Privacy policy.

representments.com is operated by Andamento Advisors LLC, a Delaware limited liability company. We provide chargeback rebuttal letter services to merchants. This policy explains what personal and business data we collect when you use the service, how we use it, and how long we keep it.

You can reach us about anything in this policy at hello@representments.com.

Account information. Business name, business email address, payment processor name, and any context you give us at signup or in support correspondence.

Forwarded chargeback notifications. When you forward a dispute notification to your dedicated address, we receive the email body and any attachments. These typically contain the dispute amount, transaction date, reason code, the last four digits of the card, the dispute deadline, the issuing bank identification number (the first six to eight digits of the card, used to identify the issuing bank, never the full card number), and the cardholder claim narrative.

Generated letters and case metadata. The .docx letter we draft for you, plus the metadata of the case (reason code, issuer, business type, outcome if you report it).

Operational logs. Email delivery logs, webhook traces, error logs, IP address at signup, and timestamps. Used for debugging and abuse prevention.

Attribution data. When you arrive at the site, a first-party cookie records the campaign parameters in your URL (utm_source, utm_medium, utm_campaign, utm_content, utm_term), the referring page if any, and the page you landed on. We use this to understand which channels reach merchants who become customers. The cookie is HttpOnly, expires in 30 days, and is never shared with third-party advertising or analytics platforms. If you sign up, we snapshot the values into your merchant record so we keep the attribution context after the cookie expires.

Billing data. Stripe is our payment processor. We do not store full card numbers, CVVs, or bank account numbers. Stripe holds that data under its own privacy policy and PCI DSS compliance.

We never store full primary account numbers (PANs), CVV codes, bank account numbers, or cardholder Social Security numbers. If a forwarded notification contains an apparent full card number, our intake quarantines and rejects it before storage. This keeps the service outside PCI DSS scope.

We do not knowingly collect data from anyone under 18. The service is for businesses, not consumers, and is not directed to children.

To draft your rebuttal letters and run the service.

To improve the drafting logic that powers letter generation. We anonymize case metadata (reason code, issuer, outcome) and aggregate it across customers; we do not share identifiable customer data with anyone.

To send you transactional emails (welcome, letter delivery, outcome reminders, quarterly reports, billing notices). We do not send marketing emails.

To detect and prevent abuse of the free-first-letter offer and of the subscription tier caps.

To comply with law, respond to lawful requests, and establish, exercise, or defend legal claims.

We do not sell your data, and we do not share it with advertisers. We use a small set of trusted service providers to run the service, for example to host the application, send transactional email, and process payments. Each handles data only to provide its function to us and is bound by its own contractual and security obligations.

We may also disclose data when required by law, to enforce our agreements, or in connection with a merger, acquisition, or sale of assets, in which case we will require the recipient to honor this policy.

• Forwarded chargeback notifications: 30 days
• Generated letters: 90 days
• Identifiable case metadata: 12 months, then anonymized
• Customer profile: while your subscription is active, plus 30 days
• Anonymized outcome data: indefinitely
• Email and webhook logs: 30 days
• Stripe billing records: per Stripe's policy

You can ask us to access, correct, or delete the personal data we hold about you. Email hello@representments.com with the request. We respond within 30 days.

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you the right to know what personal information we collect, to request deletion, to request correction, and to be free from discrimination for exercising these rights. We do not sell personal information and we do not share it for cross-context behavioral advertising, so we have no "Do Not Sell or Share My Personal Information" obligation.

Data is encrypted in transit (TLS) and at rest. Secrets are stored in the encrypted environment-variable store of our hosting provider. Accounts that can view the internal dashboards of the service use two-factor authentication. We do not handle PCI-scoped cardholder data.

The website uses only the minimum cookies required to serve the pages and remember your session, plus the first-party attribution cookie described above. We do not run third-party analytics or advertising trackers.

When we make a material change, we will email active customers and update the effective date at the top of this page. The current version always lives at this URL.

Questions or requests about this policy: hello@representments.com.