Privacy Policy

Last updated: March 14, 2026

1. What Data We Collect

DanceLedger collects the following information to provide our travel budgeting and expense-tracking services:

  • Account information: Your name and email address when you register an account.
  • Trip and expense data: Trip names, dates, expense descriptions, amounts, categories, and member assignments you enter manually.
  • Bank account data via Plaid: When you connect a bank account, we receive transaction data (merchant name, amount, date, category) and account metadata (institution name) through Plaid. We do not store your bank credentials.

2. How We Use Plaid

DanceLedger integrates with Plaid (a third-party financial data provider) to allow you to import bank transactions as trip expenses. Here is what you should know:

  • Plaid provides read-only access to your transaction data. DanceLedger cannot initiate payments or transfers on your behalf.
  • When you connect a bank account, Plaid issues an access token that we store securely (encrypted at rest). This token allows us to fetch new transactions on your behalf.
  • We store transaction metadata (merchant, amount, date, category) in our database to power expense import. We do not store your full account numbers or login credentials.
  • Plaid's own privacy policy governs how Plaid handles your data during the authentication flow. You can review it at plaid.com/legal.

3. How We Protect Your Data

We apply multiple layers of security to protect your data:

  • Plaid access token encryption: All Plaid access tokens are encrypted at rest using AES-256-GCM before being stored in our database. The encryption key is stored separately from the data.
  • In-transit encryption: All data transmitted between your browser and our servers is protected by HTTPS (TLS).
  • Password security: Account passwords are hashed using bcrypt before storage. We never store plaintext passwords.
  • Access control: Your trip data and bank connections are accessible only to you and the members you explicitly invite to a trip.

4. Data Deletion

You have the right to delete your data at any time:

  • Removing a bank account:When you remove a linked bank account from your profile, DanceLedger performs a hard delete of the associated Plaid item record, cascades deletion to all imported transactions, and calls Plaid's item/remove API to revoke our access token. No bank data is retained after removal.
  • Full account deletion: You can request complete deletion of your DanceLedger account and all associated data (trips, expenses, bank connections) by contacting us at the email address below. We will process your request within 30 days.

5. Contact Us

If you have questions about this Privacy Policy, your data, or a data deletion request, please contact us at:

jeebe.diop@gmail.com