Failment

Privacy Policy

Last updated: 07.09.2025

Trick Consulting LLC (trading as Failment) ("Failment," "we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share personal information when you use our services, website, and applications.

This Privacy Policy forms part of our Terms of Service and should be read together with our Data Processing Agreement and Security & Compliance Statement.

1. Information We Collect

When you use Failment, we collect the following categories of information:

a) Customer Account Data

  • Name and contact information (email, company name)
  • Login credentials
  • Billing and subscription information (processed by Stripe)

b) Payment-Related Data (via Stripe)

Using restricted Stripe API keys, Failment has read-only access to:

  • Charges and transactions (up to 5,000, with safety cap)
  • Payment statuses (succeeded, failed, pending)
  • Payment amounts and currencies
  • Failure reasons and error codes
  • Customer email addresses
  • Timestamps (created, updated)
  • Payment intent IDs and invoice IDs
  • Additional read-only data: customer profiles, subscription info, checkout sessions
  • Webhook management (write access for notifications only)

Important: Failment does not store or process full card details or other sensitive payment instrument data. All payments are securely processed by Stripe.

c) Service Usage Data

  • Log data (IP address, browser type, device info)
  • Actions taken in the Failment dashboard (alerts, notifications, recoveries)

2. How We Use Information

We use the information collected to:

  • Provide failed payment alerts and push notifications
  • Deliver real-time visibility in the Failment dashboard
  • Enable recovery of failed payments through email links to checkout
  • Improve and secure our services
  • Comply with legal and regulatory requirements

3. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Contractual necessity – to provide our services
  • Legitimate interest – to improve services and prevent fraud
  • Legal obligations – where required under law
  • Consent – where applicable (e.g., marketing communications)

4. Data Retention

  • Event and payment-related data: retained for 450 days
  • All data is securely deleted immediately upon service termination or customer request

5. Data Security

We apply strict security measures as outlined in our Security & Compliance Statement, including:

  • TLS/HTTPS encrypted traffic
  • AES-256 encryption at rest
  • Hosting on AWS Amplify and storage/processing in AWS RDS
  • Internal penetration testing

6. Sharing of Data

We do not sell personal data. Data is shared only with:

  • Stripe (payment processor)
  • Amazon Web Services (AWS) (hosting and storage provider)
  • Other subprocessors listed in our DPA, if applicable

7. International Data Transfers

If personal data is transferred outside your region, we ensure appropriate safeguards, including Standard Contractual Clauses (SCCs) where applicable.

8. Data Subject Rights

Depending on your jurisdiction (e.g., GDPR, CCPA), you have rights to:

  • Access and receive a copy of your data
  • Request correction or deletion
  • Restrict or object to processing
  • Data portability

To exercise these rights, contact us at support@failment.com.

9. Data Processing Agreement (DPA)

Failment acts as a data processor on behalf of customers. Our Data Processing Agreement forms part of our Terms of Service and describes our processing obligations in more detail. A signed copy is available upon request.

10. Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on our website with an updated "Last Updated" date.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Trick Consulting LLC (trading as Failment)

Email: support@failment.com