Last updated: March 15, 2026
This Privacy Policy (the "Policy") describes how ZyndPay (referred to as "ZyndPay", "we", "us", or "our"), a technology platform that provides cryptocurrency payment processing services, collects, uses, stores, shares, and protects information relating to individuals (referred to as "you", "your", or "User") who access or use the ZyndPay platform, application programming interfaces (APIs), merchant dashboard, mobile application, payment processing services, software development kits (SDKs), plugins, website, Telegram bot services, and all related services (collectively, the "Services").
This Policy is an integral part of the ZyndPay Terms of Service. By accessing or using the Services, you acknowledge that you have read, understood, and agree to the collection and use of your information as described in this Policy. If you do not agree with this Policy, you must discontinue use of the Services immediately.
Our data protection practices are informed by international data protection standards including the EU General Data Protection Regulation (GDPR). We are committed to handling your personal data responsibly and transparently.
Account Registration: When you create an account, we collect your email address, password (stored in hashed form; we never store plaintext passwords), business name, and business type.
KYB Verification: During the Know Your Business (KYB) verification process, we collect: (a) business legal name; (b) business registration documents; (c) beneficial owner information, including full name, date of birth, nationality, and identification documents; (d) director information, including full name, date of birth, nationality, ID type (passport, national ID, or driver's license), and ID number; (e) proof of address; and (f) government-issued identification documents.
Profile Information: Business description, website URL, business logo, and other information you choose to provide for your merchant profile.
Payment Information: Cryptocurrency wallet addresses, withdrawal addresses, and address whitelist configurations.
Communications: Support tickets, emails, chat messages, dispute communications, and any feedback or suggestions you provide to us.
Telegram Bot Data: If you use our Telegram integration, we collect your Telegram user ID, username, first name, and channel or group information.
Device Information: IP address, browser type and version, operating system, device identifiers, and screen resolution.
Usage Data: Pages visited, features used, API calls made, timestamps, interaction patterns within the dashboard, and referring URLs.
Transaction Data: Transaction amounts, cryptocurrency wallet addresses, blockchain transaction hashes, confirmation status, timestamps, fee calculations, and processing status.
Log Data: Server logs, error logs, access logs, rate limiting events, and API request metadata (HTTP methods, endpoints, status codes, response times).
Cookies and Similar Technologies: We use cookies and similar tracking technologies to maintain sessions, remember preferences, and understand usage patterns. See Section 10 for more details.
Blockchain Analytics Providers: Wallet risk scores, transaction history analysis, and risk assessments from blockchain analytics services used for anti-money laundering (AML) compliance.
KYB Verification Providers: Identity verification results and document authentication outcomes from third-party verification services.
Sanctions Screening Databases: Results from sanctions list checks and politically exposed persons (PEP) screening.
We use the information we collect for the following purposes:
Our data processing practices are informed by international data protection standards, including the EU General Data Protection Regulation (GDPR). We process your personal data on the following bases:
4.1 Contract Performance: Processing that is necessary to provide the Services you have signed up for, including account management, payment processing, fee calculation, balance management, webhook delivery, and customer support.
4.2 Legitimate Interests: Processing that is necessary for our legitimate interests, including fraud prevention, security monitoring, service improvement, analytics, network security, rate limiting, and protection of our legal rights, provided such interests are not overridden by your fundamental rights and freedoms.
4.3 Legal Obligations: Processing that is necessary to comply with applicable laws and regulations, including anti-money laundering and counter-terrorist financing (AML/CTF) requirements, sanctions compliance, and responses to lawful requests from governmental authorities.
4.4 Consent: Processing based on your freely given, specific, informed, and unambiguous consent, such as for marketing communications or non-essential cookies. You may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
We do not sell your personal data. We may share your information in the following circumstances:
5.1 Service Providers: We share data with third-party service providers who assist us in operating the Services, including hosting providers, analytics services, blockchain infrastructure providers, and email delivery services. These providers are contractually required to protect your data and use it only for the purposes for which it was shared.
5.2 Blockchain Analytics Providers: We share wallet addresses and transaction data with blockchain analytics providers (such as Chainalysis or similar services) for AML compliance, risk scoring, and sanctions screening purposes.
5.3 KYB Verification Providers: We share identification documents and business information with third-party KYB verification providers to conduct identity verification and due diligence checks.
5.4 Law Enforcement and Government Authorities: We may disclose your information to law enforcement agencies, regulatory bodies, or government authorities when we are legally required to do so, or when we believe in good faith that disclosure is necessary to: (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing; (d) protect the personal safety of users or the public; or (e) protect against legal liability.
5.5 Professional Advisors: We may share information with our lawyers, auditors, accountants, and other professional advisors in connection with the advice they provide to us.
5.6 Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or other business transfer, your information may be transferred to the acquiring entity or successor. We will notify you of any such change and any choices you may have regarding your information.
All third-party recipients of your data are required to implement appropriate safeguards to protect your information.
We retain your information for the following periods:
Account Data: Retained for the duration of your account plus 5 years following account closure, to comply with legal and regulatory requirements.
Transaction Records: Retained for a minimum of 7 years, in accordance with AML best practices and financial record-keeping standards.
KYB Documents: Retained for 5 years after the end of the business relationship.
Server Logs: Retained for 90 days, unless a longer retention period is required for security investigations or legal proceedings.
We may retain data for longer periods if required by applicable law, regulation, or legitimate business need (such as ongoing disputes or legal proceedings). Anonymized and aggregated data that can no longer be used to identify you may be retained indefinitely for analytics and statistical purposes.
We implement reasonable technical and organizational security measures designed to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
Important: No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your personal data, we cannot guarantee its absolute security.
You are responsible for maintaining the confidentiality and security of your account credentials, API keys, and webhook secrets. You must notify us immediately at [email protected] if you believe your account or credentials have been compromised.
Your data may be processed in any country where our service providers operate. We do not guarantee that your data will be stored in any specific jurisdiction.
By using the Services, you consent to the transfer, processing, and storage of your information in countries other than your country of residence, which may have different data protection laws than your jurisdiction.
We take reasonable steps to ensure that your data is treated securely and in accordance with this Policy, regardless of where it is processed. Where required, we implement appropriate safeguards for international data transfers.
Informed by international data protection standards, you may have the following rights regarding your personal data:
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days. We may need to verify your identity before processing your request.
Please note that some requests may be declined if they conflict with our legal obligations, regulatory requirements, or legitimate business interests. For example, we cannot delete transaction records that we are required to retain under AML regulations.
Essential Cookies: We use essential cookies for authentication, session management, and security purposes. These cookies are strictly necessary for the operation of the Services and cannot be disabled.
Analytics Cookies: We may use analytics cookies and similar technologies to understand how the Services are used, identify usage patterns, and improve the user experience.
You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, disabling essential cookies may affect the functionality of the Services and prevent you from accessing certain features.
The Services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have collected personal data from a person under 18 years of age, we will take steps to delete such information promptly. If you believe that a minor has provided us with personal data, please contact us at [email protected].
The Services may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices, content, or security of any third-party sites or services. We encourage you to review the privacy policies of any third-party services you access through links on our platform.
Blockchain Transparency: Please be aware that blockchain transactions are publicly visible on the blockchain network. Transaction hashes, wallet addresses, and transaction amounts recorded on the TRON blockchain are inherently public and transparent. This is a fundamental characteristic of blockchain technology and is not a data sharing practice by ZyndPay.
We may update this Policy at any time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this Policy, we will notify you by email to the address associated with your account, through a notification on the platform, or by posting a prominent notice on our website.
Your continued use of the Services after the effective date of any changes to this Policy constitutes your acceptance of the updated Policy. We encourage you to review this page periodically for the latest information on our privacy practices.
In the event of a data breach that poses a significant risk to your rights and freedoms, we will:
If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact us:
Privacy Inquiries: [email protected]
General Inquiries: [email protected]
Website: https://zyndpay.io