Legal

Privacy Policy

This policy explains what information NP Ledger collects, how it is used, which service providers are involved, and the controls available to your organization.

Last updated: March 21, 2026

How 70Ware LLC handles service data

This summary covers account data, financial records, AI-related processing, storage, and retention. Questions? Contact us at support@70Ware.com.

1. Introduction

70Ware LLC ("we," "us," or "our") operates NP Ledger, a cloud-based nonprofit fund accounting service. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and organization name. If you sign in with Google OAuth, we receive your name and email from Google.

Financial Data

You enter financial data into the Service, including transactions, accounts, contacts, funds, and supporting documents. This data belongs to you (see our Terms of Service).

Payment Information

Subscription payments are processed by Stripe. We do not store your credit card number, CVV, or full payment details on our servers. Stripe may collect and store payment information in accordance with their privacy policy.

Usage Data

We collect standard server logs including IP addresses, browser type, pages visited, and timestamps. This data helps us maintain and improve the Service.

AI and Voice Data

If you use Voice Entry, audio is processed by AssemblyAI for speech-to-text conversion. We do not store audio recordings after processing. AI Help queries are processed by Google Gemini using your organization's financial context but are not used to train AI models.

3. How We Use Your Information

We use your information to:

  • Provide and maintain the Service.
  • Process your transactions and generate reports.
  • Process subscription payments.
  • Send transactional emails such as password resets, donation receipts, and notifications.
  • Provide AI-powered assistance based on your financial data.
  • Monitor and improve service performance and security, and comply with legal obligations.

4. Data Storage and Security

Your data is stored on Google Cloud Platform (GCP) infrastructure in the United States (us-central1 region). We use the following security measures:

  • Encryption in transit (TLS/HTTPS).
  • Encryption at rest (GCP default encryption).
  • Role-based access controls within the application.
  • Two-factor authentication (TOTP) for administrative access.
  • Daily automated database backups with 7-day retention.
  • Point-in-time recovery capability.
  • Audit logging of all data modifications.

5. Third-Party Services

We use the following third-party services that may process your data:

Service Purpose Data Shared
Google Cloud Platform Infrastructure and hosting All application data
Stripe Payment processing Payment and billing information
Google Gemini AI Help feature Financial context for queries
AssemblyAI Voice Entry speech-to-text Audio recordings (not retained)
Mailgun Transactional email Email addresses and message content

6. Cookies

We use essential cookies required for the Service to function:

  • Session cookie (sessionid) maintains your login session and expires when you close your browser or after inactivity.
  • CSRF token (csrftoken) protects against cross-site request forgery attacks.

We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

7. Data Retention

We retain your data for as long as your account is active. If you cancel your account, we retain your data for 90 days to allow retrieval, after which it may be permanently deleted. Backup copies may persist for up to 7 additional days in accordance with our backup retention policy.

8. Your Rights

You have the right to:

  • Access your data at any time through the Service.
  • Export your data using the built-in data export feature.
  • Correct inaccurate information through account settings.
  • Delete your account and request data deletion by contacting us.
  • Object to data processing by contacting us.

9. Children's Privacy

The Service is not directed to individuals under 16. We do not knowingly collect information from children under 16. If we become aware that we have collected such information, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. The "Last updated" date at the top indicates when changes were last made.

11. Contact

For questions about this Privacy Policy or to exercise your data rights, contact us at support@70ware.com.