ledgerwire
Sign in
Trust Center

You're connecting a bank to an AI.
Here's exactly what happens to your data.

Ledgerwire is a read-only wire between your bank and your AI assistant. It can never move money, and it keeps no copy of your financial data. This page lays out precisely what we store, what we never store, how your data flows, and who else touches it — so you can decide on the facts, not a slogan.

Every answer is fetched on demand when you ask, then discarded — it reflects the latest data your bank has made available through the network, which can lag posting by a few days.

Stored
Your account email, an encrypted read-only bank access token, your aggregator profile id, and your subscription / billing state. Sign-in and API credentials are stored only as one-way hashes.
Never stored
Your transactions, balances, account numbers, and holdings are never written to our database. Each is fetched on demand from your institution per request and discarded after the answer is returned. Your bank username and password are never seen by Ledgerwire — they are entered only into your bank's own secure sign-in.
1 · Connect
You sign in at your bank through the aggregator's secure window (Quiltt → Finicity, a Mastercard company). Your credentials go to your bank, never to us.
2 · Ask
Your AI assistant calls a read-only tool over MCP. claude.ai authorizes with revocable OAuth 2.1; Claude Desktop, Cursor and Windsurf use a scoped token you can revoke anytime.
3 · Fetch
Ledgerwire fetches only that answer, on demand via the aggregator.
4 · Discard
The answer goes to your assistant and is discarded. Nothing is cached at rest.

There is no transfer tool, no payment tool, no account-change tool — the capability does not exist in the product. Every tool your assistant can call only reads. See the full tool surface on the security page.

This is the one place your financial data does persist — and it’s not with us. When Ledgerwire returns an answer to your AI client (Claude, Cursor, or another), that client may retain the prompt, the response, and the conversation under its own settings and privacy policy. Ledgerwire does not control deletion or model-training settings inside third-party AI products, and deleting your Ledgerwire account does not remove anything already sent to an AI client. Review your AI client’s settings to manage what it keeps.

We rely on a small set of subprocessors, each receiving only what its function requires. We never sell your data and never send it to advertising networks. The authoritative, current list — with what each one receives — is on our subprocessors page.

Security reviews
We run adversarial security reviews and publish the full findings verbatim — read them yourself.
SOC 2
Ledgerwire is not yet SOC 2 certified. We state that plainly here and will update it when it changes — we don't claim controls we don't hold.
Data deletion
Email support@ledgerwire.io to delete your account and data; we action deletion within 30 days.
Contact
Security questions or disclosures: support@ledgerwire.io.