Privacy Policy

1. Data Storage & Cardholder Data Disclosures

As a private payment infrastructure, we strictly enforce data minimization principles. We do not store or host raw credit card details, complete primary account numbers (PAN), CVV/CVC codes, or secure PINs on our servers.

All sensitive payment cardholder details are transmitted directly to our upstream PCI-DSS Level 1 compliant partners via secure card tokens, ensuring your financial credentials never touch our permanent storage arrays.

2. Database Cryptography & Encryption at Rest

All transaction logs, merchant details, payment metadata, and customer profiles stored in our databases are fully encrypted at rest using advanced, government-grade AES-256 cryptographic algorithms.

Cryptographic encryption keys are securely managed within isolated Hardware Security Modules (HSMs) with automated weekly rotation schedules. All data in transit across our internal microservices and external gateways is strictly encrypted using high-performance TLS 1.3 wrappers.

3. Data Sharing & Third-Party Protections

We maintain a strict zero-sharing mandate. We do not sell, rent, or lease customer data to data brokers, marketing agencies, or any third parties. Customer transaction details are securely shared exclusively with core upstream payment processing partners (including Stripe, EPS, and Nowpayments) as required solely to authorize and complete the requested transaction.

4. Fraud Prevention & Risk Modeling Telemetry

To comply with global anti-money laundering (AML) laws and fraud prevention guidelines, we dynamically collect non-sensitive network signals, including IP addresses, geolocations, transaction speeds, and browser agent hashes. This information is processed exclusively inside our internal Global Radar systems to flag and neutralize botnets, carding runs, and suspicious transactions.