Last updated: June 10, 2026

Privacy Policy

LedgerGuard helps service businesses reconcile Jobber and QuickBooks Online. This policy explains what we collect, how we use it, and what happens when an integration is disconnected.

Information we collect

  • Account information such as name, email address, authentication session details, billing status, and plan selection.
  • Connected-system data from Jobber and QuickBooks Online, including customers, invoices, payments, payouts, deposits, sync metadata, OAuth tokens, webhook events, and reconciliation findings.
  • Product usage data such as waitlist submissions, sync runs, audit-log entries, and weekly digest delivery records.
  • Payment data is handled by Stripe. LedgerGuard stores Stripe customer, subscription, plan, and billing status identifiers, but not card numbers.

How we use information

  • To detect duplicate customers, payout-to-deposit mismatches, missing invoices, tax or rounding drift, and other sync-integrity issues.
  • To show guided, suggest-only fixes and keep an audit trail of approvals, API actions, failures, undo steps, and manual instructions.
  • To operate authentication, billing, onboarding, support, weekly books-health emails, and service reliability checks.
  • To improve match quality. Ambiguous duplicate candidates may be sent to an LLM provider for a match/no-match tie-break, limited to the record fields needed for that judgment.

Sharing

  • We do not sell customer data.
  • We share data with service providers that operate LedgerGuard, including hosting, database, authentication email, billing, transactional email, and LLM infrastructure.
  • We may disclose information if required by law, to protect the service, or to prevent fraud or abuse.

Retention and disconnects

  • When Jobber sends an APP_DISCONNECT webhook, LedgerGuard marks the Jobber connection disconnected and clears the stored Jobber access and refresh tokens.
  • Cached records, findings, webhook logs, and fix-action audit entries may be retained so users can understand prior reconciliation history and so we can meet accounting, support, and abuse-prevention obligations.
  • You can request deletion of account data by contacting support. Some records may be retained where required for billing, security, legal, or dispute-resolution purposes.

Security

  • Provider tokens and application secrets are never committed to source control. Production secrets live in managed environment variables and gitignored local files during development.
  • Webhook requests from Jobber are verified with the X-Jobber-Hmac-SHA256 signature before LedgerGuard accepts them.
  • No internet service can be guaranteed perfectly secure. If you believe you found a security issue, contact us promptly so we can investigate.

Contact

  • For privacy requests, deletion requests, or security questions, contact John Lussier at support@ledgerguard.app.