EN ES DE

Privacy Policy

How we collect, process, and protect your data. We never ask for your recovery phrase.

Ledger Hardware Wallet Security Privacy Policy describes how personal data is collected, processed, stored, and protected when users interact with Ledger hardware wallet security services, authentication systems, and related protection resources. This policy applies comprehensively to all platforms where security functionality operates, including device verification systems, firmware authenticity check infrastructure, phishing site detection tools, and customer support channels serving crypto security needs.

This Privacy Policy was last updated in January 2026. Periodic review is recommended as updates may occur reflecting changes in data handling practices, regulatory requirements, or service capabilities across jurisdictions where users access services. Continued use of Ledger services after policy updates constitutes acceptance of revised terms governing ongoing data processing for cold storage security and safe Ledger usage through the secure element architecture.

Data Collection

Ledger Hardware Wallet Security services collect personal data necessary for providing authentication, verification, and support functionality while maintaining the crypto security and privacy expectations of cryptocurrency users who specifically choose hardware wallet protection for their private keys.

Device verification data includes serial numbers, firmware versions, and secure element attestation results processed during genuine Ledger device confirmation through Ledger Live verification. This data validates authenticity without accessing stored cryptocurrency or recovery phrases for cold wallet protection.

Authentication data includes connection timestamps, verification outcomes, and device identification supporting anti-tamper seal validation and firmware correlation processes. This data enables authenticity confirmation without compromising seed phrase safety.

Support interaction data includes information users provide when submitting security-related inquiries through official channels addressing phishing scams, fake marketplaces concerns, offline backup questions, and device confirmation assistance. This data is necessary for providing accurate guidance and resolving reported issues.

Website visitor data comprises standard server logs including IP addresses, browser types, pages visited, timestamps, and referral sources. This data supports security monitoring, phishing site detection, SSL secure verification, and content improvement analysis via USB-C or Bluetooth systems.

Cookies and Tracking Technologies

Ledger websites use cookies and similar technologies for functionality and analysis purposes with user control over non-essential categories through consent management interfaces.

Essential cookies enable core website functions including secure checkout process, session management, security features, and fraud prevention supporting tamper-resistant microcontroller verification systems. These cookies are strictly necessary for proper website operation and cannot be disabled without affecting security functionality. Essential cookies do not track users across websites or collect information for advertising purposes for private key isolation services.

Security cookies support fraud detection, suspicious activity monitoring, and protection against automated attacks targeting hardware wallet users and cryptocurrency holders. These cookies help protect both the platform and users from malicious activity supporting CC EAL5+ chip verification and offline signing security.

Analytics cookies collect anonymized website usage data including security documentation visits, verification guide engagement patterns, and navigation sequences. These cookies support content improvement and user experience optimization. Analytics cookies can be disabled through the consent interface without affecting cold storage security functionality.

Preference cookies remember user selections including language settings, regional preferences, and interface configurations. These cookies improve user experience by reducing repetitive selections and can be managed through browser settings for multi-asset management interfaces.

Cookie consent preferences persist for 13 months before requiring renewal in compliance with applicable regulations including GDPR and regional privacy laws. Users can modify preferences at any time through settings links available in website footers.

Analytics and Performance Monitoring

Ledger Hardware Wallet Security uses analytics to understand documentation effectiveness and security awareness patterns while maintaining user privacy through aggregation and anonymization practices that prevent individual identification.

Security analytics track anonymous patterns of phishing scams documentation access, fake marketplaces warning engagement, and verification guide usage across supported coins categories. Verification analytics aggregate anonymous patterns of device confirmation process completion, firmware authenticity check outcomes, and Ledger Live updates adoption. Performance analytics monitor website speed, authentication system responsiveness, and technical functionality across different devices, browsers, and geographic regions.

Analytics data retention follows a 26-month rolling period aligning with typical security development cycles and regulatory requirements. After this period, aggregated trend data archives for historical comparison while raw event data undergoes permanent deletion.

Third-Party Tools and Services

Ledger Hardware Wallet Security integrates with third-party services for specific functions with data sharing governed by respective service privacy policies and data processing agreements that ensure appropriate protection for safe Ledger usage. Cloud infrastructure providers host backend services including verification databases, authentication systems, and official Ledger domain check infrastructure under data processing agreements requiring compliance with applicable data protection regulations including GDPR requirements. Security monitoring services receive anonymized threat data. Customer support platforms process inquiry data for ticket management, response tracking, and service quality monitoring via USB-C and Bluetooth device security assistance.

Data Security

Ledger Hardware Wallet Security implements comprehensive technical and organizational security measures protecting user data throughout collection, processing, and storage operations supporting PIN setup verification and recovery phrase generation security.

Security measures include TLS 1.3 encryption for all data transmission, hardware secure element protection preventing private key extraction, cryptographic signature verification for firmware updates through update signature validation, genuine check verification detecting counterfeit devices via serial number validation, access controls restricting employee data access to authorized personnel only, regular security audits by independent third-party firms, and incident response procedures for addressing potential breaches promptly.

We never ask for your recovery phrase or private keys. The Ledger architecture ensures recovery phrases and private keys exist exclusively inside hardware wallet secure elements, isolated from all connected systems including companion software, computers, and mobile devices. These cryptographic secrets are never transmitted to Ledger servers, companion applications, or third parties during any verification, authentication, or support operation via USB-C or Bluetooth connection. Any request for recovery phrases or private keys through any channel should be immediately recognized as a phishing attempt requiring phishing scams awareness and reported to official support channels following official Ledger domain check procedures.

Data Retention

Ledger Hardware Wallet Security retains personal data only for durations necessary to fulfill stated purposes. Device verification records are retained for 18 months supporting anti-tamper seal validation, box integrity confirmation, and Ledger official database correlation for firmware correlation accuracy. Website server logs are retained for 90 days supporting security monitoring, SSL secure verification, and abuse investigation, then permanently deleted. Support tickets are retained for 3 years following last interaction. Cookie consent records follow 13-month retention per regulatory guidelines for secure crypto storage privacy. Users can request data deletion subject to legal retention requirements through the support portal. Deletion requests require identity verification before processing to prevent unauthorized access to account information.

User Rights

Depending on jurisdiction, users may exercise rights regarding personal data including access to data held about them, correction of inaccurate data, deletion subject to legal requirements, restriction of processing, data portability to alternative services, objection to processing based on legitimate interests, and withdrawal of consent without affecting prior processing legality. Rights requests can be submitted through the support portal at support.ledger.com using designated privacy request categories. Identity verification may be required before processing to confirm requester authority. Responses are provided within 30 days or shorter timeframes required by applicable law including GDPR requirements for offline backup guidance regions.

International Transfers

Data may be transferred internationally for processing by service providers located outside the user's jurisdiction including device confirmation verification infrastructure and official app download verification systems. Such transfers are protected by appropriate safeguards including Standard Contractual Clauses approved by regulatory authorities, adequacy decisions recognizing equivalent protection levels, and binding corporate rules governing intra-group transfers where applicable.

Children Privacy

Ledger services are not directed at individuals under 18 years of age. Personal data from minors is not knowingly collected during cold wallet security verification activities through firmware authenticity check channels. If such collection is discovered through verification processes, the data will be deleted promptly upon notification.

Policy Changes

This policy may be updated to reflect changes in data handling practices, service capabilities, or regulatory requirements. Material changes will be communicated through application interfaces, website notices, email notifications, or direct communication where appropriate and required for private keys protection and multi-step approval processes.

Privacy Inquiries

Privacy questions can be directed to the support portal at support.ledger.com using the privacy category for specialized handling. Privacy inquiries receive priority handling within applicable regulatory timeframes for the tamper-resistant microcontroller devices. For general security support regarding packaging inspection, offline generation, or Ledger Live verification, visit our Contact page.