Legal
Privacy Policy
Last updated: 06/18/2026
At Ledger, earning and maintaining our users’ trust is a top priority. That’s why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
What is personal data?
It is anything that can identify you, directly (like your name or email address) or indirectly (like your IP address or wallet address).
What this policy covers
This Privacy Policy explains how we collect, use, and protect your personal data when you interact with us in different ways, and why we do so.
Keep in mind that we may update this Privacy Policy whenever needed or if the law requires it. If you continue to use our services after updates, you’re agreeing to the new terms.
We last updated the policy in March 2026.
Note about this Privacy Policy page:
This Privacy Policy doesn’t apply to Ledger Recover™ and Ledger Multisig services. If you want to know more about how we collect your data for those services, please check the dedicated Privacy Policies for Ledger Recover™ / for Ledger Multisig.
What data do we collect?
To find the information that applies to you, click on your profile.
Within this section, you can access a personalized summary of why we use your information and the legal reasons (the “legal basis”) that allow us to do so. We also break down exactly what data we collect for each purpose, how long we retain it, and who we share it with.
I use Ledger Wallet
I visit Ledger.com
I contact customer service or engage with Ledger on social media
I am a member of the affiliate program
I have a professional relationship with Ledger (I am an Enterprise customer, a Ledger reseller or a user of Ledger’s co-branding services)
I use Ledger Wallet™
To note:
When you install the Ledger Wallet app on your phone and/or your computer, we generate an equipment ID to identify you. You have a different equipment ID for your phone and computer. We generate a new equipment ID when you reinstall Ledger Wallet.
– By default, we do not link your wallet address to your equipment ID, unless otherwise specified in this Privacy Policy.
– We cannot link your different wallet addresses together.
– We are not able to link your wallet address to the information you provide when you purchase products on our website.
We use your data to run and improve our services
| Why do we collect your data? | Which data do we collect? | Which legal grounds do we rely on? | How long do we keep your data? |
|---|---|---|---|
| To display your accounts, balance and transaction history | We collect:Your wallet address,On-chain data. | We rely on the Terms of Use you accepted when you signed up for Ledger Wallet. | We do not keep this data. |
| More details: When you connect to the Ledger Wallet app, we collect logs which include your wallet address. We input your wallet address in our explorers to make your balance and transaction history available to you at any time, but we do not store this information. | |||
| To manage the referral program (reward redemption and notifications) | We collect: Your equipment ID,Your wallet address,The amount of your reward,The date of the payment,The order ID of the user you have referred. | We rely on the Terms & Conditions you accepted when you signed up for the program. | We keep your data for ten years to comply with our legal obligations. Your data is archived two years after the last reward payment. |
| More details: We also collect your ETH address for authentication purposes, but we do not store it. | |||
| To fix bugs | We collect:Your equipment ID,Crash logs and reports. | We rely on our legitimate interest. | We keep your data for ninety days. |
| More details: You can opt out at any time via the settings in Ledger Wallet. | |||
| To run market analyses | We collect:Your wallet address,On-chain data. | We rely on our legitimate interest. | We keep this data for five years after your most recent connection to Ledger Wallet. |
| More details: We use the wallet addresses included in Ledger Wallet logs to link your wallet address with public on-chain data to conduct various analyses. For example: to calculate the global amount of digital assets we secure. We know how much assets in total are held by Ledger Wallet users but:We do not know how much assets you have personally.We cannot link your different wallet addresses together.We are not able to link your wallet address to any personal identifiable information, including the data you provide when you purchase products on our website. | |||
| To measure the performance of Ledger Wallet and our marketing campaigns, and to personalize your experience through in-app contents and push notifications | We collect:Your equipment IDYour signer IDYour user properties (e.g. type of tokens owned, language)Your terminal properties (e.g. type and version of operating system, app version)Your wallet properties (e.g. firmware version, signer model)Clicks and actions you make in the app (e.g. launch of the application, pages viewed)Notifications (push notifications, content cards and in app modals sent and opened) | We rely on your consent. You can consent to the use of your data by turning on ‘App Performance’ and/or ‘Personalized Experience’ on the Ledger Wallet app. | We keep your data for five years after your most recent connection to Ledger Wallet. |
| More details: We do not collect any personal identifying information (such as your name or email address).We do not collect information regarding the value of your assets.We do not link your data with data collected from other companies’ apps or websites for targeted advertising or advertising measurement purposes.We do not share your data with data brokers.To identify you, we use:Your equipment ID, which is the internal ID generated to identify the phone or computer on which you install Ledger Wallet. Your signer ID, which is the internal ID we generated to identify each Ledger signer. This ID is not derived from your private key. Ledger has zero access to your private keys.We use both of these IDs to understand how you use Ledger Wallet across all relevant devices (phones and computers you use to access Ledger Wallet, and the Ledger signers you use to complete transactions). If you consent to the use of your data for analytics purposes (‘App performance’ toggle in the settings):We use your data to measure Ledger Wallet’s performance and improve your Ledger Wallet experience.We also analyse your interactions on Ledger Wallet (such as clicks, mouse movements, and scrolling during each session). We anonymize any keystrokes and the content of the pages you visit. Your data is only stored for thirty days. These reports help us fix bugs and improve the user experience. If you consent to the use of your data for personalization purposes (‘Personalized experience’ toggle in the settings), we use your data to send you personalized recommendations and content that match your preferences, and to measure the performance of our marketing campaigns.If you connect to Ledger Wallet from a dApp, with your consent, we collect analytics data to measure the service’s performance and improve your experience. We collect data such as: event ID and type, dApp ID, list of accounts and configuration (encrypted), token and network.You have the option to accept or decline the use of your data, and you can withdraw your consent at any time in the settings of our Ledger Wallet application and when you connect to Ledger Wallet from a dApp. | |||
| To operate Ledger Sync and synchronize your crypto accounts across all your phones and computers | We collect:Account namePublic keyBalanceMetadata (e.g. account color, derivation path) | We rely on your consent. | We keep your data until you disable Ledger Sync. |
| More details: If you enable Ledger Sync in Ledger Wallet, we can synchronize your crypto accounts across all relevant devices (phones and computers you use to access Ledger Wallet). Your data is encrypted and stored on our servers. We use your public key to identify your portfolio. Please note that we cannot decrypt your data, and it is impossible to derive your private key from your public key. You can withdraw your consent at any time by disabling Ledger Sync in the app settings. | |||
| To operate Transaction Alerts | We collect:Your equipment IDYour wallet addressTransactional data (e.g. hashed transaction, network) | We rely on your consent. | We keep your data for one week. |
| More details: If you enable Transaction Alerts in Ledger Wallet, we can link your equipment ID to your wallet address so that we can notify you when your transaction is completed. Your wallet address is hashed and then deleted after seven days. You can withdraw your consent at any time by disabling Transaction Alerts in the app settings. | |||
We use your data to enable Third-Party Services within Ledger Wallet™
To note:
- When you use Third-Party Services through Ledger Wallet (e.g. you buy or sell crypto assets, or create a Cash-to-Stablecoin account), you are stepping outside our ecosystem. These services may ask you to provide information such as your name, date of birth and postal address, to meet their legal requirements. We are not responsible for how these providers handle your data.
- To learn more about the processing of your personal data in this context, please consult our Ledger Wallet Terms of Use and our providers’ Privacy Policy. Please note that they may apply different policies than ours, including regarding data retention.
| Why do we collect your data? | Which data do we collect? | Which legal grounds do we rely on? | How long do we keep your data? |
| To display the pricing quotes of selected Third-Party Service Providers integrated in Ledger Wallet | We collect:Your transaction data (e.g. transaction amount, currency, payment method, country, and wallet address)Your IP address | We rely on the Terms of Use you accepted when you signed up for Ledger Wallet. | We do not keep this data. |
| More details: When you want to use Third-Party Services, we share certain transaction data with Third-Party Service Providers. These providers use your data to craft pricing quotes that we display to you. We may also use your IP address or share it with Third-Party Service Providers to verify what services are available in your country. We do not keep this information. | |||
| To comply with specific sanctions laws by blocking transactions and filtering IP addresses | We collect:Your wallet address Your IP address | We rely on our legal obligations. | We do not keep this data. |
| More details: We must follow all sanctions laws that apply. This means we block any transactions that involve sanctioned wallet addresses and prevent users located in countries subject to comprehensive sanctions from accessing our services. To this end, we do not store any information. | |||
| To track and report revenue generated through integrated Third-Party Services in Ledger Wallet | We collect your transaction data (e.g. transaction amount, currency, time stamp, status, ID and hash, fee, trade or payment method, country, wallet address, and blockchain). | We rely on the Terms of Use you accepted when you signed up for Ledger Wallet. | We keep specific transaction data for ten years to comply with our legal obligations. |
| More details: We collect transaction data to report completed transactions. This data either comes from blockchain explorers or directly from Third-Party Service Providers.If you use the Buy feature and have agreed to App performance in Ledger Wallet, we can temporarily link the transaction data from Third-Party Service Providers to your equipment ID for up to five days. This helps us confirm that your transaction was successful and improve our service quality. After five days, this link is deleted. We do not link this data with the equipment IDs for opted-out users. | |||
I visit Ledger.com
To note:
When you order products on our website, we are legally required to keep some of that information for ten years to meet accounting rules and regulations. This data is securely archived with very limited access.
| Why do we collect your data? | Which data do we collect? | Which legal grounds do we rely on? | How long do we keep your data? |
| To manage your order (including shipping, invoicing and notifications) | We collect:Your name Your email addressThe shipping and billing addressesYour phone numberYour company nameThe intra-community VAT number The order IDThe type of product you orderedThe order amountThe shipping and payment methods Your truncated card number | We rely on the Terms & Conditions you accepted when you bought our products or subscribed to our services. | We keep your data for ten years to comply with our legal obligations. Your data is archived three months after completion of the order. |
| More details: When you place an order on www.ledger.com, you agree to buy your item from Global-e, under Global-e’s Terms Of Sale. Global-e collects and processes the data listed above as an independent data controller in accordance with their own Privacy Policy. You can click here to learn more about Global-e. At Ledger, we also collect and process your data as an independent data controller, as described above, including to ship your product. If you subscribe to Ledger Replace and you are a U.S. customer, we share your data (including your name, email address, shipping address, phone number, order ID and the type of product ordered) with our Third-Party Service Provider, Bolttech Device Protection Services, LLC (hereinafter referred to as Bolttech). Bolttech processes your data as a data controller to provide the service to you. To learn more about how Bolttech handles your data, please refer to Bolttech’s Privacy Policy. When you submit a case to request a product replacement, Bolttech provides us certain details so we can address your inquiries about it (including the case ID, date and type, status, reason, the types of products replaced and shipped as the replacement, the carrier and shipping date). If you are located in the European Union, the United Kingdom or Switzerland, we use your data to provide the service directly to you as a data controller.If you buy our products from Amazon, we only collect certain information for invoicing: your name, billing and shipping addresses, the type of product, the order amount and your payment method. If you buy our products from other Authorized Resellers, we don’t collect any personal data. | |||
| To improve our products and services (optional product reviews) | We collect: Your name Your email address Your countryThe order ID The type of product your orderedThe order dateThe content of your review | We rely on our legitimate interest. | We keep your data for one month after your purchase. |
| To measure the performance of our website, fix bugs, improve and personalize your experience on our website and third-party websites | We collect: Your IP addressYour operating system Your browserThe language usedThe terminal usedThe date and time of your visit The URLs of clickstream to, through and from our websiteThe products you viewed and searched, Any download errors The amount of time you stayed on certain pages and the interaction between pages | We rely on your consent. | We keep your data for up to twenty-five months. |
| More details: When you visit our website, we use different technologies, like cookies, to collect data. What are cookies? Cookies are small text files that a website asks your browser to save on your computer when you visit. They help the website remember things about you, like your preferred language, so your experience is smoother the next time you visit. It also tracks how you use our website and share this information with us. You have control over your data and you can learn more about cookies or withdraw your consent at any time in our Cookie Policy. If you consent to analytics cookies when you visit www.ledger.com, we analyze your interactions on our website including clicks, mouse movements, and scrolling (user session). We anonymize any keystrokes and the content of the pages you visit. These reports help us fix bugs and improve the user experience.To follow sanctions laws, we also check users’ IP addresses to make sure they aren’t located in countries subject to comprehensive sanctions. We use this information only to block orders, it is not stored. | |||
| To send marketing communications by email | We collect:Your email addressYour language Logs (email sent/opened timestamp) | We rely on your consent. | We keep your data for twenty-five months from the last contact. |
| More details: You can unsubscribe at any time by clicking the “Unsubscribe” link in the footer of any email you receive. | |||
I contact customer service or engage with Ledger on social media
| Why do we collect your data? | Which data do we collect? | Which legal grounds do we rely on? | How long do we keep your data? |
| To respond to your customer support requests (including answering questions and handling product replacements) | We collect:Your name Your email and postal addresses Your phone number The content of your message Your ID document (if needed) | We rely on our legitimate interest. | We keep your data for five years for litigation purposes. Your data is archived three months after the request is closed. |
| More details: To fully address any questions about your order, our customer support agents have access to the order information stored by Global-e. | |||
| To protect our agents by blocking customers who behave inappropriately during communications | We collect:Your IP address,The content of your message. | We rely on our legitimate interest. | We keep the data up to six months for blacklisted customers and seven days for all other customers. |
| To improve our services and processes (optional customer satisfaction surveys) | We collect:Your email addressYour country The order ID The type of product you ordered The order date Your answers to the survey | We rely on our legitimate interest. | We keep your data for seven days. |
| To interact with you on social media, including to reply to your questions or comments on our social pages (including Facebook, Instagram, X, Reddit, Discord, LinkedIn, YouTube and TikTok) or third-party websites | We collect:Your usernameYour profile pictureYour posts | We rely on our legitimate interest. | We keep your data for one year. |
| More details: To better understand how people see our brand, we also collect data from social media accounts that mention Ledger, this is called ‘social listening’. We only collect this data through the official APIs provided by each social media platform. | |||
I am a member of the affiliate program
| Why do we collect your data? | Which data do we collect? | Which legal grounds do we rely on? | How long do we keep your data? |
| To manage our business relationship (program management, remuneration and notifications) | We collect:Your name Your email addressYour BTC address Your ID documentYour company nameYour company’s registration document The intra-community VAT number Your affiliate ID The proof of residence (where required) The traffic source The content shared (website, URL) | We rely on the Terms & Conditions you accepted when you signed up for the program. | We keep your data for ten years to comply with our legal obligations. Your data is archived two years after the last reward. |
| To prevent fraud and measure the performance of the program | We collect:Your affiliate IDYour YouTube page and video title Your channel name and ID | We rely on the Terms & Conditions you accepted when you signed up for the program. | We keep your data for six months. |
I have a professional relationship with Ledger (I am an Enterprise customer, a Ledger Reseller or a user of Ledger’s co-branding services)
| Why do we collect your data? | Which data do we collect? | Which legal grounds do we rely on? | How long do we keep your data? |
| To process your request for information on our website | We collect:Your name Your company nameYour title/role Your email addressYour phone number Your country | We rely on our legitimate interest. | We keep your data for three years from the last contact. |
| To manage your orders (including contract management, invoicing and payments) | We collect:Your nameYour company nameYour title/role Your email addressYour phone number Your country Your billing information | We rely on the Terms & Conditions you accepted when you bought our products or subscribed to our services. | We keep your data for ten years to comply with our legal obligations. Your data is archived twelve months after the end of the Enterprise contract, or after the order date for resellers and co-branding services. |
With whom do we share your data?
Good to know:
- We do not sell your data to anyone.
- We do not link the information you provide when ordering a product on our website to your wallet address, nor to your transaction history. So, if law enforcement asks for details about a specific transaction, we have no information to share.
- When it is necessary for us to deliver our services
In that case, we can share your data with:
- Technical service providers when they help with the delivery of our services (for example, shipping, emailing, and data hosting providers).
- Ledger subsidiaries, only if they assist in providing our services.
- Professional advisers, including legal counsels, auditors, or insurance providers, only if it is important to our business.
- Companies involved in a business transfer: if we are involved in a merger, acquisition, or sale of assets, we can share your data as part of that process.
- When it is necessary for Third-Party Services Providers to deliver their services
Some features in Ledger Wallet, like buying, selling or swapping crypto, rely on external providers who need some data to operate. We also share your data with Boltech if you subscribe to Ledger Replace and are located in the U.S. - When the law requires it
We may share your data to comply with legal obligations or to defend ourselves before public authorities and legal bodies, including law enforcement agencies. - When you consent to cookies
If you accept cookies on our website, we can share your data with advertising partners to show you personalized content. You can find more details in our Cookie Policy.
Where do we store your data?
We usually store your data in France or within the European Economic Area (EEA). However, sometimes we may need to transfer it outside the EEA, for example, if a technical or Third-Party Service provider is based in another country.
When this happens, we make sure your data stays protected. We only transfer it:
- To countries that offer a similar level of protection as the EU,
- Or we require our partners to sign the European Commission’s Standard Contractual Clauses to make sure that they offer a strong level of protection.
How do we keep your data safe?
We take your privacy seriously and do everything we can to keep your data secure. We use a mix of strong technical tools and strict internal processes to protect your information:
- Encryption: All data is encrypted when it’s sent or stored.
- Checks: We run security checks and intrusion tests with independent experts.
- Limited access: We limit access with role-based permissions and use two-factor authentication for internal teams.
- Audits: We run regular audits of companies that host our data.
- Monitoring: We monitor our systems constantly for suspicious activity.
- Training: Our teams go through security training and awareness programs.
- Industry standards: We follow industry standards to assess and maintain the right level of protection.
- Resilience: We use data back ups and redundancy to stay resilient, even in case of an emergency.
That said, no online system is 100% secure.
While we do our best, remember that sending data over the Internet always carries some risks.
To note:
- As a provider of non-custodial services, we do not store or have access to your crypto assets, PIN code, private key, or Secret Recovery Phrase. This means you are solely responsible for keeping that information secure and confidential.
- Non-custodial means that we do not hold or manage your crypto assets for you. You stay in full control of your private keys and funds at all times.
Your rights
How to exercise your rights? Reach out to our Data Protection Officer here.
How long will it take to have a response? We respond to all legitimate requests within one month. If you’re not satisfied with our response, you can complain to your national data protection authority. For instance, in France, it’s the CNIL.
What are my rights?
Ask, we execute
You can:
- Ask for a copy of your data.
- Ask that we correct your data when inaccurate.
- Ask that we delete your data. We will delete all your data, unless we have to retain it to respect our legal obligations (e.g. accounting).
Withdraw your consent
Here is how:
- For cookies: click on the button at the bottom of our Cookie Policy.
- For marketing emails: click on the ‘Unsubscribe’ link in the footer of our emails.
- For Ledger Wallet: go to the settings of the application.
- For push notifications: go to the settings of your phone.
Set your limits
You can:
- Ask that we restrict the processing of your data. This includes asking us to stop any automatic deletion of your data.
- Object to the processing of your data. We will stop processing your data.