Privacy Policy

Dispute2Go, operated by IPA LLC ("Company," "we," "us," or "our"), is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Dispute2Go platform and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please do not use the Service.

Account Information. When you register for an account, we collect your name, email address, password (stored in hashed form), and the date you registered. If you register on behalf of a business, we may also collect your business name.

Credit Report Data. If you upload a credit report PDF to the Service, we process and store the contents of that report, including your name, address, Social Security Number (SSN) partial or full as present in the document, account information, inquiry records, public records, and other data contained in the report. This data is treated with heightened security controls as described in the Credit Report Data section below.

Usage Data. We automatically collect information about how you interact with the Service, including log data (IP address, browser type, pages visited, time and date of visits, time spent on pages), device information, and feature usage patterns. This data is used to improve the platform and troubleshoot technical issues.

Payment Information. All payment processing is handled by Stripe, Inc. We do not store your full credit card number, CVV, or banking information on our servers. We receive and store a Stripe customer ID and the last four digits of your payment method for billing reference purposes.

Communications. If you contact us via email or support channels, we retain those communications to respond to your requests and improve our Service.

We use the information we collect for the following purposes:

To Provide the Service. We use your account information and credit report data to operate the Dispute2Go platform, including generating dispute letters, tracking dispute outcomes, and providing access to AMELIA, our AI-powered dispute assistant.

To Improve the Platform. Aggregated and anonymized usage data helps us understand how users interact with features, identify areas for improvement, and prioritize product development. We do not use identifiable credit report data for model training without explicit consent.

Compliance and Legal Obligations. We may use your information to comply with applicable laws, regulations, legal processes, and government requests, including those related to the FCRA, FDCPA, and CROA.

Communications. We may send you transactional emails (account confirmations, billing receipts, dispute status updates) and, with your consent, marketing communications about new features or offers. You may opt out of marketing communications at any time.

Fraud Prevention and Security. We use information to detect and prevent fraudulent activity, unauthorized access, and other harmful behavior.

Credit report data is among the most sensitive personal information we handle. We apply additional controls to this data beyond our standard security practices:

Restricted Access. Credit report data is accessible only to you (or your authorized credit repair specialist, if applicable) and to the automated systems necessary to process disputes. Our employees do not access your credit report data except in the course of resolving a support request you initiate, and only with your acknowledgment.

No Third-Party Data Sales. We do not sell, rent, or lease your credit report data to any third party. We do not share it with advertisers, data brokers, or affiliate marketers.

Service-Necessary Sharing. We may share credit report data with third-party service providers only as strictly necessary to provide the Service — for example, with a secure document delivery provider if you choose to mail a dispute letter through the platform. All such providers are bound by data processing agreements that restrict use to the specified service purpose.

Retention. Uploaded credit reports and the data extracted from them are retained for the duration of your active account, plus 90 days following account closure, to allow for dispute follow-up. You may request earlier deletion by contacting us at privacy@dispute2go.com.

We implement industry-standard security measures to protect your personal information. These include:

Encryption. All data in transit is encrypted using TLS 1.2 or higher. Sensitive data at rest, including credit report files and PII, is encrypted using AES-256 encryption.

Access Controls. Access to production systems is restricted to authorized personnel through role-based access controls and multi-factor authentication requirements.

Infrastructure. The Service is hosted on cloud infrastructure that meets SOC 2 Type II compliance requirements. We conduct regular security reviews and maintain an incident response plan.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. If you believe your account has been compromised, please contact us immediately at privacy@dispute2go.com.

We use the following third-party services to operate the platform. Each has its own privacy policy governing their use of data:

Stripe, Inc. — Payment processing. Stripe processes payment transactions and stores payment method data on our behalf. Stripe is PCI-DSS Level 1 certified. See stripe.com/privacy.

Sentry. — Error monitoring and application performance monitoring. Sentry receives error logs that may include anonymized technical data about your session when an error occurs. We configure Sentry to minimize PII exposure in error reports.

Analytics. — We may use privacy-respecting analytics tools to understand aggregate usage patterns. Any analytics tool we use is configured to anonymize IP addresses and we do not use third-party behavioral advertising trackers.

Depending on your location, you may have certain rights regarding your personal information:

Access. You have the right to request a copy of the personal information we hold about you.

Correction. You have the right to request that we correct inaccurate personal information.

Deletion. You have the right to request deletion of your personal information, subject to certain exceptions (such as our obligation to retain records for legal compliance purposes).

Portability. You have the right to receive your personal information in a structured, machine-readable format.

California Residents (CCPA). California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising privacy rights.

EU/UK Residents (GDPR). If you are located in the European Union or United Kingdom, you have rights under the General Data Protection Regulation or UK GDPR, including the right to object to processing and the right to lodge a complaint with your local supervisory authority.

To exercise any of these rights, contact us at privacy@dispute2go.com. We will respond to verified requests within 30 days.

We retain personal information for as long as your account is active or as needed to provide the Service. Account data is retained for 90 days following account closure before deletion. Credit report data follows the retention schedule described in the Credit Report Data section above.

Certain data may be retained longer where required by law, for fraud prevention purposes, or to resolve outstanding disputes.

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@dispute2go.com.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy with a new effective date and, where appropriate, by sending an email notification. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

For privacy-related inquiries, data access requests, or to report a concern, contact us at:

IPA LLC / Dispute2Go
Email: privacy@dispute2go.com

See also our Terms of Service and CROA Disclosure.