mh.

Privacy Policy

Last updated: March 29, 2026

MRRHarbor ("we," "our," or "us") operates the MRRHarbor platform, a subscription payment recovery service accessible at mrrharbor.com(the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our Service. Please read this Privacy Policy carefully. By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

1. Information We Collect

1.1 Account Information

When you register for an account, we collect information you provide directly to us, including your name, email address, company name, and any other information you choose to provide during registration or while using the Service.

1.2 Payment and Billing Information

We use Stripe as our payment processor. When you subscribe to our Service, your payment card details are collected and processed directly by Stripe. We do not store your full credit card numbers on our servers. We may receive and store limited payment information from Stripe, such as the last four digits of your card number, card type, expiration date, and billing address, for the purpose of managing your account and displaying transaction history.

1.3 Stripe Account Data

To provide the Service, you authorize us to connect to your Stripe account via the Stripe API. Through this connection, we access data related to your customers' failed payments, subscription statuses, invoice data, and related billing information. This data is used solely to facilitate payment recovery on your behalf. We act as a data processor with respect to your end customers' data and process it only as necessary to deliver the Service.

1.4 Usage Data

We automatically collect certain information when you access or use the Service, including your IP address, browser type and version, operating system, referring URLs, pages viewed, time spent on pages, click data, and other diagnostic and usage data. This information helps us understand how our Service is used and improve its performance.

1.5 Cookies and Tracking Technologies

We use cookies and similar tracking technologies (such as web beacons and pixels) to track activity on our Service and hold certain information. Cookies are files with a small amount of data sent to your browser from a website and stored on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, some portions of the Service may not function properly.

1.6 Communications

If you contact us directly, we may receive additional information about you, such as the contents of the message and any attachments you send us, and any other information you choose to provide.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, maintain, and improve the Service
  • To process failed payment recovery on your behalf, including sending dunning emails to your customers through integrated email services
  • To manage your account, including processing subscription payments for the Service itself
  • To communicate with you about your account, updates, security alerts, and support messages
  • To monitor and analyze usage patterns and trends to improve user experience
  • To detect, prevent, and address technical issues, fraud, or security breaches
  • To comply with legal obligations and enforce our Terms of Service
  • To send you marketing communications, where permitted by law, which you can opt out of at any time

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following circumstances:

3.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including Stripe (payment processing and API integration), email delivery services, hosting providers, and analytics providers. These service providers are contractually obligated to use your information only as necessary to provide services to us and are required to maintain the confidentiality of your information.

3.2 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with a legal obligation, court order, or legal process; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing in connection with the Service; (d) protect the personal safety of users of the Service or the public; or (e) protect against legal liability.

3.3 Business Transfers

If we are involved in a merger, acquisition, asset sale, bankruptcy, or reorganization, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Service of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

3.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. We will also retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. Usage data is generally retained for a shorter period, except when it is used to strengthen security, improve functionality, or when we are legally obligated to retain it for longer periods.

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain certain information by law or for legitimate business purposes such as fraud prevention.

5. Data Security

We implement appropriate technical and organizational security measures designed to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include, but are not limited to, encryption of data in transit (TLS/SSL) and at rest, access controls, regular security assessments, and secure coding practices. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your account credentials and for any activity that occurs under your account.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access: You may request a copy of the personal information we hold about you.
  • Correction: You may request that we correct any inaccurate or incomplete personal information.
  • Deletion: You may request that we delete your personal information, subject to certain legal exceptions.
  • Data Portability: You may request a copy of your data in a structured, commonly used, and machine-readable format.
  • Opt-Out: You may opt out of receiving marketing communications from us at any time by following the unsubscribe instructions in those communications or by contacting us directly.
  • Restrict Processing: You may request that we restrict the processing of your personal information under certain conditions.
  • Withdraw Consent: Where we rely on your consent to process your personal information, you may withdraw that consent at any time.

To exercise any of these rights, please contact us at the email address provided below. We will respond to your request within 30 days, or within the time period required by applicable law.

7. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

8. Third-Party Services

Our Service integrates with and relies upon third-party services, most notably Stripe, for payment processing and subscription management. These third-party services have their own privacy policies and terms of service. We encourage you to review the privacy policies of any third-party services you interact with through our Service. We are not responsible for the privacy practices of third-party services. In particular, your use of Stripe is governed by Stripe's privacy policy and terms of service, available at stripe.com.

9. Children's Privacy

Our Service is not directed to individuals under the age of 13 (or such higher age as required by applicable law). We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under the age of 13 without verification of parental consent, we will take steps to delete that information. If you believe we may have collected information from a child under 13, please contact us immediately.

10. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. Because there is no uniform standard for how DNT signals should be interpreted, our Service does not currently respond to DNT browser signals or mechanisms.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top. For material changes, we will provide additional notice, such as an email notification or a prominent notice within the Service. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of such changes.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

MRRHarbor
Email: support@mrrharbor.com