Privacy Policy

This Privacy Policy explains how payoptify and its affiliates (collectively, "payoptify", "we", "us" or "our") collect, use, share, and otherwise process personal information in connection with our websites, including https://www.payoptify.com and other websites we own and operate that link to this Privacy Policy (the "Sites"), and the related content, platforms, services, products, and other functionality offered on or through our services (collectively, the "Services").

1. HOW WE COLLECT AND USE PERSONAL INFORMATION

The categories of information we collect through the Services include:

Contact Information

First and last name, company name, and email address for you and your end users. We collect this information when you submit a request or communicate with us, including through forms on our Sites. We use contact information to provide you with Services that you request or in which you express interest, and to communicate with you about our Services.

Account Information

User ID and password, and any other information you provide to us or that is necessary to create and maintain an account with us. We use this information to administer your account, provide you with the relevant Service and information, communicate with you regarding your account and your use of the Service, and for customer support purposes.

Payment Information and Processing

As a payment data unification platform, we process and store payment-related data from multiple payment providers. This includes: - Transaction data from integrated payment providers - Payment analytics and reporting data - Historical payment records and trends - Aggregated payment metrics We maintain strict PCI DSS compliance for all payment data processing and storage.

2. DATA SECURITY AND PROTECTION

We implement appropriate technical and organizational security measures to protect your data: - Encryption at rest and in transit - Regular security assessments and penetration testing - Access controls and authentication mechanisms - Continuous monitoring and threat detection - Regular security training for our staff

3. DATA RETENTION AND STORAGE

We retain your data for as long as necessary to provide our services and comply with legal obligations: - Account information: Throughout the duration of your account plus 30 days after deletion - Payment data: As required by applicable laws and regulations (minimum 7 years for financial records) - Usage logs: 12 months Data is stored in secure data centers located in Germany.

4. YOUR RIGHTS AND CHOICES

You have the following rights regarding your personal data: - Access your personal data - Correct inaccurate data - Request deletion of your data - Object to or restrict processing - Data portability - Withdraw consent To exercise these rights, contact us at privacy@payoptify.com.

5. INTERNATIONAL DATA TRANSFERS

We may transfer your data internationally as part of our services. We ensure appropriate safeguards through: - Standard Contractual Clauses - Data Processing Agreements - Privacy Shield certification (where applicable)

6. LEGAL BASES FOR PROCESSING

We process your data under the following legal bases: - Contract performance: To provide our services - Legal obligation: To comply with laws and regulations - Legitimate interests: To improve our services and protect against fraud - Consent: Where specifically requested

7. THIRD-PARTY SERVICE PROVIDERS AND DATA PROCESSORS

We use trusted third-party service providers to help us operate our Services. These providers include:

Data Integration and Processing

- Airbyte: For data integration and ETL processes - Cube: For analytics and data processing - Cloud hosting providers (AWS/GCP/Azure) - Database service providers

Payment Processing

We integrate with various payment service providers, including but not limited to: - Stripe - PayPal - Adyen - Klarna Each provider's privacy policy applies to the data they process.

Analytics and Monitoring

- Business intelligence tools - Performance monitoring services - Security and fraud detection services

Data Processing Agreements

All our third-party service providers: - Are bound by Data Processing Agreements (DPAs) - Must maintain appropriate security measures - Process data only as per our instructions - Are regularly audited for compliance

8. DATA PROCESSING AND STORAGE LOCATIONS

Your data may be processed and stored in: - European Union (Primary location) - United States (For specific services) - Other locations as required for service delivery We ensure appropriate safeguards through: - Standard Contractual Clauses (SCCs) - Binding Corporate Rules - Privacy Shield (where applicable)

9. TECHNICAL AND ORGANIZATIONAL SECURITY MEASURES

We implement comprehensive security measures including: - End-to-end encryption for data in transit and at rest - Regular penetration testing and vulnerability assessments - Access control and authentication systems - Real-time security monitoring and threat detection - Disaster recovery and business continuity plans - Regular security training for employees

10. CHILDREN'S PRIVACY

Our services are not intended for users under 18. We do not knowingly collect or process data from children under 18.

11. DATA BREACH NOTIFICATION

In case of a data breach that risks your rights and freedoms, we will: - Notify relevant supervisory authorities within 72 hours - Inform affected users without undue delay - Provide guidance on protecting your interests

12. COOKIES AND TRACKING

We use tracking technologies as described in our Cookie Policy, including: - Essential cookies for service operation - Analytics cookies to improve our services - Marketing cookies (with consent)

13. CONTACT US

For privacy-related inquiries: Data Protection Officer: info@payoptify.com

14. CHANGES TO THIS POLICY

We may update this policy periodically. We will notify you of material changes via email or service notification.