Legal

Privacy Policy

This policy explains how PayChainHQ Inc. handles personal information when businesses use the public site, dashboard, APIs, hosted invoice pages, sandbox and live environments, and related support channels.

Last updated March 21, 2026Applies to public site, dashboard, API, and hosted invoice surfaces
Privacy PolicyTerms of UseCookie PolicySecurity

Scope

This policy applies to PayChainHQ-operated websites, developer documentation, business dashboard surfaces, hosted invoice pages, operational APIs, sandbox and live environments, and related communications.

It applies to business account holders, team members, prospective customers, API users, support contacts, and counterparties or end users whose information is submitted through a business customer account.

Information we collect

  • Account, identity, and business profile information, including names, company names, email addresses, contact details, invited team members, account roles, and authentication data.
  • Compliance and onboarding information, including business profile submissions, legal business details, KYC or KYB materials, sanctions-screening context, review notes, and approval status.
  • Payment, transaction, and treasury information, including invoice identifiers, customer references, blockchain network selection, deposit addresses, payout instructions, webhook delivery records, transaction hashes, confirmations, and withdrawal requests.
  • Technical, device, and security information, including IP addresses, user-agent strings, session metadata, password-reset events, two-factor events, audit logs, request identifiers, and abuse-prevention signals.
  • Support and communication data, including onboarding requests, support tickets, feedback, and email correspondence.

How we use information

  • To create and operate business accounts, issue API credentials, manage team access, and maintain sandbox and live environments.
  • To create invoices, monitor deposits, reconcile balances, process withdrawals, operate treasury workflows, and deliver signed webhook events.
  • To perform onboarding, KYC, KYB, sanctions, fraud, abuse, and risk reviews, including ongoing monitoring and account restrictions where required.
  • To secure the platform through authentication, rate limiting, request tracing, logging, anomaly detection, and incident response.
  • To communicate about account activity, compliance review, billing, subscriptions, product changes, operational notices, and support requests.

How we share information

PayChainHQ uses third-party infrastructure and service providers to host the application, deliver transactional email, monitor blockchain activity, support wallet and treasury security operations, and help us secure and operate the Service.

These providers can include MPC-backed wallet infrastructure, blockchain node or indexing vendors, cloud hosting, email providers, fraud or security tools, and support tooling. We may also disclose information to regulators, courts, auditors, advisers, law enforcement, or transaction counterparties where required or appropriate.

We share information only to the extent reasonably necessary to operate the Service, comply with law, enforce our agreements, investigate misuse, or carry out customer instructions.

Public blockchain data

Some information processed through the Service, such as wallet addresses, deposit addresses, transaction hashes, and on-chain payment events, may be recorded on public blockchains or derived from them.

Public blockchain records are generally not erasable and may remain visible outside PayChain-controlled systems even if internal account data is later deleted or retained only in limited form.

Retention

We retain account, payment, billing, audit, compliance, and security data for as long as reasonably necessary to provide the Service, comply with legal obligations, resolve disputes, investigate misuse, and maintain financial or operational records.

Retention windows vary by data type. Security logs and diagnostic records may be kept for shorter operational periods than account, reconciliation, compliance, or financial records.

Security protections

We use access controls, environment separation, encryption where appropriate, audit logging, signed webhooks, session controls, approval flows, and privileged-operation checks to reduce unauthorized access risk.

No system is completely risk-free, but we design PayChainHQ to reduce key exposure and keep sensitive treasury operations behind controlled workflows rather than exposing them directly to end users.

Your choices and rights

Businesses may review and update certain account information through the dashboard and may request assistance with access, correction, deletion, or other privacy requests where legally available.

If you are a team member or end user whose information was submitted through a business customer account, we may direct your request to the relevant customer where appropriate. Some information must still be retained to meet regulatory, contractual, or security obligations.

International transfers

We may process or store information in countries other than the country where you are located. Where applicable law requires additional safeguards for cross-border transfers, we will use appropriate transfer mechanisms and operational controls.

Changes and contact

We may update this policy as the product, infrastructure, or legal obligations evolve. Material changes will be reflected by updating the effective date and, where appropriate, by providing additional notice through the site, dashboard, or email.

Questions about this policy can be sent to support@paychainhq.io.

This document is a product-facing privacy notice. Some customers may also be subject to separate commercial, enterprise, or jurisdiction-specific addenda.

Privacy Policy | PayChainHQ