Privacy Policy

Last updated: May 22, 2026

1. Introduction

DisputePro AI LLC ("Company", "we", "us") is committed to protecting the privacy of our users and their clients. This Privacy Policy explains how we collect, use, store, and protect information when you use the DisputePro AI platform ("Service").

2. Information We Collect

Account Information:

  • Name, email address, phone number
  • Organization name and business details
  • Login credentials (passwords are hashed using bcrypt)
  • Billing information (processed by LemonSqueezy — we do not store card numbers)

Client Data (uploaded by you):

  • Client names, contact information, addresses
  • Social Security numbers (last 4 stored in plain text; full SSN encrypted with AES-256-GCM)
  • Credit reports and credit scores
  • Dispute history and correspondence
  • Documents (IDs, proof of address, agreements)

Payment Processing Data (Authorize.net):

  • Your Authorize.net API credentials are encrypted with AES-256-GCM before storage
  • Client credit card numbers are never stored — they are tokenized via Authorize.net Customer Profiles
  • We store only the last 4 digits, card brand, and expiration for display purposes

3. How We Use Information

  • To provide, maintain, and improve the Service
  • To process your subscription payments
  • To generate AI-powered dispute letters and credit analysis
  • To send transactional emails (invoices, password resets, dispute updates)
  • To provide customer support
  • To comply with legal obligations

4. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption at rest: Sensitive data (SSNs, API credentials) is encrypted using AES-256-GCM
  • Encryption in transit: All data is transmitted over HTTPS/TLS
  • Password security: Passwords are hashed using bcrypt with salt
  • Access control: Role-based access (Owner, Admin, Agent) limits who can view/modify data
  • Multi-tenant isolation: Each organization's data is logically isolated at the database level
  • PCI compliance: Credit card numbers are tokenized through Authorize.net and never stored on our servers

5. Data Sharing

We do not sell your data. We share data only with:

  • LemonSqueezy: Our merchant of record for SaaS subscription billing
  • Authorize.net: Payment processing for your client transactions (only when you connect your own merchant account)
  • Anthropic: AI processing of credit reports and dispute letter generation (data is not used for model training)
  • Resend: Transactional email delivery
  • Vercel: Application hosting and file storage
  • Law enforcement: When required by valid legal process

6. Data Retention

We retain your data for as long as your account is active. Upon account deletion, we will delete your data within 30 days, except where retention is required by law. Backups are purged within 90 days. You may request data export at any time by contacting support.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your data ("right to be forgotten")
  • Export your data in a portable format
  • Opt out of marketing communications
  • Restrict or object to data processing

To exercise these rights, contact us at privacy@disputepro.net.

8. Cookies & Analytics

We use essential cookies for authentication and session management. We do not use third-party tracking cookies or advertising pixels. We may collect anonymous usage analytics to improve the Service.

9. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect information from children.

10. California Privacy Rights (CCPA)

California residents have additional rights under the CCPA, including the right to know what personal information is collected, the right to delete, and the right to opt out of the sale of personal information. We do not sell personal information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. The "Last updated" date at the top reflects the most recent revision.

12. Contact Us

For privacy questions or data requests:

Email: privacy@disputepro.net