Skip to main content
Airdun requests only the Stripe permissions required to detect failures and execute retries. It does not touch or store raw card data, and every workspace is isolated. This page documents how data is accessed, protected, and controlled.

Stripe access and recovery scope

Airdun connects to Stripe through a scoped OAuth integration with two distinct access levels:
  • Audit phase — read-only access to your Stripe account. Airdun reads payment history, subscription data, and failure reasons to build your recovery plan. It cannot modify anything in your account at this stage.
  • Recovery phase — actions are strictly limited to payment retries. Airdun cannot create charges, issue refunds, modify subscription plans, or access any other part of your Stripe account.
You can revoke Airdun’s Stripe access at any time directly from your Stripe Dashboard → Settings → Connect → Connected applications — no need to contact Airdun support. Revoking access immediately stops all recovery actions.

Card data Airdun never stores

Airdun is not a card vault, and it is not designed to be one. The following data never leaves Stripe’s systems:
  • Full card numbers (PANs)
  • CVCs / CVVs
  • Full bank account numbers
All payment method data lives exclusively within Stripe. Airdun works with tokenised references and metadata only.

Workspace isolation

Every Airdun account operates in a logically isolated workspace. Your payment data, customer records, and recovery activity are partitioned at the data layer — no other merchant can query, view, or interact with your workspace. Airdun employees access production data only under strict internal controls and for support purposes only.

Role-based permissions

You control who on your team can do what inside Airdun. Invite team members from Settings → Team and assign the appropriate role. Roles can be changed or revoked at any time.

Encryption

  • In transit — all data between your browser, Airdun’s services, and third-party providers is encrypted using TLS 1.2 or higher.
  • At rest — all stored data is encrypted at the infrastructure level.
  • Credentials — sensitive credentials (such as integration tokens) receive an additional layer of application-level encryption on top of the infrastructure-level encryption.

Authentication

Airdun does not store your password. Authentication is fully delegated to a dedicated identity provider, which handles credential storage, hashing, and breach detection independently of Airdun’s own systems. You can also enable multi-factor authentication (MFA) from your identity provider account settings.

Infrastructure

Airdun is hosted entirely on Google Cloud Platform in the EU (Paris region, europe-west9). No data is processed or stored outside the European Union except where explicitly described in the Privacy Policy for specific third-party processors that operate under Standard Contractual Clauses.

Privacy Policy

Full details on what data Airdun processes, how long it is retained, and your rights as a data subject.

Stripe App Marketplace

Review Airdun’s integration listing and permission scope on the official Stripe App Marketplace.