Privacy Policy

PayGate ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Account Information: When you create an account, we collect your email address and authentication credentials. If you sign in with Google, we receive your name, email address, and profile picture from Google.

Page Data: We store the checkout page configurations you create, including product names, descriptions, prices, images, and customization settings.

Usage Data: We collect page view counts, conversion metrics, and general usage analytics to operate and improve the Service.

Transaction Data: When payments are processed through your checkout pages, we receive transaction metadata from Stripe including amounts, dates, and customer email addresses. We do not collect or store payment card numbers, CVVs, or other sensitive payment card data — this information is handled exclusively by Stripe.

Device and Log Data: We may automatically collect information such as your IP address, browser type, operating system, and referring URLs when you access the Service.

We use the information we collect to:

• Provide, operate, and maintain the Service
• Process and track transactions through your checkout pages
• Calculate and collect platform fees
• Authenticate your identity and manage your account
• Provide customer support
• Send service-related communications (account verification, security alerts, updates)
• Analyze usage patterns to improve the Service
• Detect, prevent, and address fraud and security issues
• Comply with legal obligations

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: We use third-party services (Stripe for payments, Supabase for data storage, Google for authentication, Vercel for hosting) that may process your data to operate the Service. These providers are bound by their own privacy policies.
• Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request.
• Protection of Rights: We may disclose information to protect our rights, property, safety, or the rights of others, including to enforce our Terms of Service.
• Business Transfer: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

We implement reasonable technical and organizational security measures to protect your data, including:

• Encryption of data in transit (HTTPS/TLS)
• Secure authentication via Supabase and Google OAuth
• Row-level security policies on our database
• No storage of sensitive payment card data on our servers

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

We retain your account data and page configurations for as long as your account is active. Transaction records are retained for a minimum period necessary to comply with legal and financial reporting obligations.

If you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a machine-readable format
• Objection: Object to certain processing of your data
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise any of these rights, contact us at support@paygate.app.

We use browser cookies and local storage to:

• Maintain your authentication session
• Store page draft data locally in your browser
• Remember your preferences

We do not use cookies for advertising or cross-site tracking.

Our Service integrates with the following third-party services, each governed by their own privacy policies:

• Stripe: Payment processing — Stripe Privacy Policy
• Google: OAuth authentication — Google Privacy Policy
• Supabase: Data storage and authentication — Supabase Privacy Policy
• Vercel: Hosting — Vercel Privacy Policy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we learn that we have collected data from a child under 18, we will delete it promptly.

Your data may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws. By using the Service, you consent to such transfers.

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy, contact us at:

Email: support@paygate.app