Privacy Policy

Effective Date: December 1, 2024

1. Introduction

RefundIQ ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your information when you use our website and services. Our platform provides post-purchase analytics by accessing certain authorized data. We do not process orders or execute financial transactions. This policy reflects our compliance with Google, Plaid, and Stripe data requirements, as well as applicable privacy laws.

2. Information We Collect

We collect the following types of information when you use our services:

  • Account Information:
    When you sign up using your Google account via OAuth 2.0, we collect and store your:

    • Full name

    • Email address

    • Google profile image

  • Note: We do not collect your phone number from Google.

  • Email Data via Gmail Read-Only Access:
    With your explicit authorization, we use the Gmail Read-Only scope (https://www.googleapis.com/auth/gmail.readonly) to extract non-personally identifiable information strictly related to:

    • Refunds

    • Returns

    • Exchanges

    • Credits

    • Subscriptions

    • Shipping or order confirmations (for tracking refund eligibility)

    • Any other data directly related to post-purchase transactions, in non-PII form

  • We do not store full Gmail message bodies, personal conversations, passwords, or unrelated PII.

  • Financial Information via Secure Integrations:
    With your consent, we connect to services like:

    • Plaid, to securely access financial account and transaction metadata

    • Stripe, for subscription billing and payment record verification

  • Usage Data:
    We may collect information about how you interact with our platform, such as click patterns, device type, browser version, and access times.

3. How We Use Your Information

We use your information to:

  • Authenticate and manage your account

  • Analyze post-purchase activity to detect refund, return, or credit eligibility

  • Match email and financial account data to identify missed or incorrect refunds

  • Notify you of insights, discrepancies, or service updates

  • Improve the accuracy, security, and performance of our services

  • Comply with applicable laws and third-party platform policies

4. What We Do Not Collect or Store

We explicitly do not collect or store:

  • Your phone number via Google

  • Full Gmail message bodies or entire inboxes

  • Social Security numbers, credit card numbers, or sensitive personal data

  • Any Gmail content not related to refunds, returns, credits, or subscription activity

  • Any data for advertising, remarketing, or profiling purposes

  • We do not use or retain your data obtained through Google Workspace APIs to develop, improve, or train generalized AI and/or machine-learning models

We do not sell or share your data with third parties for advertising, marketing, or user profiling.

5. AI & Machine Learning Usage

We do not use any Google user data (including Workspace API Data) to develop, improve, or train any AI and/or machine-learning models.

We do not use Google Workspace APIs for training non-personalized AI and/or machine-learning models.

We do not transfer any user data obtained via Google Workspace APIs to any third-party AI and/or machine-learning tools.

6. Third-Party Services

We integrate with trusted services to provide our platform:

  • Google OAuth – for user authentication and Gmail analytics (read-only access)

  • Plaid – for securely accessing linked financial accounts (Plaid Privacy Policy)

  • Stripe – for secure billing and subscription processing (Stripe Privacy Policy)

  • AI and machine-learning – we currently do not integrate with any AI and/or machine-learning vendors using Google user data

Each third-party provider has its own privacy policy and terms. We only share data as required to deliver our service and comply with platform policies.

We comply with Google’s API Services User Data Policy, including its Limited Use requirements.

To revoke Gmail access at any time, visit:
https://myaccount.google.com/permissions

7. Your Rights

You have the right to:

  • Access your personal data

  • Request correction or deletion of your data

  • Export your data

  • Disconnect integrated services (Google, Plaid, Stripe)

  • Revoke consent for Gmail access

To exercise your rights, email us at: privacy@refundiq.app

8. Data Retention

We retain your data only as long as necessary to provide our services and comply with legal obligations. Gmail-derived data is stored only in structured, non-PII form (e.g., refund status, amount, date, business). You may request deletion of your account and associated data at any time.

9. Data Security

We implement industry-standard security measures to protect your data, including:

  • End-to-end encryption for sensitive data

  • Secure infrastructure with access controls

  • Periodic audits and monitoring

  • Limited internal access to user data

No method of transmission or storage is 100% secure, but we continuously improve our security posture.

10. Updates to This Policy

We may update this Privacy Policy periodically. If significant changes occur, we will notify you via email or through in-app messaging. The latest version will always be available at www.refundiq.com/privacy.

11. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact:

RefundIQ Privacy Team
Email: privacy@refundiq.app
Address: 8390 East Via De Ventura, Ste F-110 #2007, Scottsdale, AZ 85258

Last Updated: May 12, 2025