Privacy Policy

CancelFlow (“we”, “us”, “our”) is a software-as-a-service product that provides drop-in churn prevention tooling for Stripe-based SaaS businesses. The service is operated by the individual behind the domain cancelflow.dev.

Questions about this policy can be sent to hello@cancelflow.dev.

We process your personal data on the following lawful bases under UK GDPR Article 6:

• Performance of a contract (Article 6(1)(b)): Processing your email address, subscription details, and embed configuration is necessary to provide the CancelFlow service you have signed up for.
• Legitimate interests (Article 6(1)(f)): We process usage events and analytics to maintain service quality, detect abuse, and improve the product. These interests do not override your rights.
• Compliance with a legal obligation (Article 6(1)(c)): We may retain billing records to comply with applicable financial and tax regulations.

Dashboard users (SaaS operators):

• Email address (via Google OAuth / magic link sign-in)
• Stripe customer ID, subscription plan, and billing status
• Embed configuration data (offer settings, Stripe secret keys encrypted at rest using AES-256-GCM, plan hierarchies)
• Usage events — when your end-users accept, skip, or cancel through your embed

End-users of your embeds:

• We receive the Stripe subscription ID passed by your script when the cancellation flow is triggered
• We record which retention offer was accepted or skipped, and any cancel reason collected
• We do not collect end-user names, emails, or payment details directly

• To authenticate and manage your dashboard account
• To process your subscription and provide access to paid features
• To serve your embed configuration to your script tag (via our CDN API)
• To apply Stripe subscription changes (pause, discount, downgrade) on your behalf using your stored Stripe secret key
• To send transactional emails (save notifications, billing receipts, trial welcome, abandoned checkout reminders) via Resend
• To display analytics in your dashboard
• To enforce plan limits (embed count, monthly request quotas)

We do not sell your data to third parties, and we do not use your data for advertising purposes.

• Stripe — payment processing, subscription management, Billing Portal. Stripe’s privacy policy applies to all payment data. stripe.com/privacy
• MongoDB Atlas — database hosting. Your data is stored in MongoDB Atlas (EU or US region depending on plan). mongodb.com privacy policy
• Resend — transactional email delivery. resend.com/privacy
• Vercel — hosting and serverless functions. vercel.com privacy policy
• Cloudflare — CDN delivery of the embed script. cloudflare.com privacy policy

Stripe secret keys stored for embed operation are encrypted at rest using AES-256-GCM with a server-side encryption key. Keys are never transmitted to the browser.

All data is transmitted over TLS (HTTPS). Access to the database is restricted to our application servers.

Account data is retained for as long as you have an active account. You may delete your account at any time from the Settings page — this permanently deletes all associated embeds, events, and configuration data.

Stripe customer records are retained by Stripe according to their own data retention policy.

Depending on your jurisdiction, you may have rights to access, correct, or delete the personal data we hold about you. To exercise these rights, email hello@cancelflow.dev.

You can delete your account and all associated data directly from the Settings page in your dashboard.

We use a single session cookie (next-auth.session-token) strictly required for authentication. We do not use tracking or advertising cookies.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority (the ICO in the UK) within 72 hours of becoming aware of it, in accordance with UK GDPR Article 33. Where the breach is likely to result in a high risk to you, we will also notify you directly without undue delay.

To report a suspected security issue, please contact hello@cancelflow.dev.

We may update this policy occasionally. If changes are significant, we will notify you by email. Continued use of the service after the effective date constitutes acceptance of the updated policy.