Privacy Policy

RescuePay ("we", "our", "us") is a payment recovery platform that helps B2C subscription businesses automatically recover failed payments. Our registered address is available upon request at hello@rescuepay.io.

We collect only the data necessary to deliver our service:

• Account data: name, email address, company name, and billing information when you sign up.
• Usage data: feature interactions, session duration, and browser/device information to improve the product.
• Payment metadata: failed payment events, retry outcomes, and recovery amounts transmitted by your payment processor (e.g. Stripe). We never store raw card numbers.
• Communication data: messages sent through our AI recovery flows (WhatsApp, SMS, email) on your behalf.

Your data is used solely to:

• Operate and improve the RescuePay platform.
• Send transactional communications related to your account.
• Recover failed payments on behalf of your business.
• Meet our legal and compliance obligations.

We do not sell, rent, or trade your personal data to third parties.

For users in the European Economic Area, we process personal data under the following bases:

• Contract: processing necessary to deliver the service you signed up for.
• Legitimate interests: fraud prevention, security, and product analytics.
• Consent: marketing communications (you may withdraw at any time).

We retain account data for the duration of your subscription plus 12 months. Payment event logs are retained for 7 years to satisfy financial record-keeping requirements. You may request deletion of personal data at any time by emailing hello@rescuepay.io.

We share data with trusted sub-processors required to deliver our service, including:

• Stripe — payment processing
• Twilio — SMS and WhatsApp messaging
• Amazon Web Services — cloud infrastructure (EU region)
• PostHog — product analytics (self-hosted)

All sub-processors are bound by data processing agreements and comply with GDPR.

We use strictly necessary cookies to maintain your session and a small number of analytics cookies (with your consent) to understand feature usage. You can manage cookie preferences through our consent banner or your browser settings.

Under GDPR and applicable privacy laws, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Request erasure ("right to be forgotten").
• Object to or restrict certain processing activities.
• Data portability — receive your data in a machine-readable format.
• Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at hello@rescuepay.io.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or an in-app notice at least 14 days before they take effect.

For privacy-related questions, please email hello@rescuepay.io. We aim to respond within 5 business days.