Novoriq Revenue OS
Last Updated: May 15, 2026
Workspace information: We collect the account email, organization name, role, billing status, and subscription metadata needed to operate your workspace.
Stripe operational data: When you connect Stripe with a restricted API key, Novoriq processes dispute, charge, authorization, and webhook delivery data needed for dispute intake, evidence review, audit reporting, and PDF generation. This may include customer names, email addresses, billing addresses, charge identifiers, dispute reasons, transaction amounts, risk indicators, and related timestamps.
Telemetry for evidence: Where enabled, Novoriq may process checkout or transaction telemetry such as IP address, generalized location, device fingerprint, delivery status, or account activity records solely for fraud review and representment documentation.
We use this information to authenticate users, provision subscription access, synchronize Stripe dispute activity, prepare operational audits, generate evidence PDFs, retrieve previously generated documents, and maintain a reliable dispute review queue. We do not sell merchant data or customer transaction data.
Novoriq is designed to use Stripe restricted API keys rather than unrestricted secret keys. Restricted keys allow you to grant only the permissions needed for dispute operations. Connected Stripe credentials and webhook signing secrets are encrypted at rest before storage. You retain ownership and control of your Stripe account and may rotate or revoke a restricted key from Stripe at any time.
Stripe webhooks are processed to record charges and disputes, prevent duplicate event handling, and trigger evidence preparation. Audit results and PDF evidence documents are generated from operational records available to your workspace. PDFs may be stored so authorized users can retrieve them without regenerating the same document.
Novoriq can access only the Stripe resources permitted by the restricted key you create. Novoriq does not require permission to move funds, create charges, issue refunds, change payout settings, or administer your Stripe account. Subscription billing metadata is processed through third-party billing providers only as needed to provision or revoke workspace access.
We retain operational records for as long as reasonably needed to provide the service, support dispute evidence retrieval, satisfy security review requirements, and maintain billing or audit history. You may request deletion of organizational data, subject to legal, security, backup, and dispute-record retention requirements.
Security disclosure: Stripe credentials are used server-side for authorized recovery operations and are not exposed in the browser after submission.