This policy describes how AccessLedger handles data during founder-led pilot engagements.
AccessLedger stores organization metadata, user accounts, credential inventory details, access requests, approvals, closure notes, notification preferences, and audit events needed to operate the break-glass workflow.
AccessLedger is designed to sit on top of your existing vault or documented storage process. The platform does not currently store the underlying secret value itself as part of the standard product flow.
The service may process operational logs, request metadata, and email delivery data needed to troubleshoot the app, verify releases, and support pilot onboarding. We keep that scope as narrow as practical for operating the product safely.
Access is limited to the customer tenant boundary enforced by the product and to founder-led support activity needed to operate or troubleshoot an agreed pilot. We do not sell customer data.
Retention for pilot data is customer-specific and should be agreed during onboarding. If a pilot ends, we will work with the customer on export and deletion timing rather than implying a one-size-fits-all retention promise.
For privacy questions or pilot-specific handling requests, contact support@accessledger.io.