Privacy Policy

Static Labs Group LLC operates the website debtdetective.io. This Privacy Policy explains how we collect, use, and protect your information when you use our service, including our debt negotiation tools and our subscription model via Stripe.

1. Information We Collect

  • Account Data: When you sign up, we collect your name and email address to manage your account and provide service updates.
  • Credit Report Data: When you upload a credit report PDF, our engine parses the file to identify debtors. This data is considered highly sensitive and is subject to the encryption standards detailed in Section 2.
  • Payment Data: Payments are processed by Stripe. We do not store your credit card numbers on our servers. Stripe provides us with tokenized information and billing details to prevent fraud.

2. Security & Encryption Details

We prioritize the security of your Personally Identifiable Information (PII). We employ a "Zero-Knowledge" architecture for sensitive data using the following standards via the CryptoJS library:

  • AES-256: All PII and credit-related data are encrypted using the Advanced Encryption Standard with 256-bit keys.
  • Key Derivation (PBKDF2): Your master encryption key is derived using the Password-Based Key Derivation Function 2 with 10,000 iterations.
  • User-Specific Salt: We utilize a unique, user-specific salt during the derivation process to ensure maximum entropy and protection against rainbow table attacks.

3. Google API Disclosure

DebtDetective allows users to export generated settlement offers and dispute letters directly to Google Docs. To provide this service, we use the auth/drive.file scope. Our app only accesses, creates, or edits the specific files created by the DebtDetective application. We do not access your other Google Drive files, and we do not share your Google user data with third parties.

4. How We Use Your Information

  • To identify your debtors and calculate potential settlement discounts.
  • To manage your subscription and process payments via Stripe.
  • To comply with legal obligations, such as tax reporting for our Florida-based LLC.

5. Information Sharing

We do not sell your personal data. We share information only with:

  • Service Providers: Specifically Stripe (payments) and our secure cloud hosting provider.
  • Legal Requirements: If required by law or to protect our legal rights as a Florida-based LLC.

6. Your Rights

You have the right to access, export, or permanently delete your personal data from our servers. Because of our encryption methods, if you lose your password and do not have your recovery keys, we may be unable to recover your encrypted data. You can contact us at any time to request account deletion.

7. Children's Privacy

Our services are intended for adults 18 years of age or older. We do not knowingly collect data from children.