Legal

Privacy Policy

**Last updated:** June 2026

Declined.io ("Declined", "we", "us") provides payment recovery software for subscription businesses. This policy describes how we collect, use, and protect personal data when you use our website and platform.

What we collect

  • **Account data:** name, email, company, authentication credentials
  • **Workspace data:** billing provider connections, customer records you sync, recovery events, sequences, and analytics you configure
  • **Usage data:** product interactions, API calls, audit logs, and security signals (e.g. IP address on waitlist signup)
  • **Communications:** support requests, compliance inquiries, and email delivery metadata

How we use data

We use data to operate the service, authenticate users, run dunning and recovery workflows, provide support, improve the product, meet legal obligations, and send service-related email.

Sub-processors

We use infrastructure and service providers including Supabase (database and auth), Resend (email), Cloudflare (bot protection), and your chosen payment processors. Customer payment credentials are stored per workspace configuration, not shared across tenants.

Retention

Workspace retention settings control how long customer and recovery data is kept. You may request export or deletion via Settings → Compliance.

Your rights

Depending on your location, you may have rights to access, correct, delete, or port your data. Contact **privacy@declined.io** for requests.

Contact

**privacy@declined.io** — Declined.io