Privacy Statement

1. Who is Paygoz?

Paygoz Inc. ("Paygoz", "we", "us", or "our") is a financial technology company that provides payment services to businesses across the United States. Our services enable merchants to accept online and in-person payments, manage funds, send invoices, and access related financial tools.

As a consumer, you may encounter Paygoz when making a purchase through a webshop or business that uses our payment services. When you pay through a Paygoz-powered checkout, we process certain personal data to complete your transaction securely.

This Privacy Statement explains how we collect, use, store, and share your personal data, and what rights you have in relation to that data.

2. Our Responsibilities

Paygoz acts as the data controller for personal data processed in connection with our payment services. This means we determine the purposes and means of processing your personal data as required to provide our services, comply with legal obligations, and protect against fraud.

In certain cases, such as when providing our Invoicing product, Paygoz may act solely as a data processor on behalf of the merchant. In such cases, the merchant is the data controller and their privacy policy governs the processing of your data.

We are committed to processing personal data in compliance with applicable US federal and state privacy laws, including the California Consumer Privacy Act (CCPA), the Virginia Consumer Data Protection Act (VCDPA), and other applicable state privacy regulations.

3. What Personal Data Does Paygoz Process?

The personal data we process depends on your relationship with Paygoz. We may collect and process the following categories of data:

Account Owners & Business Representatives

• Full name, email address, phone number
• Business name, address, and registration details
• Tax identification number (EIN/SSN)
• IP address and device information
• Login credentials and authentication data

Beneficial Owners & Legal Representatives

• Government-issued identification documents
• Date of birth and nationality
• Selfie or photo for identity verification
• Proof of address documentation

Consumers & Shoppers

• Name and contact details (as provided during checkout)
• Payment details (card number, bank account, payment method)
• Transaction information (amount, date, merchant)
• IP address and browser/device information

Website Visitors

• IP address and approximate location
• Browser type, operating system, and device information
• Pages visited, referral source, and browsing behavior
• Cookie and tracking technology data

Customer Service Contacts

• Name and contact information
• Content of communications (emails, chats, phone calls)
• Account details relevant to the inquiry

4. Does Paygoz Process Sensitive Personal Data?

Paygoz does not intentionally collect or process sensitive personal data, such as data revealing racial or ethnic origin, political opinions, religious beliefs, health information, sexual orientation, or genetic or biometric data (except as specifically required for identity verification purposes).

We do not knowingly collect personal data from children under the age of 16. If you believe we have inadvertently collected data from a minor, please contact us immediately at privacy@paygoz.com so we can promptly delete such information.

5. How Does Paygoz Use Your Personal Data?

We process personal data for the following purposes:

Account Creation & Management

To create and manage your Paygoz account, verify your identity, and maintain accurate records. Legal basis: Performance of our contract with you; compliance with legal obligations.

Payment Processing

To execute and process payment transactions, manage settlements, handle refunds, and resolve chargebacks. Legal basis: Performance of our contract; legitimate business interests.

Legal & Regulatory Compliance

To comply with anti-money laundering (AML), counter-terrorism financing (CTF), Know Your Customer (KYC) requirements, tax reporting obligations, and other applicable laws and regulations. Legal basis: Legal obligation; public interest.

Fraud Prevention & Security

To detect, prevent, and investigate fraud, unauthorized transactions, and other illegal activities. This includes automated fraud screening, risk scoring, and transaction monitoring. Legal basis: Legitimate business interests; legal obligation.

Service Improvement

To improve our products and services, conduct analytics, develop new features, and enhance user experience. We may use aggregated and anonymized data for research and reporting purposes. Legal basis: Legitimate business interests; consent (where required).

Communications

To send you service-related communications, respond to your inquiries, and provide customer support. With your consent, we may also send marketing communications about our products and services. Legal basis: Performance of contract; consent; legitimate business interests.

6. How Long Does Paygoz Keep Your Data?

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Specific retention periods include:

• Account data: For the duration of your account plus five (5) years after account closure, as required by financial regulations.
• Transaction records: Seven (7) years from the date of the transaction, in accordance with IRS record-keeping requirements and applicable state laws.
• KYC/AML documentation: Five (5) years after the end of the business relationship, as required by the Bank Secrecy Act.
• Customer service records: Three (3) years from the date of the interaction.
• Cookie and analytics data: As specified in our Cookie Statement, typically no longer than twenty-four (24) months.

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.

7. How Does Paygoz Secure Your Data?

We implement comprehensive technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Technical controls: Network segmentation, firewalls, intrusion detection systems, data encryption (in transit and at rest), and strong authentication mechanisms.
• PCI-DSS compliance: We maintain Payment Card Industry Data Security Standard compliance for all cardholder data processing.
• Organizational controls: Role-based access controls, separation of duties, personnel background screening, regular security training, and incident response procedures.
• Monitoring: Continuous monitoring of systems and networks for security threats, with regular vulnerability assessments and penetration testing.

While we strive to protect your personal data, no method of transmission or storage is completely secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

8. Does Paygoz Share Your Data With Third Parties?

We may share your personal data with the following categories of third parties:

Service Providers

We engage trusted service providers who process data on our behalf under strict data processing agreements. These include cloud hosting providers, identity verification services, and customer support tools.

Financial Institutions & Payment Networks

We share transaction data with banks, card networks (Visa, Mastercard, American Express), and other payment processors as necessary to process your payments and comply with network rules.

Compliance & Screening Partners

We share data with identity verification providers, AML screening services, and fraud detection partners to comply with legal obligations and protect against financial crime.

Law Enforcement & Regulators

We may disclose personal data when required by law, court order, or regulatory request, or when we believe disclosure is necessary to protect the rights, safety, or property of Paygoz, our users, or the public.

International Data Transfers

When we transfer personal data outside the United States, we ensure appropriate safeguards are in place, including Standard Contractual Clauses or other legally recognized transfer mechanisms. We do not sell your personal data to third parties.

9. Does Paygoz Use Cookies?

Yes, we use cookies and similar tracking technologies on our website. These include:

• Strictly necessary cookies: Required for the website to function properly, such as session management and security cookies.
• Functional cookies: Used to remember your preferences and improve your experience on our website.
• Analytics cookies: Help us understand how visitors interact with our website, enabling us to improve our content and user experience.
• Marketing cookies: Used to deliver relevant advertisements and measure the effectiveness of our marketing campaigns. Third-party advertisers and social media platforms may also place cookies on our website.

You can manage your cookie preferences through your browser settings or via the cookie consent banner displayed on our website. For more information, please refer to our Cookie Statement.

10. Automated Decision-Making & Profiling

Paygoz uses automated processing for fraud detection, risk assessment, and transaction monitoring. These systems analyze transaction patterns, device information, and other data points to identify potentially fraudulent or unauthorized activity.

Automated decisions may result in the blocking or flagging of transactions for manual review. If an automated decision significantly affects you, you have the right to request human review, express your point of view, and contest the decision by contacting us at privacy@paygoz.com.

11. What Rights Do You Have?

Depending on your state of residence and applicable law, you may have the following rights regarding your personal data:

• Right to Know: You may request information about the categories and specific pieces of personal data we have collected about you.
• Right to Access: You may request a copy of the personal data we hold about you.
• Right to Correction: You may request that we correct inaccurate or incomplete personal data.
• Right to Deletion: You may request that we delete your personal data, subject to certain exceptions required by law.
• Right to Portability: You may request that we provide your personal data in a structured, commonly used, machine-readable format.
• Right to Opt-Out: You may opt out of the sale or sharing of your personal data for targeted advertising purposes. Note: Paygoz does not sell personal data.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

To exercise any of these rights, please contact us at privacy@paygoz.com. We will respond to your request within thirty (30) days. In some cases, we may need to verify your identity before processing your request. If we require additional time, we will notify you within the initial thirty-day period.

12. How Can You Contact Paygoz?

If you have any questions, concerns, or requests regarding this Privacy Statement or our data processing practices, please contact us:

If you are unsatisfied with our response to your privacy concern, you may have the right to file a complaint with your state Attorney General's office or relevant regulatory authority.

13. Privacy Officer

Paygoz has appointed a Privacy Officer who is responsible for overseeing our data protection practices and ensuring compliance with applicable privacy laws. If you have concerns about how your personal data is being handled, you may contact our Privacy Officer directly: