CREDITMAGNA
Sign inGet started
Legal

Privacy Policy

Last updated · February 2026

This Privacy Policy describes how CreditMagna ("we", "us") collects, uses, and protects personal information you provide when using our Service. Because we process sensitive financial data — including consumer credit reports — we take privacy and security seriously and comply with applicable U.S. federal and state laws, including the Gramm-Leach-Bliley Act and the California Consumer Privacy Act ("CCPA"), where applicable.

1. Information We Collect

  • Account data: email address, hashed password, account creation date.
  • Payment data: handled and stored exclusively by Stripe; we never see or store full card numbers.
  • Credit-report data: the PDF you upload and AI-extracted negative items, balances, and bureau metadata.
  • Generated documents: dispute letters and packets generated by the Service for your account.
  • Operational data: IP address, browser type, log timestamps, and error logs needed to operate the Service.

2. How We Use Your Information

  • To analyze your uploaded credit report using AI (Anthropic Claude Sonnet 4.5).
  • To generate FCRA/FDCPA-compliant dispute documents on your behalf.
  • To process the $97 one-time payment via Stripe.
  • To maintain account security and prevent fraud.
  • To respond to your support requests.

3. We Do Not Sell Your Data

CreditMagna does not sell, rent, or share your personal information with marketers, data brokers, or any third party for advertising purposes. We do not use your uploaded credit report to train any AI model.

4. Service Providers (Sub-Processors)

We share the minimum data necessary with the following sub-processors:

  • Anthropic / Claude API — AI extraction & letter generation (no data retained for training).
  • Stripe — payment processing (PCI-DSS compliant).
  • MongoDB Atlas — encrypted database storage.
  • Emergent Object Storage — encrypted document storage for generated PDFs.

5. Data Security

We use industry-standard encryption in transit (TLS 1.2+) and at rest. Passwords are hashed using bcrypt. Access to production data is restricted to a limited number of operational personnel via least-privilege controls.

6. Data Retention

We retain your account, credit-report uploads, and generated documents for as long as your account is active. You may request deletion at any time by contacting support — we will permanently delete your data within 30 days, except where retention is required by law (e.g., tax records).

7. Your Rights (CCPA / State Privacy Laws)

Depending on your state of residence, you may have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your data.
  • Opt out of any sale of personal information (we do not sell).

To exercise these rights, email privacy@creditmagna.live.

8. Children's Privacy

The Service is not directed to anyone under the age of 18. We do not knowingly collect personal information from minors.

9. Cookies

We use only essential cookies and local storage required to authenticate your session. We do not use third-party advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision.

11. Contact

Questions about this Privacy Policy can be sent to privacy@creditmagna.live.

Made with Emergent