Last updated April 24, 2026

Privacy Policy

We built this as a small, focused product. We collect what we need to run the business and nothing else. This page explains exactly what that means.

1) What We Collect

Depending on how you interact with the site, we may hold:

  • Your email address — if you submit a lead form, complete a purchase, or upload a credit report for an audit. Used to deliver what you paid for and send transactional updates.
  • Your name — collected by Stripe at checkout. We receive it as part of the order record.
  • Purchase metadata — which product you bought, when, and the Stripe session ID. Used to verify access and process support requests.
  • Your credit report file — only if you purchase a Credit Audit and choose to upload one. See Section 5 for how that's handled.

We do not collect passwords, Social Security numbers, bank account numbers, or credit card details. Payment data lives entirely with Stripe.

2) How We Use It

  • To verify your payment and deliver course access or audit results
  • To send you transactional emails — order confirmation, audit status updates, delivery notification
  • To respond to support requests
  • To measure whether our TikTok ads are bringing in real customers

We do not sell your data. We do not rent it. We do not use it for anything beyond operating this business.

3) Payment Processing

When you enter card details at checkout, that data goes directly to our payment processor — we never see your card number, CVV, or expiry date. We receive only what's needed to fulfill your order: your name, email, and a transaction reference. That's it.

4) Who Sees Your Data

Your email address is used in two ways we want to be upfront about:

  • Transactional emails — if you purchase, we send order and delivery updates. These come from hello@creditprotocol.blog via Resend, a transactional email service. They receive your address to deliver on our behalf and nothing else.
  • Lead list — if you submit your email through a form on our site without purchasing, it's stored in a private list we use only to notify you about this product. No spam, no selling to advertisers, no third-party access.

We do not work with data brokers, marketing platforms, or any advertising networks that receive your personal information. The TikTok Pixel tracks page events only — it does not receive your name or email.

5) Credit Report Files (Audit Customers)

If you purchase a Credit Audit, you'll upload your credit report through our secure upload flow. Here's exactly what happens to that file:

  • It's stored in a private, access-controlled Supabase storage bucket — not publicly accessible
  • Before analyst review, personal identifiers (SSN, address, date of birth) are removed from the working copy
  • Only the person running your audit sees the file; it is not shared with any third party
  • Files are retained for the duration of your audit engagement and may be deleted upon request after delivery

Your credit report is used for one purpose: building your action plan. Nothing else.

6) Advertising Pixels

We run TikTok ads. To know whether they're working, we use the TikTok Pixel — a small piece of JavaScript that fires on key pages (home, audit page, checkout complete). It tells TikTok that someone visited or converted, which helps us optimize spend. It does not send your name, email, or payment details to TikTok. You can opt out via TikTok's privacy settings or a browser-level ad blocker.

7) Your Rights

You can ask us to: show you what data we hold on you, correct anything inaccurate, or delete your information. Email us with your request and we'll respond within 14 days. Deletion requests are honored except where we're required to keep records for tax or fraud prevention purposes.

8) Contact

Privacy questions or data requests: hello@creditprotocol.blog