CHURNBOT

Privacy Policy

Last updated: February 2026

1. Introduction

ChurnBot ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use ChurnBot Audit ("Service"), our free Stripe churn analysis tool.

By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

We collect the following information that you voluntarily provide:

  • Email Address: Required to send you your churn health report and optional follow-up communications.
  • Stripe API Key: Used temporarily to analyze your Stripe account. This is never stored.

2.2 Information from Stripe

When you provide a Stripe API key, we access the following read-only data from your Stripe account:

  • Customer information (names, emails, creation dates)
  • Subscription details (plans, status, cancellation dates)
  • Invoice information (amounts, status, payment attempts)
  • Payment method details (card type, expiration dates)

Important: To generate your actionable report, we temporarily store individual customer records from your Stripe account (names, emails, Stripe IDs, invoice IDs, and card expiry details) within the report data. This data is automatically deleted after 14 days (or immediately upon your request). We also store aggregated metrics (total MRR, churn score, category counts) for analytics.

2.3 Automatically Collected Information

We may automatically collect:

  • Browser type and version
  • Device information
  • IP address
  • Usage data (pages visited, time spent)

3. How We Use Your Information

We use the information we collect to:

  • Generate your churn health report
  • Send you your report via email
  • Send optional follow-up emails with actionable recommendations
  • Improve our Service and develop new features
  • Analyze usage patterns and optimize user experience
  • Communicate with you about our products and services

4. Data Retention

4.1 API Keys

Your Stripe API key is never stored. It exists only in server memory during the analysis process and is immediately discarded after your report is generated.

4.2 Report Data

We retain your aggregated report data (score, metrics, grades) for up to 24 months to:

  • Allow you to access your report via the unique URL
  • Enable comparison if you run future audits
  • Improve our algorithms and benchmarks

4.3 Email Address

We retain your email address until you unsubscribe from our communications. You can unsubscribe at any time by clicking the unsubscribe link in any email or contacting us.

5. Data Security

We implement appropriate technical and organizational security measures to protect your data:

  • All data transmission is encrypted using TLS/SSL
  • API keys are processed in memory only and never written to disk
  • Database access is restricted and monitored
  • Regular security audits and updates

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

6. Data Sharing

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: With trusted third parties who assist in operating our Service (e.g., email delivery, hosting), bound by confidentiality agreements.
  • Legal Requirements: If required by law, court order, or governmental authority.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets.

7. Third-Party Services

Our Service integrates with or uses:

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate personal information
  • Request deletion of your personal information
  • Object to or restrict processing of your information
  • Data portability
  • Withdraw consent at any time

To exercise any of these rights, please contact us at [email protected].

9. Cookies

We use essential cookies to operate the Service. We do not use tracking or advertising cookies. Essential cookies are necessary for the Service to function and cannot be disabled.

10. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date and, where appropriate, notifying you by email.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]