This analysis describes what Ledger's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The clause creates a default deletion commitment while carving out an exception that can limit how much data is actually deleted, depending on applicable legal obligations.
The updated policy removes explicit language stating that Ledger Recover and Ledger Multisig services are excluded from this privacy policy. Previously, users were directed to separate privacy policies for those services; that direction is now absent. This creates ambiguity about whether this policy now covers those services or whether separate policies still apply. The dramatic reduction in policy length (from 224 to 36 sentences) suggests substantial content was removed, though the specific implications depend on what other sections were condensed or eliminated. You should review the full updated policy to confirm what data practices and service exclusions remain in effect for all Ledger services you use.
View change record →Ledger removed language explicitly stating that this privacy policy does not cover Ledger Recover and Ledger Multisig services, and eliminated references to dedicated privacy policies for those services. This creates ambiguity about whether those services are now governed by the main privacy policy or whether separate policies exist but are no longer disclosed in this document. If you use Ledger Recover or Ledger Multisig, you should review the privacy disclosures for those specific services directly, as it is no longer clear from the main privacy policy whether separate protections apply.
View change record →The reader's data will be deleted by Ledger, except for data that Ledger is legally required to retain.
How other platforms handle this
We collect and keep personal data only as needed or allowed for the purposes set out in this Statement, based on the reason we collected the personal data in the first instance and what is permitted under the laws that apply to the processing.
we will only retain your personal information for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements...
Affirm will retain your information in accordance with our Privacy Policy and any applicable state or federal law, rule or regulation.
Monitoring
Ledger has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We will delete all your data, unless we have to retain it to respect our legal obligations (e.g. accounting).— Excerpt from Ledger's Ledger Privacy Policy
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The clause creates a default deletion commitment while carving out an exception that can limit how much data is actually deleted, depending on applicable legal obligations.
The reader's data will be deleted by Ledger, except for data that Ledger is legally required to retain.
ConductAtlas has identified this type of provision across 274 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Ledger.