LeanPivot Payments
Log inStart free

LEGAL

Privacy Policy

Effective date: May 6, 2026

This Privacy Policy describes how LeanPivot Solutions, LLC (“LeanPivot Payments,” “we,” “us,” or “our”) collects, uses, shares, and protects information in connection with the LeanPivot Payments platform (“Platform”), a Stripe Connect marketplace for independent founders and LeanPivot.ai subscribers. By using the Platform, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account or interact with the Platform, we may collect:

  • Account information: your full name, email address, and password.
  • Profile information: your onboarding status and account preferences.

1.2 Information Collected by Stripe

When you connect your Stripe account through our Platform, Stripe independently collects information necessary to verify your identity and facilitate payments. This may include:

  • Social Security Number (SSN) or Tax Identification Number (TIN)
  • Date of birth
  • Physical address
  • Bank account details
  • Government-issued identification documents
  • Payment card numbers

Sensitive verification and payment credentials — including payment card numbers, Social Security Numbers, bank account numbers, and government-issued ID documents — are collected and stored by Stripe through Stripe-hosted onboarding and checkout flows, not by LeanPivot Payments. This information is collected and processed solely by Stripe in accordance with Stripe's Privacy Policy.

1.3 Information Collected Automatically

When you use the Platform, we automatically collect:

  • Authentication tokens: JSON Web Tokens (JWT) used for session management.
  • Audit logs: records of key actions performed on your account for security and compliance purposes.
  • Server logs: IP addresses, request timestamps, and user-agent strings for operational monitoring.

We do not use any third-party analytics services, tracking pixels, or advertising cookies. We do not deploy Google Analytics, Facebook Pixel, or similar third-party tracking technologies.

2. How We Use Your Information

We use the information we collect to:

  • Create, maintain, and authenticate your account.
  • Facilitate payment processing through Stripe Connect.
  • Monitor and track onboarding status for your Stripe Connected Account.
  • Communicate with you about your account, transactions, and Platform updates.
  • Detect, prevent, and investigate fraud, security incidents, and unauthorized activity.
  • Maintain audit logs for compliance and dispute resolution.
  • Comply with legal and regulatory obligations.
3. Information Sharing

We do not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

  • Stripe: We share your Stripe account identifier (stripe_account_id) and onboarding status with Stripe to facilitate payment processing through Stripe Connect. Stripe processes this information in accordance with its own privacy policy.
  • Legal requirements: We may disclose your information if required to do so by law, regulation, subpoena, court order, or other governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • LeanPivot.ai: If you use the same email on both platforms, LeanPivot.ai (also operated by LeanPivot Solutions, LLC) may share your subscription status with LeanPivot Payments to apply subscriber pricing benefits. Only your email address and active/inactive subscription status are shared — no billing details, payment history, or personal data beyond what is described in Section 7.2 below.
  • Business transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.
4. Data Security

We implement industry-standard security measures to protect your personal information:

  • Encryption at rest: Sensitive personal data, including email addresses and full names, is encrypted at rest using AES-256 encryption.
  • Blind indexing: Email lookups are performed using HMAC-based blind indexes, ensuring that plaintext email addresses are never stored in searchable form.
  • Password protection: Passwords are cryptographically hashed using bcrypt and are never stored in plaintext. We cannot retrieve your password; you may only reset it.
  • API key security: API keys are stored as one-way SHA-256 hashes and cannot be recovered after initial generation.
  • Session management: Authentication sessions use signed JWT tokens with a 7-day expiry for standard users and an 8-hour expiry for administrative accounts.
  • Payment security: All payment processing is handled by Stripe through Stripe-hosted checkout flows. LeanPivot Payments does not collect or store payment card numbers or bank account details.

While we take reasonable precautions to protect your data, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. Specifically:

  • Account data: Retained for the duration of your account and for a reasonable period after account closure to comply with legal obligations, resolve disputes, and enforce our agreements.
  • Audit logs: Retained in accordance with applicable regulatory requirements and our internal compliance policies.
  • Server logs: Retained for operational and security monitoring purposes and deleted on a rolling basis.
6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete personal information.
  • Deletion: Request that we delete your personal information, subject to certain legal exceptions (such as regulatory retention requirements).
  • Data portability: Request a machine-readable copy of your data where technically feasible.
  • Withdraw consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise any of these rights, please contact us at support@leanpivotpayments.com. We will respond to your request within 30 days. Please note that deletion of your LeanPivot Payments account does not automatically close your Stripe account; you must contact Stripe separately to manage data held by Stripe.

7. Stripe Connect & Third-Party Services

LeanPivot Payments operates as a Stripe Connect marketplace platform. When you use the Platform, you interact with both LeanPivot Payments and Stripe:

  • Stripe Connect: Stripe acts as the payment processor for all transactions on the Platform. When you create a Stripe account, you establish a direct relationship with Stripe and agree to Stripe's Connected Account Agreement and Privacy Policy.
  • Stripe-hosted onboarding: Identity verification and financial account setup are performed directly on Stripe-hosted pages. LeanPivot Payments does not have access to the sensitive information you provide to Stripe during onboarding.
  • Transaction Data: Because your brand appears on customer statements, the primary merchant relationship for individual transactions is between you and Stripe. We monitor transaction metadata (e.g., charge status, dispute status, and refund history) solely for the purpose of platform security, fee collection, and preventing fraudulent use of the marketplace.

We encourage you to review Stripe's privacy policy to understand how they collect, use, and protect your information.

7.2 LeanPivot.ai Data Sharing

If you use the same email address on both LeanPivot Payments and LeanPivot.ai (our sister platform for AI-powered founder tools), we may receive the following information from LeanPivot.ai:

  • Your email address: Used to match your LeanPivot.ai account to your LeanPivot Payments account via a secure one-way hash (HMAC). Your email is not stored in plaintext during this process.
  • Your subscription status: Whether you have an active LeanPivot.ai subscription (true/false). We do not receive your payment details, billing history, or subscription tier name from LeanPivot.ai.

This data is used solely to:

  • Apply the lower transaction fee rate (3.9% + 30¢) for LeanPivot.ai subscribers
  • Waive the $2.50 monthly minimum activity fee for subscribers
  • Enable instant payouts for subscribers

This synchronization happens automatically when your LeanPivot.ai subscription status changes and periodically to ensure accuracy. The data transfer is secured by API key authentication and encrypted in transit (TLS). You can opt out of this data sharing by using a different email address on each platform, or by contacting support@leanpivotpayments.com.

8. Children's Privacy

The Platform is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe a child under 18 has provided us with personal information, please contact us at support@leanpivotpayments.com.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the “Effective Date” at the top of this page and, where required by law, notify you by email or through the Platform. Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

10. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

LeanPivot Solutions, LLC
2423 SW 147th Ave #2197, Miami, FL 33185

Email: support@leanpivotpayments.com

We will acknowledge your inquiry within 5 business days and aim to resolve any privacy-related concerns within 30 days.