Privacy Policy

Summary

• Your data is yours. We never collect, access, or sell your personal information.
• Local by default. All data is stored on your device unless you enable iCloud sync.
• Optional sync. If you choose to enable iCloud sync, your data is stored in your private iCloud account—not on our servers.
• Encrypted attachments. Documents you store are encrypted on your device. If synced, they remain encrypted in transit and in your iCloud account.

Data Storage

Local Storage (Default)

By default, BonusLedger stores all your data locally on your device:

• Account information and tracking data
• Requirement progress and logged events
• Encrypted document attachments
• Reminders and notification preferences
• App settings

This data never leaves your device unless you explicitly enable iCloud sync or export your data manually.

iCloud Sync (Optional)

If you enable iCloud sync in Settings:

• Your data is stored in your private iCloud account, associated with your Apple ID
• Data syncs across your iPhone, iPad, and Mac devices signed into the same Apple ID
• We do not operate the servers—Apple's iCloud infrastructure handles storage and sync
• Your document attachments remain encrypted during sync using keys stored in your iCloud Keychain
• You can disable sync at any time and optionally delete your cloud data

Note: iCloud sync requires an active iCloud account. Your synced data is subject to Apple's iCloud Terms of Service and Privacy Policy.

Data We Collect

None.

BonusLedger does not collect, transmit, or have access to:

• Your personal information
• Your bank account details
• Your tracking data
• Your documents or attachments
• Analytics or usage data
• Crash reports
• Device identifiers

We have no servers. We have no database of user information. We cannot see your data even if we wanted to.

Document Security

When you attach documents (bonus terms, statements, 1099 forms, etc.):

• Files are encrypted using AES-256-GCM encryption before being stored
• Encryption keys are stored in your device's secure Keychain
• If iCloud sync is enabled, encryption keys sync via iCloud Keychain (Apple's end-to-end encrypted service)
• High-risk documents require Face ID or Touch ID to view
• We recommend against storing highly sensitive documents like full bank statements with account numbers

Third-Party Services

BonusLedger does not integrate with any third-party services except:

• Apple's iCloud (only if you enable sync): For cross-device data synchronization
• Apple's App Store: For app distribution and purchase processing

We do not use:

• Analytics services
• Advertising networks
• Crash reporting services
• Social media integrations
• Account linking services (Plaid, Yodlee, etc.)

Data Export & Deletion

Export: You can export your data at any time via CSV or PDF from within the app.

Deletion: Delete the app to remove all local data. If iCloud sync is enabled, you can delete cloud data from Settings before uninstalling, or delete it via iCloud settings on your device.

Children's Privacy

BonusLedger is not directed at children under 13. We do not knowingly collect data from children because we do not collect data from anyone.

Changes to This Policy

We may update this privacy policy to reflect changes in the app's functionality. Significant changes will be noted in app update release notes. The “Last Updated” date at the top indicates when the policy was last revised.

Contact

Questions about this privacy policy? Contact us at:

Email: privacy@bonusledger.com

Your Rights

Since we don't collect your data, there's nothing to request access to, correct, or delete from our systems. Your data lives on your device and (optionally) in your private iCloud account, both of which you fully control.