Privacy Policy

Last updated: April 23, 2026

1. Overview

ChargeGuard ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered chargeback management platform ("the Service").

2. Data We Collect

Account Data. When you register, we collect your name, email address, company name, and payment information. Payment data is processed by Stripe and never stored on our servers.

Usage Data. We collect information about how you use the Service, including dispute responses generated, evidence uploaded, outcomes tracked, and feature usage patterns.

Dispute Data. When you use the Service to manage chargebacks, we process transaction details, dispute reasons, merchant responses, and supporting evidence documents you upload.

Technical Data. We automatically collect IP addresses, browser type, device information, cookies, and usage logs when you interact with the Service.

3. How We Use Your Data

We use collected data to:

  • Provide, maintain, and improve the Service
  • Generate AI-powered dispute responses based on your input
  • Process subscription payments and manage your account
  • Send transactional emails (payment confirmations, account updates, dispute status changes)
  • Provide customer support and respond to inquiries
  • Monitor usage patterns to improve product performance and user experience
  • Detect, prevent, and address fraud, abuse, and security issues
  • Comply with legal obligations

4. Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe — for payment processing. Stripe processes your payment details under their own privacy policy.
  • Supabase — our database and authentication provider, hosting our application data in the EU.
  • AI Providers — to generate dispute responses, relevant data is sent to our AI processing pipeline. We do not use your data to train third-party AI models.
  • Vercel — our hosting provider for application delivery.
  • Service providers — third parties who assist us in operating the Service (email delivery, analytics), bound by data processing agreements.

We may also disclose data when required by law, regulation, or legal process.

5. Data Retention

We retain your account data for as long as your account is active. Dispute data and generated responses are retained for the duration of your subscription plus 24 months for record-keeping purposes. Upon account deletion, personal data is removed within 30 days, except where retention is required by law. Anonymized usage statistics may be retained indefinitely.

6. Your Rights

In accordance with GDPR and applicable data protection laws, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate or incomplete data
  • Erasure — request deletion of your personal data ("right to be forgotten")
  • Restriction — request limitation of processing of your data
  • Portability — receive your data in a structured, commonly used format
  • Objection — object to processing based on legitimate interests or for direct marketing
  • Withdraw consent — withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at support@chargeguard.io. We will respond to your request within 30 days.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), encryption at rest, access controls, regular security assessments, and secure infrastructure hosted on Vercel and Supabase. While we strive to protect your data, no method of electronic storage is 100% secure.

8. International Data Transfers

Your data is processed and stored primarily within the European Union (Supabase EU region). Some sub-processors may operate outside the EU. Where transfers occur, appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions.

9. Cookies

We use essential cookies for authentication and session management. We may use analytics cookies to understand usage patterns. You can manage cookie preferences through your browser settings. Essential cookies cannot be disabled as they are necessary for the Service to function.

10. Children's Privacy

The Service is not intended for individuals under 16 years of age. We do not knowingly collect data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 30 days before taking effect. The "Last updated" date at the top of this page indicates when it was last revised.

12. Contact

For questions about this Privacy Policy or to exercise your data rights, contact us at:
Email: support@chargeguard.io

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.