Legal

These Terms form a binding agreement between ChargePilot and the business that installs or uses the Service (the “Merchant,” “you,” or “your”), and apply to every person who accesses the Service through your account.

These Terms incorporate, by reference, our Privacy Policy and the following: the data-processing terms in Section 11; the acceptable-use rules in Section 7; the fees set out on our pricing page or in the order form or plan you selected; and the applicable card-network program and operating rules (including the Visa and Mastercard rules) by which you are bound. A breach of an incorporated document is a breach of these Terms.

We may update these Terms from time to time. When we do, we will revise the “Last updated” date and, where appropriate, provide additional notice. Changes take effect when posted, and your continued use of the Service after that constitutes acceptance to the extent permitted by law. Where a change is material — particularly one affecting the movement of your funds or your legal rights — we may require you to accept the updated Terms before continuing to use the affected feature.

The following capitalized terms have the meanings below:

• “Representment” means analyzing a filed dispute, assembling AI-assisted evidence, and submitting that evidence to your payment processor before the applicable response deadline.
• “Prevention” means features designed to stop a chargeback before it is filed, including automated refunds and cardholder verification triggered by Stripe Early Fraud Warning (“EFW”) signals.
• “EFW Email” means an Early Fraud Warning verification email sent to a Cardholder with the Merchant designated as the legal sender, displayed as “{Merchant} via ChargePilot.”
• “Alert Data” means pre-dispute alert data sourced from card networks through a third-party reseller. The alert tier that uses Alert Data is forthcoming and is not currently offered (see Section 4.5).
• “Connected Stripe Account” means your Stripe account, connected to ChargePilot through an account-scoped Stripe App using OAuth.
• “Integration” means a third-party system you connect to ChargePilot at your direction (for example, your store, subscription, or support platform).
• “Cardholder” means an individual whose payment card was used in a Merchant transaction. A Cardholder is not a user of, and has no direct relationship with, ChargePilot.
• “Your Data” means the data ChargePilot accesses or receives from your Connected Stripe Account and Integrations, and the data you provide, in order to deliver the Service.
• “Fees” means the amounts payable for the Service, as set out on our pricing page or in your order form or plan.

To use the Service you connect your Connected Stripe Account and, optionally, one or more Integrations. You authorize ChargePilot to access the data made available through those connections in order to provide the Service. You may revoke a connection at any time from the Service’s settings or from the relevant provider; revoking access may disable some or all features.

You agree to provide accurate, current, and complete information during onboarding and to keep it up to date — including your legal business name and a valid physical postal address used as the sender address for EFW Emails (see Section 7). You are responsible for safeguarding your account credentials and for all activity that occurs under your account and your authorized users.

Depending on the features you enable, the Service may perform the following on your authorization and instruction. For all Merchant-facing activity, ChargePilot acts as a technological conduit and execution engine that carries out the actions you have configured. ChargePilot is not your bank, payment processor, insurer, or guarantor, and does not assume ownership of, or liability for, your underlying transactions, your products or services, or your relationship with your customers or with Stripe.

4.1 Representment

The Service analyzes dispute and transaction data and Integration evidence, generates AI-assisted evidence packages, and, where you enable automatic submission, submits Representment to your payment processor before the applicable response deadline on your behalf. We do not guarantee that any dispute will be won or that any evidence will be accepted; all dispute determinations are made solely by issuing banks, card networks, and your payment processor.

4.2 Prevention

Where you enable Prevention, the Service can respond to Stripe Early Fraud Warning signals by issuing an automated refund and/or sending a cardholder verification email, in order to stop a chargeback before it is filed. EFW Emails are sent with you designated as the legal sender, displayed as “{Merchant} via ChargePilot,” and are subject to Section 7. You are solely responsible for maintaining a sufficient balance in your Connected Stripe Account to fund any refunds the Service may issue. We do not guarantee that any chargeback will be prevented or that a refund will avert a corresponding dispute or fraud claim.

4.3 Automated-Refund Authorization & Mandate

If you enable automated refunds, you authorize, instruct, and mandate ChargePilot to initiate and execute refunds to Cardholders through your Connected Stripe Account, in the amounts and at the times determined by the Service’s fight-vs-refund decisioning, without obtaining your case-by-case approval for each refund. You agree that each such refund is an act you have authorized and directed, and that ChargePilot acts solely as your agent to execute it. ChargePilot never holds your Stripe secret key; refunds execute through your own account using a scoped authorization you can revoke.

This authorization is irrevocable for as long as you keep the automated-refund feature enabled and the Service active, except that you may adjust available parameters or opt out prospectively through the Service’s settings. Disabling the feature or terminating the Service does not unwind refunds already initiated before the change takes effect.

You understand that the Service may decide to refund a transaction you believe was legitimate — for example, to avoid a chargeback, fee, or fraud-ratio impact it assesses as the worse outcome. To the maximum extent permitted by law, you irrevocably waive, and release ChargePilot from, any claim arising out of a refund issued through your Connected Stripe Account in accordance with that decisioning, including any claim that the underlying transaction was legitimate, that the refund was unnecessary, or that you lost the sale, the goods, or shipped inventory. This waiver does not extend to refunds resulting from ChargePilot’s gross negligence, willful misconduct, or fraud, to any non-waivable statutory claims, or to refunds issued outside the parameters you configured.

4.4 Negative-Balance Allocation

ChargePilot connects to your Stripe account as an account-scoped Stripe App, not as a Stripe Connect platform. Accordingly, if a refund issued by the Service causes or contributes to a negative balance in your Connected Stripe Account, that negative balance is a matter between you and Stripe and is ultimately your responsibility. ChargePilot does not hold platform-level liability for your account balance and does not assume it. You agree to indemnify ChargePilot for negative balances as set out in Section 14.

4.5 Pre-Dispute Alerts (Forthcoming)

A pre-dispute alert tier that ingests Alert Data from card networks (Ethoca for Mastercard and Verifi / RDR for Visa) through a third-party reseller is forthcoming and is not currently offered. We describe it here for transparency only. We will update these Terms before any such tier is made available, and nothing in these Terms should be read as a present offer of that tier.

4.6 AI Fight-vs-Refund Decisioning

As part of Representment and Prevention, the Service uses automated, AI-assisted logic to decide, per dispute or signal, whether to fight (defend) a matter or to refund the Cardholder. These decisions are generated by software and may contain inaccuracies; they are not legal advice. To protect the integrity of fraud prevention, ChargePilot does not publish the internal signals, scoring, thresholds, or rules used to make these decisions, as doing so would create a roadmap for fraud.

4.7 Integrations & Evidence Review

You may connect Integrations at your direction so the Service can gather evidence to substantiate that an order was placed, paid, fulfilled, and delivered. Where you connect Gmail, the Service uses read-only access (the gmail.readonly scope) solely to locate customer email threads related to a disputed transaction; it never sends, modifies, or deletes messages. Evidence assembled by the Service may be reviewed by authorized personnel before or in connection with submission. Each Integration is provided by a third party under its own terms and privacy policy, and is connected on your authorization; Integrations are your data sources, not ChargePilot’s subprocessors.

4.8 Availability & Maintenance

We aim to keep the Service available but do not guarantee uninterrupted or error-free operation. We may perform maintenance, and we may modify, suspend, or discontinue features. The Service depends on Stripe and other third-party systems, and we are not responsible for their outages, API changes, enforcement actions, balance or payout behavior, or account restrictions.

Fees for the Service are set out on our pricing page and in the order form or plan you selected, and may include success-based fees on recovered disputes, fees for successful Stripe EFW preventions, and per-transaction scan fees. We do not restate fee amounts in these Terms; the pricing page and your order form govern. Existing Merchants on grandfathered pricing keep the rates applicable to their plan.

• A valid payment method is required to use the Service, and payments are processed through Stripe.
• Fees are stated in U.S. dollars and are exclusive of taxes; you are responsible for any applicable taxes other than taxes on ChargePilot’s net income.
• You remain liable for Fees that have accrued even if your payment processor fails to settle, remit, refund, or pay out the corresponding amounts.
• We may suspend or restrict the Service for non-payment, and unpaid amounts may accrue interest to the extent permitted by law.

In the event of a conflict between these Terms and the pricing page or order form as to Fees, the pricing page and order form control.

You represent that you operate a lawful business and that your use of the Service complies with all applicable laws, regulations, and card-network rules. You are responsible for the conduct of your authorized users, employees, agents, and contractors.

You represent that you have all rights, authorizations, and lawful bases necessary for ChargePilot to access and process Your Data and Cardholder data to provide the Service, including any notices to and consents from Cardholders required for ChargePilot to send EFW Emails on your behalf. As between you and ChargePilot, you control Your Data, and ChargePilot processes it on your instructions as described in Section 11.

You agree to cooperate with the Service as reasonably needed — including maintaining accurate information, keeping required connections active, and maintaining a sufficient Connected Stripe Account balance to fund refunds the Service may issue.

This Section governs how you may and may not use the Service. A violation is a material breach of these Terms and may result in the remedies in Section 12. You must not, and must not permit any user or third party to:

• use the Service for any unlawful, fraudulent, deceptive, or abusive purpose, or in violation of any law, regulation, or card-network rule;
• use the Service to circumvent, evade, or defeat card-network rules, processor rules, dispute or fraud-monitoring programs, or to obtain an outcome you are not legitimately entitled to;
• use automated refunds or Prevention to facilitate fraud, money laundering, or collusion, or to manipulate, suppress, or distort dispute, chargeback, or fraud ratios in a manner intended to mislead networks, processors, or acquirers — refunds must reflect genuine, good-faith resolution of transactions;
• submit, or cause the Service to submit, false, forged, altered, or misleading dispute evidence;
• probe, scan, or test the security of the Service, circumvent authentication, access another Merchant’s data, or interfere with the integrity or performance of the Service;
• reverse engineer, decompile, or attempt to derive the Service’s source code, models, scoring, or thresholds, except to the limited extent applicable law expressly permits; or
• resell, sublicense, rent, or use the Service to provide chargeback, dispute, prevention, or messaging services to any business other than your own, except under a separate written agreement with ChargePilot.

7.1 EFW Email rules

Where you enable EFW Emails, you are the legal sender of record of each message and are responsible for its content and its compliance with law and card-network rules. ChargePilot provides only the sending mechanism. These messages are intended to qualify as transactional or relationship messages — not commercial messages — and that status depends on your conduct. You must:

• keep EFW Emails strictly transactional — they must contain no marketing, advertising, promotional, upsell, cross-sell, or solicitation content of any kind;
• ensure all header information and subject lines are accurate and non-deceptive and correctly identify you as the sender;
• provide and keep current a valid physical postal address (your stored address is used where available; otherwise ChargePilot’s address is used as sender of record);
• promptly honor Cardholder opt-out requests and complaints, and not use EFW Emails to harass, threaten, or coerce any Cardholder or to suppress a legitimate dispute; and
• comply with the CAN-SPAM Act and all other applicable anti-spam, electronic-messaging, and consumer-protection laws, and any frequency or volume limits ChargePilot imposes.

Because ChargePilot operates on top of payment processors and card networks, your business and your use of the Service must comply with your payment processor’s and the card networks’ restricted- and prohibited-business rules — in particular, Stripe’s published Restricted Businesses policy and the applicable Visa and Mastercard rules. Without limiting that requirement, the Service may not be used in connection with illegal goods or services; counterfeit, stolen, or infringing goods; unlawful gambling; pyramid or other deceptive schemes; unlicensed money transmission or other regulated financial services; or any other business prohibited by your payment processor or by card-network rules.

ChargePilot may decline to provide, or may discontinue, the Service to any Merchant in a restricted or prohibited category, or where we reasonably believe a Merchant’s use creates legal, regulatory, reputational, or network-compliance risk.

ChargePilot and its licensors own all rights in the Service, including its software, models, algorithms, scoring, user interfaces, and documentation, and all aggregated and de-identified data derived from operating the Service. Nothing in these Terms transfers any of those rights to you.

As between the parties, you retain ownership of Your Data. You grant ChargePilot a worldwide, non-exclusive license to host, copy, process, transmit, and display Your Data as necessary to provide the Service, and to use Your Data — including in aggregated or de-identified form — to operate, secure, maintain, and improve the Service and its models. ChargePilot’s third-party AI providers act as subprocessors and are contractually prohibited from using Your Data or any Cardholder data to train, fine-tune, or improve their own or any cross-client models.

If you provide feedback or suggestions about the Service, you grant ChargePilot a perpetual, royalty-free license to use them without restriction.

Each party may receive non-public information of the other that is marked or reasonably understood to be confidential. The receiving party will use that information only to perform under these Terms and will protect it with at least reasonable care. This does not apply to information that is or becomes public without breach, was already known, is independently developed, or is rightfully obtained from a third party. ChargePilot’s internal fraud-detection logic, scoring, and thresholds are confidential and are not disclosed through the Service.

11.1 Roles of the parties

For Representment and other activity ChargePilot performs on your instruction — analyzing your disputes, enriching evidence from your own connected systems, submitting evidence to your payment processor, issuing Merchant-directed refunds through your Connected Stripe Account, and sending EFW Emails as your sender — you are the controller (and “business” under the CCPA/CPRA) and ChargePilot is your processor (and “service provider”). For any activity where ChargePilot determines the purposes and means of processing across Merchants — in particular the forthcoming ingestion of Alert Data across many Merchants, and any model improvement performed on pooled data — ChargePilot may act as an independent or joint controller. Our Privacy Policy describes these roles in detail.

11.2 Processing on your instructions; CCPA commitments

Where ChargePilot acts as your processor / service provider, it processes Your Data only on your documented instructions (including these Terms, your configuration choices, and the Privacy Policy) and as required by law. ChargePilot does not sell or share Your Data, does not retain, use, or disclose it for any purpose other than providing the Service, and does not combine it with personal information from other Merchants except as permitted by applicable law.

11.3 Security measures

ChargePilot maintains administrative, technical, and physical safeguards designed to protect data, including:

• encryption in transit using TLS 1.2 or higher (HTTPS-only);
• encryption at rest using AES-256, with AES-256-GCM application-layer encryption for sensitive credentials such as OAuth tokens;
• secrets managed in Google Cloud Secret Manager and not exposed to application code;
• per-Merchant data isolation in Firestore enforced by server-side security rules, hosted in a United States region;
• OAuth 2.0 scoped tokens — ChargePilot never holds your Stripe secret key, and you can revoke access at any time; and
• payment-data minimization: ChargePilot stores dispute results and the last four digits of a card only. It never stores full card numbers (PAN) or Sensitive Authentication Data (such as CVV/CVC, full track data, or PIN); PCI-scope card data stays inside Stripe.

ChargePilot’s application security has been verified at CASA Tier 2 through an independent dynamic application security testing (DAST) scan performed by TAC Security. CASA Tier 2 is an application-security assessment; it is not a SOC 2 examination, and ChargePilot does not claim SOC 2 certification. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

11.4 Subprocessors and international transfers

ChargePilot uses a limited set of subprocessors to provide the Service; the current list is maintained in our Privacy Policy, and we provide notice of changes as described there. ChargePilot stores the product’s data in the United States. Where data is transferred from the EEA, UK, or Switzerland to a country that may not provide an equivalent level of protection, ChargePilot relies on appropriate safeguards, including the European Commission’s Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum (IDTA).

11.5 Deletion and retention

ChargePilot retains data while your account is active and as needed for billing, dispute and representment recordkeeping, security, and legal compliance, and deletes it promptly following account closure or app uninstall and on a verified deletion request, except where retention is required by law, in which case it limits further processing to that purpose. ChargePilot does not currently enforce a fixed in-life retention time-to-live and does not represent a retention period it does not enforce. Where ChargePilot must retain data to comply with law or resolve disputes, it retains the minimum necessary for that purpose.

These Terms apply for as long as you use the Service. You may stop using the Service at any time by disabling a feature, disconnecting an Integration, or uninstalling the app; you may terminate a particular service line without terminating the others where the Service permits. We may suspend or terminate your access — in whole or in part — if you breach these Terms, fail to pay, or create risk to Cardholders, networks, other Merchants, or ChargePilot. Where a violation is non-urgent and curable, we will seek to give notice and an opportunity to cure.

On termination, your right to use the Service ends and we disable the relevant connections; refunds and submissions already initiated are not unwound. Provisions that by their nature should survive — including Sections 5, 9, 10, 11, 13, 14, and 15 — survive termination.

The Service is provided on an “as is” and “as available” basis. To the maximum extent permitted by law, ChargePilot disclaims all warranties, express or implied, including the implied warranties of merchantability, fitness for a particular purpose, and non-infringement.

Without limiting the foregoing, ChargePilot does not warrant or guarantee that any dispute will be won or any representment accepted; that any chargeback will be prevented, avoided, or reversed; that any alert will be received or acted on in time; that any automated refund will prevent a corresponding chargeback or fraud claim; or that your chargeback ratio, fraud ratio, account standing, or processor access will improve or be maintained. All dispute, fraud, and chargeback determinations are made solely by issuing banks, card networks, and your payment processor.

To the maximum extent permitted by law, ChargePilot will not be liable for any indirect, incidental, special, consequential, exemplary, or punitive damages, or for any loss of profits, revenue, goodwill, data, or business, whether in contract, tort, or otherwise, even if advised of the possibility. For the avoidance of doubt, this exclusion includes the value of any goods or inventory shipped on an order that the Service later resolves by an automated refund, and any lost sale resulting from a refund or prevention decision.

To the maximum extent permitted by law, ChargePilot’s total aggregate liability arising out of or relating to the Service and these Terms will not exceed the total Fees you paid to ChargePilot in the three (3) months preceding the event giving rise to the claim. Nothing in these Terms excludes or limits liability that cannot be excluded or limited under applicable law.

The Fees, the disclaimers in Section 13, the waiver in Section 4.3, and the limitations in this Section reflect an agreed allocation of risk between the parties and are an essential basis of the bargain.

To the maximum extent permitted by law, you will defend, indemnify, and hold harmless ChargePilot and its officers, directors, employees, and agents from and against any claims, losses, liabilities, damages, fines, penalties, costs, and expenses (including reasonable attorneys’ fees) arising out of or relating to:

• any negative balance in your Connected Stripe Account, including one caused or contributed to by a refund issued by the Service;
• your excessive chargeback or fraud ratios, and any monitoring program, fine, penalty, or account action imposed by a card network, issuer, acquirer, or Stripe as a result;
• fraud or misconduct by you, your personnel, your customers, or your agents;
• your violation of card-network rules, payment-processor terms, or applicable law;
• your misuse of EFW Emails or breach of Section 7, including any claim under CAN-SPAM or analogous law or any claim by a Cardholder relating to an EFW Email; and
• your products, services, transactions, business operations, or breach of these Terms.

These Terms are governed by the laws of the State of Florida, without regard to its conflict-of-laws rules. Except where prohibited by law, any dispute arising out of or relating to these Terms or the Service will be resolved by binding arbitration administered in Florida, and you and ChargePilot each waive any right to a jury trial and to participate in a class action. Either party may still bring an individual claim in small-claims court for qualifying disputes, and either party may seek injunctive relief in a court of competent jurisdiction to protect its intellectual property or confidential information.

• Entire agreement. These Terms, together with the documents they incorporate, are the entire agreement between you and ChargePilot regarding the Service and supersede prior agreements on the subject.
• Assignment. You may not assign these Terms without ChargePilot’s prior written consent; ChargePilot may assign them in connection with a merger, acquisition, financing, or sale of assets.
• Force majeure. Neither party is liable for failure or delay caused by events beyond its reasonable control.
• Severability and waiver. If any provision is held unenforceable, the remainder stays in effect; a failure to enforce a provision is not a waiver of it.
• Notices. We may provide notices to you by email, through the Service, or by posting; you may contact us using the details in Section 18.
• Publicity. Neither party will use the other’s name or marks in publicity without prior consent, except as required by law.

Questions about these Terms can be sent to support@chargepilot.ai. Privacy questions can be sent to privacy@chargepilot.ai, and suspected security issues or abuse to security@chargepilot.ai.