LedgerBrain LogoLedgerBrain

Legal

Privacy Policy

This Privacy Policy explains how we collect, use, share, and protect personal information when you visit the Site, contact us, administer an account, or use the Services.

Effective date: 20 April 2026Last updated: 3 June 2026

Sixpence (Pty) Ltd (or the contracting entity identified on the Site), trading as LedgerBrain (“Sixpence”, “LedgerBrain”, “we”, “us”), respects your privacy and is committed to handling personal information responsibly.

This Privacy Policy explains how we collect, use, share, and protect personal information when you:

  • visit the LedgerBrain websites and landing pages (the “Site”);
  • request a demo or contact us;
  • create or administer an account; and/or
  • use the LedgerBrain dashboards or APIs (the “Services”).

This Privacy Policy is intended to support compliance with applicable South African data protection laws, including the Protection of Personal Information Act, 2013 (“POPIA”).

1. Who we are and how to contact us

Responsible party (for Site visitor and sales/admin data): Sixpence (Pty) Ltd

Privacy contact / Information Officer: support@ledgerbrain.io

If you contact us, please include enough information for us to identify your request and respond.

Contracting entity for purchases. LedgerBrain is provided by Sixpence Global, Inc. for purchases made through the Stripe account connected to Sixpence Global, Inc., unless a written order form identifies a different contracting entity. Silver Sixpence (Pty) Ltd and other Sixpence affiliates may help operate, develop, support, or process the Services.

2. Scope and roles (important for B2B customers)

For website visitors, marketing contacts, and account administration, Sixpence typically acts as the responsible party (we determine why and how that personal information is processed).

For Customer Data submitted to the Services (e.g., query inputs you send via API), Sixpence may act as an operator (processing on your instructions) and/or a responsible party for certain operational uses (e.g., security logging). Enterprise arrangements may be governed by a separate data processing addendum (DPA).

For clarity, even where Sixpence acts as an operator for Customer Personal Data submitted as Customer Data, Sixpence may process certain account and Service Telemetry data as a responsible party for limited purposes such as security, abuse prevention, service integrity, usage measurement, billing, and dispute resolution, as described in this Privacy Policy.

3. Personal information we collect

We collect personal information in the following categories:

3.1 Information you provide to us

Contact and business details: name, surname, job title, company, email address, phone number.

Sales and support communications: messages you send us, meeting notes, and other information you choose to provide.

Account information: user names, roles/permissions, administrative contact details, and authentication-related information.

3.2 Information collected automatically when you use the Site

Device and usage data: IP address, browser type, device identifiers, operating system, pages viewed, time spent, referral URLs, and similar analytics/telemetry.

Cookies and similar technologies: see the Cookie Policy.

3.3 Information collected when you use the Services (including API)

When you call our API or use our dashboards, we may collect and process:

  • Query Inputs / Customer Data you submit (as defined in the Terms of Use); and
  • usage, security, billing, and performance telemetry associated with requests (for example: timestamps, request metadata, authentication identifiers, IP addresses, device or client identifiers, query volumes, and error logs), including telemetry used to measure usage, enforce rate limits and credits, prevent abuse, and support billing and dispute resolution.

Depending on context, blockchain identifiers such as wallet addresses, transaction hashes, and associated metadata may relate to identifiable persons or entities and may therefore be treated as personal information under applicable law.

3.4 Agentic and machine-payment data

When you or your agent uses pay-as-you-go, x402, stablecoin, or other machine-payment features, we may process payment requirements, payment references, wallet addresses, token and network details, transaction hashes, payment status, request IDs, report IDs, endpoint names, timestamps, user-agent or client identifiers, IP addresses, authentication identifiers, idempotency keys, and related debugging or audit metadata.

4. How we use personal information

We use personal information for the following purposes:

4.1 Provide and operate the Site and Services

  • to create and administer accounts;
  • to authenticate access and enforce rate limits and usage controls;
  • to provide Outputs and service functionality;
  • to provide customer support and respond to enquiries.

4.1A Usage measurement, credits, and billing. Where you use Services features that are billed or credit-based, we use Service Telemetry (including timestamps, request metadata, authentication identifiers, IP addresses, client identifiers, query volumes, and error logs) to measure Usage Events, enforce rate limits and usage controls, prevent abuse, support billing, resolve disputes, and maintain accurate account records.

4.2 Security, abuse prevention, and integrity

  • to protect the Site and Services, including monitoring for fraud, abuse, suspicious activity, or technical incidents;
  • to investigate and prevent unauthorised access and misuse.

4.3 Service performance and improvement

to diagnose issues, monitor performance, and improve reliability using aggregated and/or de-identified telemetry and operational metrics.

4.4 Sales, marketing, and communications

  • to respond to demo requests and business enquiries;
  • to send product/service communications that are necessary to provide Services (e.g., security notices);
  • to send marketing communications where permitted (for example, with consent or as allowed for existing customers). You may opt out at any time (see Section 8).

4.5 Legal and compliance

  • to comply with applicable law, lawful requests, and regulatory obligations;
  • to exercise or defend legal claims.

4.6 Agentic and machine payments

We use agentic-payment and machine-payment data to verify payments, deliver purchased digital resources, prevent duplicate charges, process refunds, investigate failed delivery, enforce rate limits and usage limits, detect fraud or abuse, comply with legal obligations, support accounting and tax records, and resolve disputes.

5. Model training / fine-tuning (opt-in)

Sixpence does not use Customer Data or Outputs to train or fine-tune models unless you explicitly opt in via account settings or an Order Form.

We may use de-identified usage data (telemetry and operational metrics) to improve performance and reliability without using identifiable Customer Data for training/fine-tuning.

6. How we share personal information

We may share personal information with:

6.1 Service providers (operators)

Vendors who provide services to us such as hosting, infrastructure, analytics, customer support tooling, and security monitoring. These providers are required to process personal information only on our instructions and to protect it appropriately.

6.2 Affiliates and contractors

Our affiliates and contractors who need access to perform services for us (subject to appropriate confidentiality and security controls).

6.3 Legal and regulatory disclosures

We may disclose personal information where required by law, court order, or regulatory request, or where necessary to protect rights, safety, and security.

6.4 Business transfers

If we are involved in a merger, acquisition, restructuring, or sale of assets, personal information may be transferred as part of that transaction subject to appropriate safeguards.

6.5 Payment processing

If you purchase Credits or pay fees through the Site, we share necessary transaction information with our payment processors and billing service providers to process payments, prevent fraud, handle chargebacks, and maintain billing records. Payment processors handle payment card details directly and provide us with limited information (such as payment confirmation and transaction identifiers).

6.6 Payment processors and payment infrastructure providers

We may share transaction and payment-related information with Stripe, payment facilitators, wallet or stablecoin payment infrastructure providers, fraud-prevention services, tax calculation providers, banks, and other billing service providers as needed to process payments, verify payment status, prevent fraud, handle refunds or disputes, and maintain billing records.

7. Cross-border transfers

Our service providers and infrastructure may process personal information outside South Africa. Where cross-border transfers occur, we take reasonable steps to ensure appropriate protection consistent with applicable law (including POPIA requirements).

Our group, service providers, and infrastructure may process personal information in South Africa, the United States, and other jurisdictions where we or our providers operate. Where required, we take reasonable steps to protect personal information in cross-border transfers, including through contractual, technical, and organisational safeguards.

8. Your choices and rights

Subject to applicable law and verification of identity, you may have the right to:

  • request access to personal information we hold about you;
  • request correction, deletion, or restriction of personal information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or unlawfully obtained;
  • object to certain processing (where applicable);
  • opt out of marketing communications (via unsubscribe links or by contacting us at support@ledgerbrain.io).

We may refuse requests where permitted by law (for example, if access would reveal confidential commercial information or compromise security), but we will explain the basis where appropriate.

9. Retention

We retain personal information only for as long as necessary for the purposes described in this Privacy Policy, including legal, regulatory, accounting, or security requirements. Retention periods may vary by data type and context.

We may retain certain Service Telemetry and billing-related records (including usage measurements and audit logs) for longer periods where reasonably necessary for security, fraud prevention, enforcing rate limits and credits, dispute resolution, accounting, and compliance with legal or regulatory obligations. Where feasible, we will aggregate or de-identify telemetry used for longer-term analytics.

10. Security

We implement reasonable technical and organisational measures intended to protect personal information against loss, unauthorised access, disclosure, alteration, or destruction. No method of transmission or storage is completely secure; you acknowledge and accept this risk.

11. Children

The Site and Services are intended for business users and are not directed at children. If you believe a child has provided personal information to us without appropriate authorisation, contact support@ledgerbrain.io.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version on the Site and change the effective date. Continued use of the Site or Services after the effective date means you accept the updated policy.

13. Complaints

If you have concerns about how we handle personal information, contact us at support@ledgerbrain.io. You may also lodge a complaint with the South African Information Regulator.

Related policies

Review the rest of the public legal documents for LedgerBrain and Sixpence services.

Terms of UsePrivacy PolicyCookie PolicyAcceptable Use PolicyRefund PolicyStore PolicyAgentic Payments