Privacy Policy

1. Introduction

Polapine Digital ("Company," "we," "us," or "our") operates a payment orchestration platform that enables merchants to route and manage payment transactions across multiple gateways. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform. As a payment orchestration technology provider, we handle data differently from traditional payment processors - we route transactions but do not directly process payments or hold customer funds.

2. Information We Collect

2.1 Account Information

When you register for an account, we collect:

• Email address
• Username and password (encrypted)
• Business name (if provided)
• Payout preferences (payment method selections)

2.2 Transaction Data

When transactions are processed through our Platform, we may collect:

• Transaction amounts and currencies
• Payment method type used (card, wallet, crypto)
• Transaction status and timestamps
• Gateway routing information
• Transaction reference IDs

Note: We do not store full payment card numbers, CVVs, or sensitive authentication data. This information is handled directly by the respective payment gateway providers.

2.3 Technical Data

We automatically collect certain technical information including:

• IP addresses
• Browser type and version
• Device information
• Operating system
• Access timestamps and session duration
• Pages visited and features used within the Platform

2.4 API Integration Data

If you use our BYOK (Bring Your Own Keys) feature, we store:

• Encrypted API keys for connected payment gateways
• Gateway configuration preferences
• Routing rules and settings

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the payment orchestration Platform
• Process and route payment transactions to appropriate gateways
• Generate analytics, reports, and transaction insights for your dashboard
• Process payouts and withdrawals
• Detect and prevent fraud, unauthorized transactions, and abuse
• Communicate with you regarding account activity, updates, and support
• Improve and optimize our Platform's performance and routing algorithms
• Comply with legal obligations and enforce our Terms of Service

4. Data Sharing & Disclosure

We may share your information with:

• Payment Gateway Providers: Transaction data necessary for payment processing and routing
• Payout Providers: Information required to process your withdrawals (bank details, PayPal, crypto addresses)
• Fraud Prevention Services: Transaction data for fraud detection and risk assessment
• Legal Authorities: When required by law, court order, or to protect our rights

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit (TLS/SSL) and at rest
• Encrypted storage of API keys and sensitive credentials
• Access controls and authentication mechanisms
• Regular security assessments and monitoring
• Secure infrastructure with redundancy and backup systems

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. After account termination, we may retain certain data for:

• Compliance with legal obligations
• Resolution of disputes or enforcement of agreements
• Prevention of fraud and abuse
• Legitimate business purposes (anonymized analytics)

Transaction records are retained for a minimum period as required by applicable financial regulations.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data (subject to legal retention requirements)
• Object to or restrict certain processing activities
• Export your data in a portable format
• Withdraw consent where processing is based on consent

To exercise these rights, contact us via the channels listed below.

8. Cookies & Tracking

We use essential cookies and similar technologies to:

• Maintain your session and authentication state
• Remember your preferences and settings
• Ensure Platform security and prevent abuse
• Analyze usage patterns to improve service quality

We do not use third-party advertising cookies or cross-site tracking technologies.

9. Third-Party Payment Gateway Provider Data Liability

Our Platform integrates with third-party payment gateways and service providers. Each third-party payment gateway provider has its own privacy policy, data handling practices, and security measures governing the use of your data and your customers' data. You acknowledge and agree that:

• Once transaction data is transmitted to a payment gateway provider for processing, the gateway provider assumes full responsibility and liability for the security, handling, and protection of that data
• Polapine Digital is not responsible or liable for any data breaches, unauthorized access, data loss, or privacy violations that occur at the payment gateway provider level
• Sensitive payment information (full card numbers, CVVs, authentication data) is handled directly by payment gateway providers and never stored on our Platform - all liability for PCI-DSS compliance and cardholder data protection rests with the gateway provider
• Any data privacy claims, regulatory actions, or GDPR/CCPA compliance obligations arising from payment processing data are the responsibility of the payment gateway provider processing those transactions
• We encourage you to review the privacy policies and security certifications of any payment gateway you connect to through our Platform

Polapine Digital's data responsibility is limited to the orchestration layer data (routing decisions, transaction metadata, account information) that we directly control. We bear no liability for data handled by third-party payment gateway providers during the payment processing lifecycle.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in accordance with applicable data protection laws.

11. Children's Privacy

Our Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If we discover we have collected data from a minor, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically. Continued use of the Platform after changes constitutes acceptance of the updated policy.

13. Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact us at:

• Email: support@pd.cash
• Website: pd.cash