Privacy Policy

The short version

PaidBump connects to your Stripe account to read your invoices and customers. We use that data to generate follow-up emails. We encrypt your API key, we never see your customers' card numbers, and we never sell your data to anyone.

What we access in Stripe

PaidBump uses a restricted API key that you create and control. We request read-only access to two things only: your invoice list and your customer list (names and email addresses). We never request access to payment methods, card numbers, bank accounts, or payouts.

How we store your API key

Your Stripe restricted API key is encrypted using AES-256 symmetric encryption before being stored in our database. The plaintext key is only decrypted in memory at the moment we sync your invoices, and is never logged or written to disk in plaintext. You can revoke it from Stripe at any time.

What data we store

• Your account email (password is hashed, never stored in plaintext)
• Your Stripe API key (encrypted)
• Invoice data: number, amount, due date, status
• Customer data: name and email address only
• Follow-up messages and their send status
• Your settings: sender name, email, tone preferences

How we use your data

We use your data solely to provide the service. We do not use your data to train AI models. We do not sell, rent, or share your data with third parties for marketing purposes.

Third-party services

• Supabase — database and auth
• Anthropic Claude — AI email generation
• Resend — email delivery
• Lemon Squeezy — subscription billing
• Vercel — application hosting

Deleting your data

Email hi@paidbump.com and we will delete all data associated with your account within 7 days.

Contact

Questions? Email hi@paidbump.com. We respond within 2 business days.