Privacy Policy for LocumLedger

Effective date: November 2025

1. Introduction

Welcome to LocumLedger. We ("we", "our", "us") are committed to protecting and respecting your privacy.

This policy outlines how your data is handled, whether you use the app in "Local-Only Mode" or create an account. Please read this policy carefully to understand your choices and how your data is treated.

This policy is governed by UK GDPR and the Data Protection Act 2018.

2. A Note on Our Two Data Modes

LocumLedger offers two distinct ways to use the app, which fundamentally changes how your data is stored and managed.

• 1. Local-Only Mode (Default): If you use the app without creating an account, you are in Local-Only Mode. In this mode, all of your personal and financial data (shifts, expenses, invoices, etc.) remains stored exclusively on your device. We do not have access to, collect, or transmit any of this personal data. Your data's security is managed by your device's own security and encryption.

• 2. Create an account: If you choose to create an account, your data is encrypted and synchronised to our secure cloud servers (provided by Google Firebase) to enable backup and access across multiple devices. By creating an account, you are giving us consent to collect, store, and process your data as described in this policy.

The rest of this policy will specify which sections apply to all users, and which apply only to Account Users.

3. Data We Collect

A. For All Users (Local-Only and Cloud Sync):

We collect a small amount of anonymous data from all users to help us improve the app:

• Usage and Diagnostics Data: We use Firebase Analytics to collect anonymised data about how you interact with our app (e.g., app launches, feature usage, performance data, and crash reports). This data is not linked to you personally and is only tied to an anonymous device ID.

• Location Data: We collect a Coarse Location (e.g., country) derived from your IP address. This is used for anonymised analytics reports only.

B. For Account Users Only:

If you create an account, we collect the following data to provide the sync service:

• Account Information: Your email address and a securely hashed version of your password.

• Personal & Business Details: Your name, business name, profession, addresses (business and home), and phone numbers.

• Financial Information:

  • Your bank details (account name, sort code, account number).

  • Details of your earnings, shifts, and income targets.

  • Details of your expenses, including amounts and categories.

• Work Data: Information about your shifts, invoices, and associated practices.

• User Content: Images you upload for expense receipts and any notes you write.

• Purchase Information: When you subscribe, our partner RevenueCat provides us with your purchase history and subscription status, which we link to your account. We do not see or store your payment card details.

• Security Data: We log IP addresses during login for security and to prevent fraudulent access to your account.

4. How We Use Your Data (Purpose and Legal Basis)

• For All Users: Our legal basis is legitimate interest to improve and maintain our app. We use your anonymous data to understand which features are popular, fix crashes, and enhance the user experience.

• For Account Users Only: Our legal basis is the performance of our contract with you. We use your personal data to:

  • Provide the core cloud sync and backup service.

  • Secure your account.

  • Manage your "Pro" subscription status.

5. Data Storage and Security

• Local-Only Mode: Your personal data is stored in the app's secure container on your device using SwiftData. We have no access to it.

• Account Mode: Your personal data is encrypted in transit (SSL) and encrypted at rest on our secure cloud servers (Google Firebase). Your receipt images are also stored securely in Firebase Storage.

6. Data Sharing and Third-Party Services

We do not sell your personal data.

• Local-Only Users: We only share the anonymous analytics data with Google Firebase as described in Section 3A.

• Account Users: We share your data with the following essential third-party partners:

  • Google (Firebase): To manage your account, store your data, and provide anonymous analytics.

  • RevenueCat: To securely process your in-app subscriptions and manage your "Pro" status.

7. Your Data Rights (UK GDPR Compliance)

• Local-Only Users: You have full control over your data. You can access, edit, and delete it directly within the app at any time. Since we do not have your data, we cannot perform these actions for you.

• Account Users: You have full rights over the data we store:

  • Right to Access: You can request a copy of the personal data we hold about you.

  • Right to Rectification: You can correct most of your data at any time within the app.

  • Right to Erasure (Deletion): You can delete your account from within the app, which will permanently delete your personal data from our servers.

To exercise your rights, please contact us at support@locum-ledger.co.uk.

8. Data Retention

• Local-Only Mode: Your data remains on your device until you delete the app or clear its data.

• Account Users: We retain your personal data for as long as your account is active. If you delete your account, all your personal data will be permanently deleted from our servers.

9. Children's Privacy

The App is not intended for individuals under 18. We do not knowingly collect personal data from children.

10. Changes to this Privacy Policy

We may update this policy. We will notify you of any significant changes by posting the new policy in the app. Your continued use of the app after such changes constitutes your acceptance.

11. Governing Law

This Privacy Policy is governed by the laws of England and Wales.

12. Contact Information

For further information or questions, please contact us at: support@locum-ledger.co.uk