Skip to main content
Airdun uses a read-only connection to your Stripe account for analysis, and a single scoped write permission for executing payment retries. It does not read full card numbers or bank details, does not share your customer data with other merchants, and does not use it for any purpose other than running your recovery sequences. Access can be revoked at any time from your Stripe dashboard.
Airdun requests the minimum Stripe permissions necessary to identify failed payments and run recovery. Specifically, it reads:
  • Payment intents and charges — to detect failures and understand the reason codes
  • Customer records — to identify the customer, their history, and their locale for message personalization
  • Subscriptions and invoices — to understand the context of the failure and include the correct invoice in recovery messages
  • Payment method metadata — card type, expiry status, and last four digits (never the full card number or CVC)
The only write action Airdun is permitted to take is retrying a payment through Stripe’s API. It cannot modify subscription plans, issue refunds, update pricing, or make any other changes to your Stripe account.
No. Airdun never stores, logs, or processes full card numbers, CVCs, or complete bank account details.Card data lives exclusively in Stripe’s PCI-compliant vault. Airdun works with tokenized references and metadata (such as card brand, expiry month/year, and last four digits) — the same information visible in your Stripe dashboard. No raw payment credentials pass through or are stored in Airdun’s systems.
Yes, at any time and without contacting Airdun support. You can revoke access directly from your Stripe dashboard under Settings → Connected apps. Removing Airdun’s OAuth connection immediately ends all Stripe API access.If you cancel your Airdun account, access is also revoked automatically as part of the offboarding process. Any active recovery sequences will wind down; no further retries or messages will be sent after access is removed.
No. Your customer data is processed solely to run recovery sequences for your account. It is never shared with, sold to, or made accessible to other Airdun merchants in any form.Airdun’s communal learning model improves the algorithm using aggregated, anonymized signals — not raw customer records. No identifiable data from your customers is used in any cross-merchant context.
Airdun hosts all customer data on Google Cloud infrastructure in the Paris region (europe-west9), within the European Union.This means your data and your customers’ data remains within EU jurisdiction and is subject to GDPR-compliant data handling practices throughout its lifecycle. Data is encrypted at rest and in transit.
No. Your data and your customers’ data is used for one purpose only: running and improving your payment recovery sequences. Airdun does not use any data it processes for advertising, profiling, or any commercial purpose unrelated to recovery.This applies to both your business data and your customers’ personal data. We do not sell data to third parties or use it to target ads on any platform.
All customer data processed by Airdun is hosted on Google Cloud in the Paris, EU region. If you have specific data residency requirements or need a Data Processing Agreement (DPA) for GDPR compliance, contact your account team or refer to our Privacy Policy.
For the full details of how Airdun collects, processes, and protects data, see the Privacy Policy.