MRRX
Sign inStart free trial
Legal

Privacy Policy

Your privacy is important to us. This policy explains how MRRX collects, uses, and protects your information.

Last updated: January 24, 2026

Introduction

MRRX (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our subscription retention platform and related services (collectively, the “Services”).

By accessing or using our Services, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not access the Services.

Information We Collect

Information You Provide

  • Account Information: When you create an account, we collect your name, email address, company name, and password.
  • Payment Information: We use Stripe to process payments. We do not store your complete credit card information on our servers.
  • Integration Data: When you connect your Stripe account via OAuth, we receive access tokens to manage subscriptions on your behalf.
  • Communications: When you contact us, we collect the information you provide in your messages.

Information We Collect Automatically

  • Usage Data: We collect information about how you interact with our Services, including pages visited, features used, and actions taken.
  • Device Information: We collect information about your device, including IP address, browser type, operating system, and device identifiers.
  • Log Data: Our servers automatically record information when you access our Services, including access times and referring URLs.

Information from Third Parties

  • Stripe: We receive subscription and customer data from your connected Stripe account to provide our Services.
  • Authentication Providers: If you sign in using a third-party service, we receive basic profile information from that service.

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Services
  • Process transactions and send related information
  • Send technical notices, updates, security alerts, and administrative messages
  • Respond to your comments, questions, and customer service requests
  • Analyze usage patterns to improve user experience and develop new features
  • Detect, prevent, and address technical issues, fraud, and abuse
  • Comply with legal obligations and enforce our agreements

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

Service Providers

We share information with third-party vendors who perform services on our behalf, including:

  • Stripe: Payment processing and subscription management
  • Clerk: Authentication and identity management
  • Neon: Database hosting
  • Vercel: Application hosting
  • Resend: Email delivery
  • PostHog: Product analytics
  • Sentry: Error tracking

Legal Requirements

We may disclose information if required by law, regulation, or legal process, or if we believe disclosure is necessary to protect the rights, property, or safety of MRRX, our users, or others.

Business Transfers

In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

Data Retention

We retain your information for as long as your account is active or as needed to provide you Services. We also retain and use your information as necessary to:

  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements
  • Maintain business records

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or legitimate business purposes.

Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data in transit is encrypted using TLS 1.3. Sensitive data at rest is encrypted using AES-256-GCM.
  • Access Controls: We implement strict access controls and use the principle of least privilege.
  • Infrastructure: Our services are hosted on SOC 2 compliant infrastructure.
  • Monitoring: We continuously monitor for security threats and vulnerabilities.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Your Rights

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability

You can request a copy of your personal information in a structured, machine-readable format.

Correction

You can update or correct inaccurate personal information through your account settings or by contacting us.

Deletion

You can request deletion of your personal information, subject to certain exceptions required by law.

Opt-Out

You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or updating your notification preferences.

GDPR Rights (EEA Residents)

If you are in the European Economic Area, you have additional rights including the right to object to processing, restrict processing, and withdraw consent.

CCPA Rights (California Residents)

California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information (though we do not sell personal information).

Cookies and Tracking

We use cookies and similar technologies to:

  • Keep you signed in to your account
  • Remember your preferences
  • Understand how you use our Services
  • Improve our Services

Types of Cookies

  • Essential Cookies: Required for the Services to function properly.
  • Analytics Cookies: Help us understand how users interact with our Services.
  • Preference Cookies: Remember your settings and preferences.

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our Services.

Third-Party Services

Our Services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing them with your information.

When you connect your Stripe account, you authorize us to access certain data from your Stripe account in accordance with Stripe's privacy policy and terms of service.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer data internationally, we implement appropriate safeguards such as Standard Contractual Clauses to ensure your information is protected.

Children's Privacy

Our Services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Services after changes are posted constitutes your acceptance of the revised policy.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

For GDPR-related inquiries, you may also contact our Data Protection Officer at support@mrrx.app.

← Terms of ServiceSecurity →