Enterprise-grade security

Your data is protected

We use the same security infrastructure as Fortune 500 companies — powered by Cloudflare and Stripe.

TLS Encryption

All data in transit is encrypted with TLS 1.3 — the same standard used by banks and governments.

Cloudflare Protected

Our infrastructure runs on Cloudflare's global network with DDoS protection and automatic failover.

Read-only Access

We can only read payment failure events. We cannot charge, refund, or move any money.

What data we store

We store

  • Your email address (for account notifications)
  • Stripe account ID (to identify your account)
  • Invoice-level events (payment failed/succeeded)
  • Recovery campaign status (active/completed)
  • Email delivery status (sent/opened/clicked)

We never store

  • Full credit card numbers
  • CVV codes or card PINs
  • Bank account numbers
  • Customer addresses or phone numbers
  • Your Stripe password or credentials

You're always in control

1

Disconnect anytime

Remove RecoverKit from your Stripe Dashboard → Connected apps. All recovery activity stops immediately.

2

Export your data

Email us at [email protected] and we'll send you all your data in CSV format.

3

Delete everything

Request full account deletion anytime. We'll permanently delete all your data within 30 days.

Infrastructure & Compliance

Infrastructure

  • Cloudflare Workers (serverless compute)
  • Cloudflare D1 (encrypted database)
  • Cloudflare Pages (static hosting)
  • Resend (email delivery, SOC 2 certified)

Security Practices

  • Automatic TLS certificate renewal
  • DDoS attack mitigation
  • Automatic failover across data centers
  • Regular security audits

Ready to recover failed payments?

Connect your Stripe account in 2 minutes. Free 14-day trial, no credit card required.

Connect Stripe → Learn more about recovery →