Privacy Policy

Dragun provides software that helps Canadian businesses follow up on their own overdue invoices and lapsed subscriptions. This policy explains what information we handle, why, and the choices you have. We are committed to handling personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.

Who is responsible for your data

When you use Dragun to contact your customers, you remain the business of record and the owner of that customer relationship. You decide who is contacted and why. Dragun acts as a service provider (a processor) that carries out follow-up on your behalf. We never buy, sell, or take ownership of your receivables.

Information we collect

• Account information — your name, work email, organization name, and sign-in details.
• Receivables you add — the customer contact details and balances you choose to import, along with notes and statuses you create.
• Payment information — limited payment metadata (such as amount, status, and confirmation) handled through our payment processor. Card details are entered directly with the processor and are never stored by Dragun.
• Usage and technical data — basic logs, device and browser information, and error reports used to keep the service secure and reliable.

How we use information

• To provide the service and send the reminders you schedule, on your behalf.
• To create secure payment links so your customers can pay you directly.
• To keep a clear record of what was sent, paused, paid, or stopped.
• To provide support, prevent abuse, and keep the platform secure.
• To meet legal and accounting obligations.

Sharing

We do not sell personal information. We share it only with trusted providers who help us run the service — for example, our cloud hosting, database, payment, email, and messaging partners — and only to the extent needed to deliver the features you use. These providers are bound by contractual confidentiality and security obligations.

Where data is stored

Some of our providers may process data outside of Canada. Where that happens, comparable safeguards are applied to protect your information. Each organization's data is logically isolated so one customer can never access another's records.

Security

We use encryption in transit, strict access controls, and row-level isolation between organizations. No system is perfectly secure, but we work continuously to protect the information entrusted to us and to limit who can access it.

Retention

We keep information for as long as your account is active or as needed to provide the service, resolve disputes, and meet legal obligations. You can ask us to delete your organization's data, subject to records we are required to retain.

Your rights

Under PIPEDA you may request access to the personal information we hold about you, ask us to correct it, or withdraw consent where applicable. If you are one of our customers' contacts and received a reminder, the fastest path is to reply directly to that business; you may also contact us and we will route your request appropriately.

Your customers' choices

Every text reminder supports a simple opt-out (such as replying STOP), and emails include an unsubscribe option. Honoring these requests is built into the cadence and required of every business using Dragun.

Cookies

We use essential cookies to keep you signed in and to remember preferences such as light or dark mode and your language. We do not use advertising trackers.

Children

Dragun is a business tool and is not directed to anyone under the age of majority.

Changes

We may update this policy from time to time. Material changes will be reflected by the “last updated” date above, and significant changes will be communicated to account holders.