and, where required, relevant regulatory authorities (including within 72 hours under GDPR Article 33) in accordance with applicable law. Notification will be sent to the email address on your account.
14. Contact Us
If you have questions about this Privacy Policy, want to exercise your privacy rights, or need to report a concern, please reach out:
Email: support@mylifeledger.com
Mailing Address:
MyLifeLedger
3842 Kalamath Street, Denver CO 80211
We respond to all privacy-related requests within 30 days. For GDPR or CCPA requests, please include “Privacy Rights Request” in the subject line.