Legal
Last updated: June 5, 2026
We collect the minimum data necessary to provide the service: • Email address — used for authentication and to send you account-related emails (welcome, payment recovery notifications). • Stripe OAuth token — a read-only access token obtained through Stripe Connect OAuth. This token allows us to read your invoice, charge, and customer data from Stripe. We never access your full card data or initiate any financial transactions. • Failed payment data — invoice IDs, customer names, customer emails, amounts, currencies, and failure reasons fetched from your Stripe account and stored in our database for display in your dashboard. • Usage data — basic analytics about how you use the service (page views, feature usage).
We use your data solely to provide and improve LeakCheck: • To display your failed payment dashboard. • To send automated recovery emails to your customers on your behalf (Pro plan only). • To send you transactional emails (welcome email, billing receipts). • To calculate the total amount you have lost and could recover. We do not use your data for advertising, profiling, or any purpose beyond operating the service.
We do not sell, rent, or share your personal data or your customers' data with any third party for commercial purposes. Full stop. The only third parties that receive data are: • Supabase — our database provider, used to store your account and payment data securely. • Resend — our email delivery provider, used only to send emails you have explicitly triggered. • Stripe — your payment processor, which is the source of the data we read via OAuth.
All data is encrypted in transit (TLS) and at rest. Your Stripe access token is stored encrypted and is never exposed in client-side code or API responses. We use Supabase Row Level Security (RLS) to ensure each user can only access their own data.
We retain your data for as long as your account is active. If you delete your account, all associated data is permanently deleted within 30 days. You can request deletion at any time by contacting us.
You have the right to access, correct, or delete your personal data at any time. You can revoke LeakCheck's access to your Stripe account at any time from your Stripe Dashboard under Connected Applications.
If you have any questions about this Privacy Policy, please contact us at: robimlocar@gmail.com