Privacy Policy

Last updated: June 17, 2026

This Privacy Policy explains how Stribly handles personal information when you visit our website, create an account, use the invoicing application, or interact with our subscription billing and support flows.

Who we are

Stribly provides invoicing, customer management, payment tracking, refund tracking, imports, and analytics for business users. Stribly is intended for business use only.

Stribly is operated by NIKOLA IVANOV PR RAČUNARSKO PROGRAMIRANJE WEBREDONE VRANJE, registered with the Serbian Business Registers Agency (APR), matični broj 65994151, PIB 112275671. Registered seat: Sobinska 2, 17500 Vranje, Serbia. Stribly is not registered for VAT. For privacy questions, contact us at todo_replace@stribly.com or use the support channel published inside the Stribly application.

Information we collect

We collect information you provide directly, including:

• account details such as name and email address;
• organization and business profile details;
• customer records, invoice data, tax settings, items, payment records, refund records, comments, import files, and related invoicing workflow content;
• support messages and operational communications.

We also collect technical and usage information needed to run the service, including:

• authentication and session information;
• device, browser, IP address, and request metadata;
• application logs, error events, performance data, and security events;
• billing entitlement and subscription state.

How we use information

We use information to:

• provide and secure the Stribly service;
• authenticate users and manage sessions;
• create, display, search, import, export, and maintain invoice workflow data;
• enforce plan limits and billing entitlements;
• process subscriptions through our billing provider;
• troubleshoot errors, monitor reliability, and protect against abuse;
• communicate about service, billing, legal, and security matters;
• comply with legal obligations.

Payment and billing processing

Paid subscriptions are processed through Polar Software, Inc. (“Polar”). Polar acts as Merchant of Record and authorized reseller for purchases made through Polar Checkout.

Polar may provide checkout, subscription billing, customer billing emails, invoices or receipts, applicable tax calculation and remittance, refunds, disputes, failed-payment handling, payment method management, and customer portal functionality.

Polar processes personal information needed for the transaction, subscription, invoice, payment, tax, refund, fraud-prevention, support, and customer portal flows. This may include your name, email address, billing address, country, postal code, business details, tax identifiers, payment method metadata, IP address, device and fraud-prevention signals, transaction history, subscription state, invoices, refunds, disputes, and support messages. Polar’s own Privacy Policy applies to the personal information Polar processes for billing and reseller services.

We do not store full payment card numbers. Payment method information is handled by Polar and its payment processors. We store billing status and identifiers needed to connect your Stribly account to Polar customer, subscription, order, invoice, receipt, payment, refund, and entitlement records.

Authentication processing

Stribly uses Clerk for authentication and user management. Clerk may process account and authentication information needed to create accounts, sign users in, manage sessions, verify identities, protect against abuse, and maintain authentication security. This may include name, email address, phone number if configured later, user identifiers, authentication factors, session identifiers, device and browser data, IP address, approximate location derived from IP address, security logs, and related request metadata.

For Stribly account data processed through Clerk, Stribly is generally the controller and Clerk acts as a processor or service provider. Clerk may also process some account information as an independent controller for its own service operations, legal compliance, security, and service maintenance, as described in Clerk’s Privacy Policy and Data Processing Addendum.

Service providers

We use third-party providers to operate Stribly. These may include:

• Clerk for authentication and user management;
• Polar for subscription checkout, billing, taxes, invoices, receipts, refunds, disputes, payment method management, and customer portal;
• Sentry for error monitoring, performance monitoring, and operational diagnostics;
• Vercel or similar hosting providers for the frontsite and web application;
• Railway or similar hosting providers for backend services and workers;
• managed PostgreSQL and Redis providers for application data, sessions, queues, locks, and rate-limiting;
• cloud key-management services for encryption operations;
• email or webhook providers if we later enable Stribly-owned transactional or product emails.

These providers process information only as needed to provide their services to us, subject to their terms and privacy commitments.

Cookies and similar technologies

Stribly uses cookies, local storage, session storage, and similar technologies for authentication, security, preferences, and application functionality. We may also use analytics or monitoring technologies to understand service reliability and usage. If we add non-essential tracking or marketing cookies, we will update this policy and provide required choices.

Data retention

We keep account and application data for as long as needed to provide Stribly, comply with legal obligations, resolve disputes, maintain audit trails, enforce agreements, and protect the service. Some records, such as invoice, payment, refund, webhook, subscription, and audit records, may be retained after account deletion where required for legal, tax, security, fraud-prevention, or accounting reasons.

Security

We use administrative, technical, and organizational safeguards designed to protect information. These include authentication controls, access controls, encryption for selected sensitive stored data, key-management processes, logging, monitoring, and operational review. Encryption reduces risk for stored data, but it does not make the service risk-free and does not remove the need for access controls, application security, backups, monitoring, and operational review. No internet service can guarantee absolute security.

International processing

Stribly and its providers may process information in countries other than your country of residence. Where required, we will rely on appropriate transfer mechanisms and provider agreements.

Your rights and choices

Depending on your location, you may have rights to access, correct, export, delete, restrict, or object to the processing of your personal information. You can update some account and organization information in the application. For other requests, contact us through the support channel published in the application.

You may not be able to delete information that we must retain for legal, tax, accounting, security, or legitimate business reasons.

Children

Stribly is intended for business use and is not intended for children. Do not use Stribly if you are under 18.

Changes

We may update this Privacy Policy from time to time. If changes are material, we will provide notice through the website, application, email, or another appropriate channel.

Related pages

• Terms and Conditions
• Pricing