Security & privacy

Built like a bank. Priced like software.

Ledgr is maintained by the Ledgr team to answer the security and privacy questions private poker operators actually ask. Everything on this page reflects controls currently enabled in production — not a certification.

Encryption everywhere

Every byte at rest is encrypted with AES-256. Every request in transit is protected with TLS 1.3. Attachments, receipts, and signatures live in encrypted object storage behind signed URLs that expire.

Two-factor authentication

Native TOTP support for Google Authenticator, 1Password, Authy, and any RFC-6238 authenticator. Enable it from your profile — no premium tier required.

Leaked-password blocking

Every new password is checked against the Have I Been Pwned corpus of billions of exposed credentials — before the account is created or the password is changed.

Row-level access control

Postgres RLS enforces access at the database itself. Even a compromised app server can only read rows the authenticated user is allowed to see.

Isolated, region-locked storage

Data lives in a dedicated Postgres tenant. No cross-operator queries are possible — your player list and your books are yours alone.

Immutable audit log

Every mutation records who, when, and a diff of before/after values. Log retention is unlimited. Filter, sort, and export from the app.

Controls in your hands

You own your data. Literally.

Every control below is self-serve from your profile — no support ticket, no upgrade required.

TOTP 2FA
Self-serve enrollment from your profile
HIBP password check
Enforced on sign-up and password change
Session management
Sign out on this device or every other device
Self-serve data export
Download a full JSON archive of your data
Self-serve account deletion
Retype-email confirmation, cascades all owned data
Before/after audit trail
Every write is logged with a diff
Shared responsibility

Who does what

Ledgr's job
  • Encrypt data at rest and in transit
  • Enforce RLS at the database level
  • Patch and monitor infrastructure
  • Provide export and deletion tools
Your job
  • Enable 2FA on your account
  • Invite team members with the right role
  • Use unique, strong passwords
  • Report anything suspicious to support

Run your poker room like a fintech.

Three games free. No card required.