Privacy Policy
Last updated: March 26, 2026
1. Data Controller
PaymentLeaks is a service operated by Chispa Dev. Contact: respira@chispa.dev.
2. Data We Collect
We collect the following data:
- Email: when you subscribe to our newsletter or create an account.
- Payment data: processed by Stripe. We do not store card data on our servers.
- Analytics: we use Vercel Analytics to understand aggregate usage patterns (no third-party cookies, no personally identifiable data).
We do not collect health data, biometric data, or any special category of personal data.
- Email: when you subscribe to our newsletter or create an account.
- Payment data: processed by Stripe. We do not store card data on our servers.
- Analytics: we use Vercel Analytics to understand aggregate usage patterns (no third-party cookies, no personally identifiable data).
We do not collect health data, biometric data, or any special category of personal data.
3. Purpose of Processing
We use your data to:
- Send you daily payment intelligence briefings.
- Manage your subscription and payments.
- Improve the service through aggregate analytics.
- Send you daily payment intelligence briefings.
- Manage your subscription and payments.
- Improve the service through aggregate analytics.
4. Legal Basis
Processing is based on your consent (when subscribing) and on the execution of the subscription contract. Analytics are based on our legitimate interest in improving the service.
5. Data Sharing
We share data only with:
- Stripe: for payment processing (see their privacy policy).
- Vercel: for hosting and analytics (see their privacy policy).
We do not sell or share your data with third parties for commercial purposes.
- Stripe: for payment processing (see their privacy policy).
- Vercel: for hosting and analytics (see their privacy policy).
We do not sell or share your data with third parties for commercial purposes.
6. Data Retention
We retain your email as long as you maintain an active subscription or wish to receive the newsletter. Payment data is managed by Stripe according to their retention policies.
7. Your Rights (GDPR)
You have the right to:
- Access: request a copy of your data.
- Rectification: correct inaccurate data.
- Erasure: request deletion of your data.
- Portability: receive your data in a structured format.
- Objection: object to processing based on legitimate interest.
- Withdraw consent: at any time.
To exercise these rights, contact: respira@chispa.dev. We will respond within 30 days.
- Access: request a copy of your data.
- Rectification: correct inaccurate data.
- Erasure: request deletion of your data.
- Portability: receive your data in a structured format.
- Objection: object to processing based on legitimate interest.
- Withdraw consent: at any time.
To exercise these rights, contact: respira@chispa.dev. We will respond within 30 days.
8. Security
We implement appropriate technical and organizational measures to protect your data, including encryption in transit (HTTPS) and restricted access to systems.
9. Cookies
We only use functional cookies necessary for the operation of the service (session, language preference). We do not use tracking or advertising cookies.
10. Contact
For any privacy inquiries: respira@chispa.dev