ML
Meridian Ledger

Privacy Policy

Effective date: June 10, 2026

Meridian Ledger ("we", "us", or "our") is a personal financial operating system operated by Matt Isaman. This policy explains what information we collect, how we use it, who we share it with, and how we protect it. By using Meridian Ledger, you agree to the practices described here.

Questions or requests regarding your data can be sent to matt@goodshire.org.

1. Information we collect

Identity and account information

When you sign in with Google, we receive your name, email address, and profile picture from Google OAuth. We store your email as your primary identifier.

Financial data (via Plaid)

If you choose to connect a financial institution, we use Plaid Technologies, Inc. ("Plaid") to establish a read-only connection to your accounts. Through Plaid we may receive: account names and numbers, balances, transactions, institution names, and account types. We never receive or store your bank login credentials. Your use of Plaid is also governed by Plaid's End User Privacy Policy.

Calendar data (optional)

If you connect Google Calendar, we receive read-only access to your calendar events to display them in your household dashboard. We do not modify, delete, or share your calendar data.

Content you create

Journal entries, notes, goals, tasks, shopping lists, and other content you create in Meridian Ledger are stored in your account. Journal entries are encrypted client-side before leaving your browser; we never see the plaintext.

Technical usage data

We collect server logs that may include your IP address, browser type, and pages visited. This data is used solely for debugging and security monitoring and is not linked to your identity for advertising purposes.

2. How we use your information

  • To provide and display your financial accounts, transactions, and net worth.
  • To enable household features: shared tasks, calendar, shopping lists, and goals.
  • To generate AI-powered insights about your finances and habits (using the Claude API; prompts do not include your raw transaction data unless you explicitly trigger an insight).
  • To send you account-related emails, such as verification codes and optional morning briefings.
  • To detect security issues, debug errors, and improve the service.

We do not use your financial data for advertising, credit scoring, or any purpose beyond operating Meridian Ledger for you.

3. Financial data and Plaid

Meridian Ledger is a Plaid partner application. When you connect a bank account, you are presented with Plaid Link, which is operated directly by Plaid. Plaid authenticates with your financial institution on your behalf using OAuth or credential-based authentication; your credentials go to Plaid, not to us.

We receive an access token from Plaid that allows us to retrieve your account data on your behalf. This token is stored securely and is used only to power your Meridian Ledger dashboard. You can revoke this access at any time by disconnecting your account from the Finance section of the app, or by visiting your bank's connected-apps settings.

Plaid's data practices are governed by their own privacy policy, available at plaid.com/legal.

4. How we share your information

We do not sell, rent, or trade your personal data. We share data only with:

  • Plaid Technologies, Inc. — to establish and maintain financial account connections.
  • Supabase, Inc. — our database and authentication provider. Data is stored on Supabase infrastructure under your account's row-level security policies.
  • Vercel, Inc. — our hosting platform. Application code and server logs are processed on Vercel's infrastructure.
  • Resend, Inc. — our email provider, used only to send verification codes and optional briefings to your verified email address.
  • Anthropic, PBC — our AI provider (Claude API). AI insight prompts are processed by Anthropic's API. We do not send raw bank transaction data to the AI without your explicit action.
  • Legal and safety — if required by law, court order, or to protect the safety of users.

Household co-administrators (e.g. a spouse) may see shared financial accounts, tasks, and calendar events per the visibility rules you configure. Each user controls their own visibility settings.

5. Data security

  • All data in transit is encrypted with TLS 1.2 or higher.
  • Data at rest is encrypted with AES-256 via Supabase's managed infrastructure.
  • Journal entries are encrypted client-side before transmission; the server stores only ciphertext.
  • Multi-factor authentication (email OTP) is required on every login before accessing financial data.
  • Row-level security (RLS) policies on the database enforce that each user can only read their own data.
  • Plaid access tokens and API keys are stored only in server-side environment variables and are never exposed to the browser.

Despite these measures, no system is perfectly secure. If you believe your account has been compromised, contact us immediately at matt@goodshire.org.

6. Data retention

We retain your data for as long as your account is active. If you request account deletion, we will permanently delete your personal data, financial account connections, and all associated content within 30 days of receiving your request, except where retention is required by law.

Plaid access tokens are revoked and deleted as part of the account deletion process. Server logs are retained for up to 90 days for security purposes, after which they are automatically purged.

To request account deletion, email matt@goodshire.org with the subject "Delete my account" from your registered email address.

7. Your rights

You have the right to:

  • Access — request a copy of the personal data we hold about you.
  • Correction — request that inaccurate data be corrected.
  • Deletion — request permanent deletion of your account and associated data.
  • Revoke financial access — disconnect Plaid at any time from within the app.
  • Revoke calendar access — disconnect Google Calendar from within the app.

To exercise any of these rights, email matt@goodshire.org. We will respond within 30 days.

8. Children

Meridian Ledger is not directed to children under 13. We do not knowingly collect personal data from anyone under 13. Child sub-dashboards within a household account display only parent-curated content and contain no financial data. No child data is sent to any external API or third party.

9. Changes to this policy

We may update this policy as the product evolves. When we make material changes, we will update the effective date at the top of this page. Continued use of Meridian Ledger after changes constitutes acceptance of the revised policy.

10. Contact

Meridian Ledger is operated by Matt Isaman.
Email: matt@goodshire.org

← Back to Meridian Ledgermeridianledger.app · Private · Encrypted