Ledger retains personal data for varying periods depending on the purpose, such as retaining customer purchase data for the duration of the legal warranty period and marketing data until you unsubscribe or object.
This analysis describes what Ledger's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Data retention periods define the operational duration of personal data storage and establish when deletion or anonymization occurs. This provision determines the scope and duration of Ledger's data processing obligations under applicable privacy regulations.
The updated policy removes explicit language stating that Ledger Recover and Ledger Multisig services are excluded from this privacy policy. Previously, users were directed to separate privacy policies for those services; that direction is now absent. This creates ambiguity about whether this policy now covers those services or whether separate policies still apply. The dramatic reduction in policy length (from 224 to 36 sentences) suggests substantial content was removed, though the specific implications depend on what other sections were condensed or eliminated. You should review the full updated policy to confirm what data practices and service exclusions remain in effect for all Ledger services you use.
View change record →Ledger removed language explicitly stating that this privacy policy does not cover Ledger Recover and Ledger Multisig services, and eliminated references to dedicated privacy policies for those services. This creates ambiguity about whether those services are now governed by the main privacy policy or whether separate policies exist but are no longer disclosed in this document. If you use Ledger Recover or Ledger Multisig, you should review the privacy disclosures for those specific services directly, as it is no longer clear from the main privacy policy whether separate protections apply.
View change record →Even after you stop using Ledger products, your data may remain on file for legal, warranty, or business purposes, and you would need to actively request deletion to remove it.
How other platforms handle this
We retain personal data for as long as necessary to provide our services, fulfill the purposes described in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention period for each category of personal data depends on the purpose fo...
We retain your personal information for as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required or permitted by law. We may also retain and use your information to comply with our legal obligations, resolve disputes, and enforce our ...
Please note there are situations where Spotify is unable to delete your data, for example when: it's still necessary to process the data for the purpose we collected it for; we have an overriding interest in continuing to process the data, for example where we need the data to protect our services f...
Monitoring
Ledger has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Data minimisation and storage limitation principles under GDPR Articles 5(1)(c) and 5(1)(e) require that retention periods are proportionate and justified; legal teams should verify that stated retention periods align with documented legitimate purposes and are not open-ended.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Data retention periods define the operational duration of personal data storage and establish when deletion or anonymization occurs. This provision determines the scope and duration of Ledger's data processing obligations under applicable privacy regulations.
Even after you stop using Ledger products, your data may remain on file for legal, warranty, or business purposes, and you would need to actively request deletion to remove it.
ConductAtlas has identified this type of provision across 2 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Ledger.