Ledgr is maintained by the Ledgr team to answer the security and privacy questions private poker operators actually ask. Everything on this page reflects controls currently enabled in production — not a certification.
Every byte at rest is encrypted with AES-256. Every request in transit is protected with TLS 1.3. Attachments, receipts, and signatures live in encrypted object storage behind signed URLs that expire.
Native TOTP support for Google Authenticator, 1Password, Authy, and any RFC-6238 authenticator. Enable it from your profile — no premium tier required.
Every new password is checked against the Have I Been Pwned corpus of billions of exposed credentials — before the account is created or the password is changed.
Postgres RLS enforces access at the database itself. Even a compromised app server can only read rows the authenticated user is allowed to see.
Data lives in a dedicated Postgres tenant. No cross-operator queries are possible — your player list and your books are yours alone.
Every mutation records who, when, and a diff of before/after values. Log retention is unlimited. Filter, sort, and export from the app.
Every control below is self-serve from your profile — no support ticket, no upgrade required.