ReditoPay
Privacy Policy

Privacy Policy

Last updated: May 23, 2026

ReditoPay helps Stripe businesses monitor failed payments and send recovery emails. This policy explains what information we collect, how we use it, and what we do not collect.

Information we collect

When you create an account, we collect your email address, company name, authentication details, and basic workspace information.

When you connect Stripe, we store your encrypted Stripe webhook signing secret and receive Stripe webhook events related to failed or recovered payments. These events may include customer email addresses, invoice IDs, invoice amounts, currencies, decline codes, payment error messages, hosted invoice links, and timestamps.

When ReditoPay sends recovery emails, we store delivery logs such as recipient email, subject, status, provider message ID, error messages, and sent time.

Information we do not collect

ReditoPay does not collect, process, or store card numbers, CVC codes, bank account credentials, or raw payment method details. Payment updates happen through Stripe-hosted invoice or payment pages.

How we use information

We use the information we collect to:

  • Verify and process Stripe webhook events.
  • Classify failed payments and show them in your dashboard.
  • Schedule and send recovery emails to your customers.
  • Cancel pending recovery emails when a payment is recovered.
  • Provide support, debug issues, and protect the service.

Service providers

ReditoPay relies on third-party providers to operate the service, including Stripe for payment and invoice data, Supabase for authentication and database infrastructure, Resend for email delivery, and hosting infrastructure for the web application.

Data security

We use technical safeguards such as webhook signature verification, encrypted webhook secrets, restricted server-side access, and authenticated dashboard access. No system is perfectly secure, but we take reasonable steps to protect the data handled by ReditoPay.

Data retention

We retain account, webhook, failed payment, scheduled email, and email log data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and maintain accurate recovery records. You may request deletion of your account data by contacting us.

Your responsibilities

If you use ReditoPay to send recovery emails to your customers, you are responsible for making sure your use of ReditoPay complies with your own privacy policy, customer agreements, and applicable email and data protection rules.

Contact

If you have questions about this policy, contact us at support@reditopay.com.