Skip to main content
๐Ÿ”’ Trust & Security

Your data is safe.
Here's exactly why.

We know you're sharing sensitive financial information with NIL Ledger. This page explains precisely what we collect, how we protect it, how our AI works, and what you should never share with any platform โ€” including us.

๐Ÿฆ
Bank Account Connection (Elite Plan)
We never see your bank login credentials
Bank connections are powered by Plaid Technologies, Inc. โ€” a federally regulated financial data aggregator used by thousands of apps including Venmo, Robinhood, and Cash App. When you connect your bank, you log in directly through Plaid's secure interface. NIL Ledger never sees, stores, or touches your username or password.
What we receive from Plaid
Plaid sends us only: transaction amounts, merchant names, transaction dates, and account balances. We never receive your account number, routing number, or login credentials. Plaid is compliant with bank-level security standards including SOC 2 Type II.
You control the connection
You can disconnect your bank account at any time from Settings โ†’ Bank Account Connection. When you disconnect, we stop receiving new transaction data immediately.
๐Ÿค–
Deal Analyzer & AI Usage
โš ๏ธ Important: Redact personal identifiers before uploading contracts
Before uploading or pasting any contract into Deal Analyzer, remove personally identifying information including your full name, home address, Social Security number, bank account numbers, phone number, and email address. NIL Ledger only needs the contract terms and financial structure to perform an analysis โ€” not your personal details. This protects you regardless of which platform or service you use.
How the Deal Analyzer works
When you run a Deal Analyzer, your deal description or contract text is sent securely to Anthropic's Claude API โ€” the same AI that powers Claude.ai. The text is transmitted over an encrypted TLS connection. Anthropic processes the request and returns an analysis. The text is not stored by Anthropic beyond the duration of the request.
Anthropic does not train on your data
Anthropic's API terms explicitly state that API inputs and outputs are not used to train AI models. This is different from consumer AI tools like ChatGPT's free tier, where your conversations may be used for training. Because NIL Ledger uses Anthropic's API (not a consumer product), your contract text is not used to train any AI model. You can review Anthropic's data privacy policy at anthropic.com/privacy.
What the AI actually receives
In Deal Analyzer mode (not contract review), we send: deal type, offered amount, sport, school, follower count, and your typed deal description. No account numbers, no SSN, no banking credentials. In Contract Review mode, we send the text you paste or upload โ€” which is why redacting personal identifiers first is important.
File uploads (PDF, Word, photos)
When you upload a contract file, it is temporarily stored on our server for the sole purpose of extracting the text. The file is deleted immediately after text extraction. Only the extracted text is sent to Anthropic for analysis. Files are never permanently stored and are never shared with any third party other than Anthropic for the purpose of analysis.
๐Ÿ’ฐ
Your Financial Data
What you enter stays yours
Transaction amounts, deal values, expense entries, and compliance records you enter into NIL Ledger are stored in your private account in our database (Supabase). Row-Level Security ensures that no other user โ€” and no advisor you haven't explicitly authorized โ€” can ever see your data. Your detailed financial records (transactions, deal amounts, and compliance entries) are not exposed through any internal or administrative tooling. Administrative access to account data is restricted to authorized personnel, protected by separate credentials, and used only for support and operations.
We never sell your data
NIL Ledger does not sell, rent, license, or share your financial data with advertisers, data brokers, or any third party for commercial purposes. Your data is used solely to provide the service to you.
Encryption everywhere
All data in transit is encrypted using TLS 1.2 or higher. All data at rest is encrypted using AES-256. Your password is hashed with bcrypt and never stored in plaintext. Payment information is handled exclusively by Stripe (PCI-DSS Level 1 compliant) โ€” we never store full card numbers.
๐Ÿข
Agency Accounts & Client Data
Each agency only sees its own clients
On the Agency plan, a sports agency or advisor manages financial information on behalf of the athletes it represents. Each agency's client data is logically isolated โ€” one agency can never access another agency's clients. Access within an agency is controlled by team-member roles (owner, admin, member) that the agency manages itself.
Athletes stay in control through consent
An agency can only manage an athlete's data after the athlete grants consent, and the athlete can revoke that access at any time. When an athlete connects a bank account in connection with an agency, they authorize it directly through Plaid's secure interface โ€” the agency never sees the athlete's bank login credentials, and NIL Ledger never stores them.
The agency manages the data; we provide the tools
NIL Ledger provides the software tools an agency uses to organize its clients' NIL finances. The agency is responsible for the accuracy of what it enters and for its own conduct toward its clients. NIL Ledger is not an agent, advisor, or representative of any athlete.
โ“
Common Questions
Is NIL Ledger safer than using ChatGPT or Copilot for my financial questions?
Yes, for several reasons. First, NIL Ledger is purpose-built for athlete financial data โ€” not a general-purpose AI where your conversation history may be stored and potentially used for training. Second, we use Anthropic's API which explicitly does not use inputs for training. Third, your data is stored in a private, encrypted database accessible only to you โ€” not in a general chat history. Fourth, we never ask you to upload bank statements or tax returns โ€” the data you enter is structured financial information, not raw documents with sensitive identifiers.
Can NIL Ledger staff see my financial information?
Your detailed financial records โ€” individual transactions, deal amounts, and compliance entries โ€” are not accessible through any internal or administrative tooling, and Row-Level Security prevents any other user from seeing them. Authorized administrators can access basic account information (such as name, email, and plan) for support, billing, and operations, protected by separate admin credentials. We do not browse, sell, or share your financial data, and we use only aggregate statistics for product improvement.
What happens to my data if I cancel my subscription?
Your data remains in your account until you explicitly request deletion. If you want your data deleted, email support@nilledger.com and we will permanently delete all your records within 30 days. We strongly recommend downloading your CPA export reports before cancelling so you have a permanent copy of your financial records.
Is it safe to connect my bank account?
Yes. Bank connections use Plaid, which is the same infrastructure used by Venmo, Robinhood, and thousands of other financial apps. Your bank login credentials go directly to Plaid โ€” they never pass through NIL Ledger's servers. Plaid is regulated and audited at bank-level security standards. What NIL Ledger receives is limited to transaction descriptions, amounts, and dates โ€” not your account number, routing number, or login credentials.
Should I upload my actual contract to Deal Analyzer?
You can โ€” but please redact personal identifiers first. Remove your full name, address, Social Security number, and any account numbers from the document before uploading. The analysis only needs the contract terms and financial structure, not your personal details. If you're uncomfortable uploading a file, you can always use the paste option and manually copy only the relevant contract clauses.
What information should I never share with any AI platform, including NIL Ledger?
As a general rule for any platform: never share your full Social Security number, bank account numbers, routing numbers, passwords, government ID numbers, or complete unredacted financial statements. For NIL Ledger's Deal Analyzer specifically, remove these identifiers from any contract before uploading. You don't need them for an accurate analysis โ€” only the deal terms matter.
โœ…
Our Security Credentials
โœ“Supabase database with Row-Level Security โ€” Each user can only access their own data โ€” enforced at the database level
โœ“TLS 1.2+ encryption in transit โ€” All communications between your browser, our servers, and third-party services
โœ“AES-256 encryption at rest โ€” All stored data encrypted at the database level
โœ“Stripe PCI-DSS Level 1 payments โ€” Bank-level payment security โ€” we never store card numbers
โœ“Plaid bank connectivity โ€” Federally regulated, SOC 2 Type II compliant
โœ“Anthropic Claude API โ€” API inputs not used for model training per Anthropic's terms
โœ“Snyk vulnerability scanning โ€” Automated security scanning on every code deployment
โœ“Private GitHub repository โ€” Source code not publicly accessible
โœ“MFA on all internal systems โ€” All admin access protected with multi-factor authentication
Have a security question or concern?
We take security reports seriously and respond promptly.
support@nilledger.com
ยฉ 2026 NIL Ledger. All rights reserved. NIL Ledger is a trade name of Athlete Infrastructure LLC.
Privacy Policy ย ยทย  Terms of Use ย ยทย  Accessibility ย ยทย  Back to Home