01
Overview
MonkeyLedger is a personal finance tool. We built it with a simple principle: your financial data belongs to you, not us.
🔒
Your financial data is stored exclusively in your personal Google Drive. MonkeyLedger servers never receive, store, or process your transactions, budgets, goals, or any other financial information.
This policy explains what limited data we do handle, how we use it, and the protections in place for your information.
02
What we collect
MonkeyLedger collects the minimum data necessary to operate:
- Google profile information — your name, email address, and profile picture, provided via Google Sign-In. This is used solely to display your identity in the app interface.
- Google account identifier (sub) — a unique, stable ID Google assigns to your account. Used to associate your Drive data file with your session.
We do not collect your financial data. All transactions, budgets, goals, debts, and other financial records are stored directly in your Google Drive and are never transmitted to MonkeyLedger.
03
Google Sign-In
MonkeyLedger uses Google OAuth 2.0 for authentication. When you sign in:
- Google authenticates your identity and returns an access token to your browser.
- We request your name, email address, and profile picture from Google's userinfo endpoint. This data is stored in your browser's localStorage to display in the app interface.
- We request the drive.appdata scope to read and write a single data file in a hidden folder of your Google Drive (see section 4).
☁️
The access token Google provides is short-lived and stored only in your browser's memory during your session. It is never sent to MonkeyLedger's servers. MonkeyLedger has no backend server.
MonkeyLedger's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
04
Google Drive sync
MonkeyLedger uses the drive.appdata scope to store a single file — monkeyledger-data.json — in a hidden appdata folder within your Google Drive.
- This folder is private to MonkeyLedger — no other app or person can see it, including other apps you authorise with Google Drive.
- The file contains your financial data: transactions, budgets, goals, and settings.
- The app reads this file when you sign in and writes to it when you make changes.
- All API calls to Google Drive are made directly from your browser to Google's servers. MonkeyLedger never acts as an intermediary.
✓
You can revoke MonkeyLedger's access to your Drive at any time via
Google Account Permissions. You can also delete your data file directly from your Google Drive appdata folder.
05
How we use your data
The limited data we receive is used exclusively to:
- Display your name, email, and profile picture within the app interface
- Identify your Google Drive appdata file to load and save your financial data
- Maintain your signed-in session during use of the app
We do not use your data for advertising, analytics, AI model training, or any purpose beyond operating the app for you.
06
What we don't do
- We do not store your financial data on any MonkeyLedger server
- We do not sell, share, or transfer your data to third parties
- We do not use your Google user data to serve advertisements
- We do not use your Google user data to train AI or machine learning models
- We do not access any Google Drive files other than the single appdata file created by MonkeyLedger
- We do not track your usage or behaviour beyond what is necessary to run the app
07
Data retention
Your financial data persists in your Google Drive for as long as you choose to keep it. Revoking MonkeyLedger's Drive access or deleting the app's data file removes it permanently.
Your profile information (name, email, profile picture) is stored in your browser's localStorage and is cleared when you sign out or clear your browser data.
08
Your rights
You have full control over your data:
- Access — your data file is in your Google Drive and readable at any time
- Export — use the "Export All Data" feature in Settings to download a local copy
- Delete — use "Clear All Data" in Settings, or delete the file from Google Drive directly
- Revoke access — remove MonkeyLedger's Drive permission via Google Account Permissions
09
Children's privacy
MonkeyLedger is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has used the service, please contact us and we will take appropriate action.
10
Changes to this policy
If we make material changes to this policy, we will update the "Last updated" date at the top and, where appropriate, notify users via the app. Continued use of MonkeyLedger after changes constitutes acceptance of the updated policy.
🏛️
MonkeyLedger's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. This statement is required by Google for apps using Google API data.