Summary
This is Ledger's privacy policy explaining what personal data the company collects when you buy or use its cryptocurrency hardware wallets and Ledger Live app — including your name, email, home address, payment details, and behavioral data from app usage. The most important thing to know is that Ledger links your real identity to your cryptocurrency activity (via device usage and Ledger Live interactions), creating a profile that connects your personal details to your crypto holdings. If you are an EU or UK resident, you have the right to request deletion of your personal data by contacting Ledger's Data Protection Officer at dpo@ledger.fr.
Technical Summary
This document is Ledger's privacy policy governing the collection, processing, and sharing of personal data across its hardware wallet products, Ledger Live software, and e-commerce shop (shop.ledger.com), with legal bases including contract performance, legitimate interests, and consent under GDPR Article 6. The policy obligates Ledger to disclose data categories collected (including name, email, shipping address, device identifiers, blockchain public addresses, and browsing behavior), enumerated third-party recipients, and data retention periods, while granting users GDPR-aligned rights of access, rectification, erasure, portability, and objection. A notable provision is the collection of on-chain public address data in connection with Ledger Live usage, which — while technically public blockchain data — when combined with identity and purchase data constitutes pseudonymous profiling of cryptocurrency holdings that exceeds standard e-commerce data practices. The policy engages GDPR (Regulation (EU) 2016/679) as the primary framework, with Ledger SAS as a French-domiciled data controller supervised by the CNIL (Commission Nationale de l'Informatique et des Libertés); it also engages CCPA/CPRA obligations for California residents given Ledger's US consumer base. A material compliance consideration is Ledger's documented 2020 data breach exposing approximately 272,000 customers' full names, phone numbers, and postal addresses, which remains relevant context for assessing the adequacy of Ledger's stated security measures and the residual risk to users whose data is retained.
Analyzed Changes
4 changes analyzed since monitoring began.
What changed
Ledger updated their Ledger Privacy Policy on April 09, 2026. Change detected: 1 sentence(s) added, 1 sentence(s) modified. Document contained 37 sentences after update.
Consumer impact
Ledger made a minor update to the introductory banner of their Privacy Policy, replacing a promotional Bitcoin bonus message with a notice about a Ledger Wallet upgrade. No privacy rights, data handling practices, or user obligations were changed. This update has no practical impact on how Ledger collects, uses, or shares your personal data.
Why it matters
This change has no meaningful impact on users' privacy rights or data handling. It is a cosmetic update to the document's header banner and does not affect how Ledger collects or uses personal data.
What changed
Ledger updated their Ledger Privacy Policy on April 08, 2026. Change detected: 1 sentence(s) modified. Document contained 36 sentences after update.
Consumer impact
Ledger changed a promotional marketing sentence displayed in the header of their Privacy Policy page. This update only affects the advertising copy visible on the page and does not alter any privacy commitments, data handling practices, or user rights. There is no action required from consumers as a result of this change.
Why it matters
This change does not materially affect any user's privacy rights or data handling. It is a minor promotional copy update with no practical implications for consumers.
What changed
Ledger updated their Ledger Privacy Policy on April 03, 2026. Change detected: 1 sentence(s) modified. Document contained 36 sentences after update.
Consumer impact
Ledger added the word 'Discover' as a prefix to the section heading 'With whom do we share your data?' in their privacy policy on April 3, 2026. This is a cosmetic or navigational change and does not alter how Ledger shares your data, who they share it with, or any of your rights as a consumer. No action is needed in response to this change.
Why it matters
This change is purely cosmetic and does not affect how Ledger handles or shares user data. No consumer rights or data practices were altered.
What changed
Ledger updated their Ledger Privacy Policy on April 02, 2026. Change detected: 11 sentence(s) added, 188 sentence(s) removed, 15 sentence(s) modified. Document contained 36 sentences after update.
Consumer impact
Ledger's Privacy Policy was dramatically reduced from roughly 224 sentences to just 36, meaning users now have significantly less information visible in the main policy document about how their personal data is collected, used, and protected. Language explicitly stating when the policy was last updated and details about what data is collected based on how you interact with Ledger were removed. You can visit Ledger's website to read the new condensed policy and compare it against your comfort level with data sharing before continuing to use Ledger services.
Why it matters
Ledger removed approximately 84% of its Privacy Policy content, leaving users with far less information about how their cryptocurrency wallet data is collected and used. This level of reduction likely removes disclosures required by GDPR and CCPA, and users of Ledger Recover and Multisig services are no longer explicitly directed to the relevant privacy policies for those products.