NEW · 2026Get the 2026 playbook.Read here
DebtOps

Privacy Policy

Last updated June 2026.

Draft template. This is a starting template, not legal advice. Review and adapt with qualified counsel before publishing.

This Privacy Policy explains how DebtOps ("DebtOps," "we," "us") collects, uses, discloses, and safeguards information when you use our website and our accounts-receivable recovery platform (the "Service"). By using the Service you agree to the practices described here.

1. Information we collect

  • Account information you provide, such as your name, business name, work email, and role.
  • Receivables and contact data you connect or upload, including invoices, amounts, due dates, and the contact details of the customers you ask us to recover from.
  • Integration data from accounting software you connect (for example Xero or QuickBooks), limited to what is needed to identify and work overdue invoices.
  • Communications and recovery records, including messages, call records, and outcomes generated while working an account.
  • Usage and device data, such as log data, IP address, browser type, and cookie identifiers.

2. How we use information

  • To provide, operate, and improve the Service, including running recovery cadences on your behalf.
  • To communicate with you about your account, support, and Service updates.
  • To maintain security, prevent fraud and abuse, and meet legal and regulatory obligations.
  • To produce aggregated, de-identified analytics that do not identify any individual.

3. How we share information

We do not sell personal information. We share information only as needed to run the Service:

  • Service providers / subprocessors that host infrastructure, send communications, or process payments under contract.
  • Your connected integrations, at your direction.
  • Legal and safety disclosures where required by law or to protect rights, property, or safety.
  • Business transfers in connection with a merger, acquisition, or sale of assets, subject to this Policy.

4. Data retention

We retain information for as long as needed to provide the Service and to meet legal, accounting, and reporting requirements, after which it is deleted or de-identified.

5. Security

We use administrative, technical, and physical safeguards designed to protect information, including encryption in transit and at rest and role-based access controls. No method of transmission or storage is completely secure. See our security overview.

6. Your rights

Depending on your location, you may have rights to access, correct, delete, or port your personal information, and to object to or restrict certain processing. To exercise these rights, contact us using the details below. Where we process data on behalf of a customer, we will refer requests to that customer as the controller.

7. International transfers

We may process information in the United States, New Zealand, and other countries. Where required, we use appropriate safeguards for cross-border transfers.

8. Children

The Service is intended for businesses and is not directed to children under 16.

9. Changes to this Policy

We may update this Policy from time to time. Material changes will be posted here with an updated effective date.

10. Contact

Questions about this Policy or your data can be sent to [email protected].