Last updated: April 5, 2026
This Privacy Policy describes how FLARES Inc (doing business as "Rebutiq"), a Nigerian company operating through its US subsidiary FLARES Network Systems, Inc., collects, uses, stores, and discloses information in connection with the Rebutiq automated dispute defense platform (the "Service"). This policy applies to merchants who create accounts on Rebutiq ("Merchants"), as well as to the end-users of Merchants' websites and applications whose data is collected through the Rebutiq JavaScript SDK and REST API ("End-Users").
By using our Service, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Service. This Privacy Policy should be read alongside our Terms of Service.
When you create a Rebutiq account, we collect information necessary to provide the Service and manage your subscription:
When a Merchant integrates the Rebutiq JavaScript SDK or uses the REST API, we collect the following data from the Merchant's End-Users for the sole purpose of building dispute evidence:
When you connect your Stripe account, we access the following data through the Stripe API, limited to what is necessary for dispute defense:
We automatically collect information about how you interact with the Rebutiq dashboard and API:
We use the information we collect for the following purposes:
We do not sell your personal data or your End-Users' data to third parties. We share data only in the following limited circumstances:
We submit compiled evidence packages to Stripe through their Disputes API on your behalf. This evidence may include behavioral data, transaction details, and AI-generated narratives. This sharing is necessary to perform the core function of the Service.
We send anonymized and contextual dispute data to Groq (our AI inference provider) to generate evidence narratives. Data sent to Groq does not include directly identifying personal information of End-Users. We have data processing agreements in place with our AI providers that prohibit them from using your data for training or any purpose other than providing inference services to us.
We may disclose information if required to do so by law, court order, or governmental regulation, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, the safety of others, or to investigate fraud.
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your data may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service before your data becomes subject to a different privacy policy.
We retain data for the minimum period necessary to fulfill the purposes described in this Privacy Policy. Specific retention periods are as follows:
| Data Category | Retention Period |
|---|---|
| Merchant account data | Retained while account is active, plus 30 days after termination |
| End-user behavioral data | 12 months from the date of collection |
| Dispute evidence packages | 24 months from the date of submission |
| API and usage logs | 12 months |
| Billing and payment records | As required by applicable tax and accounting laws (typically 7 years) |
You may request earlier deletion of your data at any time by contacting us at legal@flaresinc.com. We will process deletion requests within 30 days, subject to any legal obligations that require us to retain certain data.
We implement industry-standard technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction:
While we strive to protect your data using commercially reasonable measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security, but we commit to promptly notifying affected users in the event of a data breach, in accordance with applicable law.
When you integrate the Rebutiq SDK into your website or application, you act as the data controller for the End-User data collected through the SDK, and Rebutiq acts as a data processor on your behalf. As the data controller, you are responsible for:
The Rebutiq JavaScript SDK does not use cookies to track End-Users. Instead, the SDK generates a session identifier that is stored in memory for the duration of the browser session and is not persisted across sessions or shared with any third party.
The SDK does not perform cross-site tracking. It only collects data on the specific website or application where it has been installed by the Merchant. No data is shared between different Merchants' installations.
The Rebutiq dashboard (the Merchant-facing web application) may use essential cookies for authentication and session management. These cookies are strictly necessary for the operation of the dashboard and do not track you across other websites.
FLARES Inc is headquartered in Nigeria, with a US subsidiary (FLARES Network Systems, Inc.) handling support operations. Data collected through the Service is stored on servers located in the United Kingdom and may be processed in both the UK and the United States in the course of providing the Service.
By using the Service, you consent to the transfer of your data to the UK and US. If you are a Merchant with End-Users in the European Economic Area (EEA), United Kingdom, or other jurisdictions that require specific legal mechanisms for international data transfers, you are responsible for ensuring that you have an appropriate lawful basis for transferring End-User data through the Service.
The Service is not directed at, and is not intended to collect data from, children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will take steps to delete that information as promptly as possible.
If you are a Merchant whose website or application is directed at or used by children under 13, you must not deploy the Rebutiq SDK on those pages or sections of your site. If you believe that we have collected data from a child under 13, please contact us immediately at legal@flaresinc.com.
Depending on your jurisdiction, you may have certain rights regarding your personal data. We are committed to honoring these rights to the extent required by applicable law:
To exercise any of these rights, please contact us at legal@flaresinc.com. We will respond to all verified requests within 30 days. We may ask you to verify your identity before processing your request.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will provide at least thirty (30) days' prior notice by sending an email to the address associated with your account and by posting the updated Privacy Policy on the Service with a revised "Last updated" date.
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. If you do not agree with the changes, you should discontinue your use of the Service before they take effect.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
FLARES Inc (Parent Company)
27 Awoyemi Street, Ejugbo, Lagos, Nigeria
Phone: +234 201 330 6352
FLARES Network Systems, Inc. (US Support Branch)
1111B S Governors Ave STE 21292, Dover, DE 19904 US
Phone: +1 (608) 925-2262
Legal: legal@flaresinc.com
Support: support@flaresinc.com