Privacy Policy
Last Updated: December 30, 2025
1. Introduction
DisputeKit AI ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our credit dispute letter generation service ("Service"). Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy.
2. Information We Collect
2.1 Personal Information
We collect personal information that you voluntarily provide to us, including:
- Full legal name
- Current mailing address
- Email address
- Phone number (optional)
- Date of birth
- Last four digits of Social Security Number (for identity verification purposes only)
2.2 Credit Report Information
When you upload your credit report for analysis, we collect information contained therein, including:
- Creditor and account names
- Account numbers (partial)
- Account statuses and payment history
- Balances and credit limits
- Public records and collection accounts
- Credit inquiries
2.3 Payment Information
Payment processing is handled by our third-party payment processor (Stripe). We do not store full credit card numbers, CVV codes, or other sensitive payment information on our servers.
2.4 Automatically Collected Information
When you access the Service, we automatically collect certain information, including:
- IP address and geographic location
- Browser type and version
- Device type and operating system
- Pages visited and time spent
- Referring website addresses
3. How We Use Your Information
We use the collected information to:
- Generate customized credit dispute letters based on your credit report
- Process your payment and deliver the dispute packet
- Communicate with you about your order and provide customer support
- Improve and optimize our Service
- Detect and prevent fraud or unauthorized access
- Comply with legal obligations
- Send you promotional communications (only with your consent)
4. Data Retention
We retain your personal information and credit report data for a limited period:
- Credit report files: Automatically deleted within 7 days of processing
- Generated dispute letters: Available for download for 30 days, then permanently deleted
- Transaction records: Retained for 7 years for accounting and legal purposes
- Account information: Retained until you request deletion
5. Information Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
- Service Providers: With trusted third parties who assist us in operating the Service (e.g., payment processing, cloud hosting), subject to confidentiality obligations
- Legal Requirements: When required by law, subpoena, court order, or government request
- Protection of Rights: To protect our rights, property, or safety, or that of our users or others
- Business Transfers: In connection with a merger, acquisition, or sale of assets
6. Data Security
We implement industry-standard security measures to protect your information, including:
- 256-bit SSL/TLS encryption for all data transmission
- AES-256 encryption for data at rest
- Secure, SOC 2 compliant cloud infrastructure
- Regular security audits and vulnerability assessments
- Access controls and authentication requirements
- Employee training on data protection practices
However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
7. Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you
- Correction: Request correction of inaccurate or incomplete information
- Deletion: Request deletion of your personal information
- Portability: Request transfer of your data in a machine-readable format
- Opt-Out: Unsubscribe from marketing communications at any time
To exercise these rights, please contact us at privacy@disputekit.io.
8. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected and how it is used
- Right to delete personal information
- Right to opt-out of the sale of personal information (we do not sell your data)
- Right to non-discrimination for exercising your privacy rights
9. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience. These include:
- Essential Cookies: Required for the Service to function properly
- Analytics Cookies: Help us understand how visitors use our Service
- Preference Cookies: Remember your settings and preferences
You can control cookies through your browser settings, but disabling certain cookies may affect the functionality of the Service.
10. Children's Privacy
The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.
11. International Data Transfers
Our Service is operated in the United States. If you access the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically for any changes.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us at:
Email: privacy@disputekit.io
Website: www.disputekit.io/contact