[solarengineer]

Could you help us understand a few things about your service? How deep is this "deep integration"? When we sign up with you, what are we agreeing to hand over and/or to give you access to? Do you make copies of this data? Do you sell data about our Stripe data to others? Are you training your ML models based on our data? Do you have measures in place to detect or prevent internal leaks of such data and external exfiltration (via security attacks, for e.g.) of such data?

[gfloyd]

We request read/write access to Stripe via Stripe Connect in order to receive webhooks on your behalf and to create coupons. We do copy a small amount of data (customer and subscription details for cancellations) for the reporting and metrics features.

We do not and never will sell your Stripe data. We're not using any ML, so we're not training any models on your data.

We understand having access to your Stripe account comes with a lot of responsibility, and we're taking that seriously. I'd be more than happy to discuss security if you want to shoot me an email (address in profile).