Security & Trust
Ledger is built for accounting firms handling sensitive financial data. Here's what we commit to.
Compliance
SOC 2 Type II
We are working toward SOC 2 Type II certification. The technical and operational controls required for this audit are actively being implemented and enforced in production.
ISO 27001
We are working toward ISO 27001 certification. Our information security policies, access controls, and incident response processes are documented and in place.
Our Commitments
Your data is encrypted in transit and at rest.
You can only access data that belongs to your organisation.
Every action in your account is logged and retained for 7 years.
Our infrastructure providers are independently audited (SOC 2 Type II).
Infrastructure Partners
We only work with providers that maintain rigorous independent security certifications.
| Provider | Purpose | Certifications |
|---|---|---|
| Cloudflare | Hosting, compute, and storage | SOC 2 Type II |
| Stripe | Payment processing | SOC 2 Type II, PCI DSS Level 1 |
| SendGrid | Transactional email | SOC 2 Type II |
| Sentry | Error monitoring | SOC 2 Type II |