Security
What ChurnNote can and cannot access.
ChurnNote is a small founder-run tool. Here is exactly what we do and do not touch when you connect Stripe or Lemon Squeezy. No legalese, no compliance theater.
What ChurnNote reads
- Read subscription and customer events needed to detect cancellations and failed payments
- Read customer email and basic billing metadata so we can send the founder-style email
- Use a restricted/read-only key when your billing platform supports it
What ChurnNote will never do
- ChurnNote never sees card numbers or payment method details
- ChurnNote does not move money
- ChurnNote does not change your prices, plans, or billing settings
- ChurnNote does not create, refund, or modify charges
- You can revoke access from Stripe or Lemon Squeezy at any time
The one thing ChurnNote can write
Stripe supports restricted, read-only keys and we recommend using one. Lemon Squeezy keys are not scoped, so ChurnNote holds a standard key but only ever reads your billing events, with one exception you turn on yourself. If you enable Smart Cancel Flow, ChurnNote can cancel a subscription at the end of its paid period, and only when a customer clicks cancel at your cancel screen. That is the same action the customer was already taking. ChurnNote never cancels, refunds, or charges anyone on its own.
Storage and access
ChurnNote stores the billing data needed to render your dashboard and send the right emails (customers, subscription status, cancellation events, failed payments, replies). API keys are stored encrypted at rest. We do not share or sell data, and we do not use your customer data to train models.
Founder note
Built by Praveen. If you have a security question or want to see exactly what scopes ChurnNote uses, email hello@churnnote.com and you will get a real reply.