Credit DisputeLetter desk

Privacy policy · effective July 17, 2026

Private by design.

The generator is built to draft a letter without creating an account, collecting your email, or storing your form values or finished letter.

What the generator processes

When you choose to generate, the service temporarily processes the fields you entered so it can return letters in the same request. Do not enter a Social Security number, date of birth, account login, or document image. The tool blocks common SSN and birth-date patterns in free text.

How AI privacy works

Before a configured AI provider can receive dispute facts, the service replaces names, addresses, phone numbers, report confirmation numbers, account references, and recipient details with deterministic placeholders. Provider output must pass plain-text, placeholder, recipient, and unsupported-claim checks. Personal values are restored only in PHP memory. If the provider is unavailable, over budget, or invalid, a deterministic template is used.

What is not stored

The application does not persist POST bodies, form values, generated letters, prompts containing your facts, provider responses, raw IP addresses, cookies, or persistent visitor identifiers. Finished letters remain in your browser tab.

Aggregate events and abuse controls

The site counts a short allowlist of aggregate events: page view, tool start, successful result, copy, print, and error. Event rows contain no form fields or letter text. Short-lived rate-limit keys are made from one-way network fingerprints and expire with their limit windows. Hosting infrastructure may process standard request metadata for security and delivery, but it is not joined to generator contents or analytics profiles.

Third parties

Cloudflare may deliver and protect the site, including the Turnstile anti-abuse check. A configured AI provider receives only placeholder-safe facts. External source links have their own privacy practices.

Retention

Raw aggregate event counts are retained for up to 30 days. Daily aggregate totals may be retained for up to 24 months. Security and administrative audit records are kept separately from public generator data.

Questions

Email [email protected]. Do not send SSNs, credit reports, dispute letters, or account documents by email.

Return to the generator