Privacy Policy

Effective Date: [Insert Date]

Mighty Clover LLC ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard information when you use our payment decline recovery services.

1. Information We Collect

1.1 Transaction Information:

  • Payment transaction data (amount, currency, transaction ID)
  • Decline codes and authorization responses
  • Transaction timestamps and merchant identifiers
  • Payment method tokens (no raw card numbers)

1.2 Customer Information:

  • Name and email address
  • Billing address information
  • Phone number (when provided)
  • Account identifiers from merchant systems

1.3 Technical Information:

  • IP addresses and device identifiers
  • Browser type and operating system
  • API usage logs and system performance data

2. How We Use Your Information

2.1 Service Provision: We use collected information to provide automated payment retry services, analyze decline patterns, and optimize recovery rates.

2.2 Fraud Prevention: Transaction data helps identify and prevent fraudulent activities to protect merchants and customers.

2.3 Analytics and Reporting: We analyze transaction patterns to improve service performance and provide detailed reporting to merchants.

2.4 Legal Compliance: Information may be processed to comply with legal obligations, including anti-money laundering and tax reporting requirements.

2.5 Customer Support: Personal data may be used to respond to inquiries and provide technical support services.

3. Legal Basis for Processing

3.1 Contractual Necessity: Processing is necessary to perform our services under agreements with merchants.

3.2 Legitimate Interest: We have legitimate interests in fraud prevention, service improvement, and business analytics.

3.3 Legal Obligation: Processing may be required to comply with applicable laws and regulations.

4. Information Sharing

4.1 Merchants: Transaction results and recovery data are shared with the relevant merchant who initiated the processing.

4.2 Service Providers: We may share data with trusted service providers who assist in delivering our services, including:

  • Payment gateways and processors
  • Cloud hosting and infrastructure providers
  • Fraud prevention and dispute resolution services

4.3 Legal Requirements: We may disclose information if required by law, court order, or government regulation.

4.4 Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the new entity.

5. Data Security

5.1 Encryption: All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.

5.2 Access Controls: Strict access controls ensure only authorized personnel can access personal data on a need-to-know basis.

5.3 Security Monitoring: Continuous monitoring and logging of all data access and processing activities.

5.4 Incident Response: Comprehensive incident response procedures to address any potential security breaches.

6. Data Retention

6.1 Retention Period: Personal data is retained for the duration necessary to provide services, typically up to 7 years for financial records.

6.2 Legal Requirements: Some data may be retained longer to comply with legal, regulatory, or tax obligations.

6.3 Secure Deletion: Data is securely deleted or anonymized once retention periods expire.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request access to your personal data we hold
  • Rectification: Request correction of inaccurate personal data
  • Erasure: Request deletion of your personal data in certain circumstances
  • Portability: Request transfer of your data in a structured format
  • Objection: Object to processing based on legitimate interests
  • Restriction: Request restriction of processing in certain situations

8. Cookies and Tracking

8.1 Essential Cookies: We use necessary cookies for service functionality and security.

8.2 Analytics: Anonymous usage analytics help us improve our services.

8.3 Third-Party Services: Some integrated services may use their own cookies subject to their privacy policies.

9. International Data Transfers

9.1 Transfer Restrictions: Personal data is processed primarily within [Insert Jurisdiction].

9.2 Safeguards: When international transfers are necessary, appropriate safeguards such as standard contractual clauses are implemented.

9.3 Adequacy Decisions: Transfers only occur to jurisdictions with adequate data protection levels.

10. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. Material changes will be communicated through appropriate channels.

Continued use of our services after policy updates constitutes acceptance of the revised terms.

11. Contact Information

For questions about this Privacy Policy or to exercise your rights, please contact us:

Email: info@flowbackpay.com

Address: [Insert Physical Address]

Last updated: [Insert Date]