Event

Happy Hour: Growing your consumer subscription business

Join us live

Paddle customer handbook

Guidance and best practices for software companies selling through Paddle

What is Paddle?

Paddle helps SaaS companies grow faster with fewer distractions. Instead of wasting time, money, and resources assembling, maintaining, securing, and constantly updating a ‘best of breed’ payments stack, we do it all.

Because we’re a SaaS Merchant of Record, we take away 100% of the payments complexity—handling all payment routing, tax collection, compliance, invoicing, subscription management, renewals, reporting, and fraud protection.

SaaS companies can focus on building great products and generating value for customers—leaving all payment challenges to us. It’s faster, safer, simpler, and way better.

Paddle dashboard

Our policies

We require that our software sellers:

Best practices

We recommend the following:

An ideal product fulfillment process would include:

Disputes

Disputes (or Chargebacks) occur when a buyer calls their bank or PayPal to dispute a charge.

This can be for many reasons, including:

Unfortunately, disputes are a common part of dealing with online payments, especially for digital goods sales. A buyer can chargeback a card payment up to 120 days after the product was delivered. We recommend that you try to resolve any customer payment issues early to avoid them escalating into a chargeback. Ensuring that your contact details are up to date with our Buyer Support Team will also ensure a seamless service and avoid delays that can lead to a dispute.

It’s important that you keep your dispute rate low. An average rate is in the region of 0.1-0.3% of transactions, however, a rate above 0.75% is unacceptable. We’ll send you a dispute notification whenever we receive a dispute from one of your buyers, we recommend keeping all dispute alerts always switched on (under vendor settings -> alerts).

When a dispute occurs, Paddle will fight on your behalf, submitting the relevant evidence to your buyer’s bank, or in the instance of misidentified transactions, we reach out to the buyer and attempt to resolve the situation for you. We’ll also email you asking for information we won’t have access to like any direct buyer communication or software usage logs that can aid your chances in winning chargebacks.

Chargebacks incur a fee of $15 (£15 or €15) for card payments and $20.00 (£20 or €20) for PayPal transactions, depending on the currency the user was charged in. We generally do not see a lot of PayPal chargebacks. Once a chargeback is received, the chargeback fee is passed onto you in addition to the original amount of the transaction and debited from your Paddle account.

If we win a dispute case for you, we return the original amount of the transaction back to your balance and refund any fees associated with the dispute.

Online fraud

Our aim is to protect our customers from fraud, so here are some tips to protect your online business from fraudulent buyers/purchases:

If you notice a suspicious buyer, please report them to help@paddle.com immediately.

Third-party fraud monitoring

Our aim is to protect our customers from fraud and help keep their dispute rates within the acceptable threshold, therefore we utilize third-party prevention tools to provide an additional layer of fraud protection. These alerts monitor and intercept transactions that have a confirmed chargeback risk due to fraud. We proactively return the funds to the authorized cardholder to avoid receiving a chargeback and keep within the acceptable chargeback ratio as set out by the card payment networks. A positive alert incurs a fee of $15.00, which is forwarded to you. This would keep your account’s dispute ratio within an acceptable threshold avoiding penalties including account closure.

PCI compliance

The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments.

Paddle is PCI DSS SAQ A Compliant - this means that we do not directly store card information and are PCI Compliant for web transactions only. As a result, any companies who use Paddle for software sales cannot store, process and transmit cardholder data either physically or virtually.

An example of a transaction that isn’t compliant is when a seller takes their buyer’s card details over the phone and processes a payment for software using the payment link themselves. The only way our customers can use Paddle for sales is through integrating our payment link into a working website or app.

GDPR compliance

The European Union (EU) introduced a landmark regulation called the General Data Protection Regulation (GDPR in short) in May 2018.

The goal of the GDPR is to give EU residents improved privacy rights and control over their personal data, protecting them from privacy breaches and leaks.

Every organization that handles, markets, or tracks the personal data of EU residents is liable, even if they’re not based in Europe. In the case of software companies who sell their products globally, this new regulation applies to them, no matter where they’re based.

There are strong penalties in place for non-compliance: up to €20m or 4% of global annual turnover, whichever is higher.

Making sure we were compliant, and in turn that the personal data of the buyers buying your products was treated correctly, whilst continuing to provide a great buyer experience has been an important focus for us when implementing the GDPR. Here are the main concepts of the GDPR:

Personal data requires lawful processing

This means that you shouldn’t buy email lists where you don’t know how consent was acquired, and we can’t enable newsletters to buyers if we don’t know whether they’ve consented to them.

Buyers should specify exactly what communications they want to receive from you

This means that the language explaining how you will contact them needs to be very clear and respect your buyers' opt-in preferences - leading to fewer unsubscribes and spam reports.

Buyers will have a right to transparency around the collection and processing of their data

This means that they’ll be able to ask us for the data we store on them and receive it in a simple format.

Buyers can request the right to be forgotten

This means that if asked, we will remove their personal data - letting you focus on the best buyers.

Implementing all of this could be complex

Just ask our in-house GDPR experts who have been looking into its correct application! We’ve rolled out changes to ensure that it is simple and straightforward for you and will always keep you informed.

To read more about GDPR at Paddle click here. For any data security questions or data removal requests email help@paddle.com.

Tax and compliance

Read more about tax and compliance at Paddle here.