Privacy Policy

1. Scope

This policy applies to personal information processed through payable.link websites, APIs, and related services. It does not apply to third-party websites, wallets, blockchain explorers, or services that we do not control.

2. Information We Collect

Information you provide

• Account profile fields (for example name, display name, email, optional profile image).
• Wallet addresses linked to your account.
• Content and metadata you upload (for example file name, type, size, pricing configuration).
• Support, legal, and DMCA correspondence (for example reporter name, email, statements, and signatures).

Information collected automatically

• Session and security data such as IP address, user-agent, auth tokens, and timestamped activity logs.
• Purchase and download records such as file identifiers, transaction hashes, payer wallet addresses, and access/download counters.
• Device and request metadata used for fraud prevention, abuse detection, and service integrity.

Public blockchain data

Blockchain transactions are public and may be permanently visible. We do not control on-chain visibility and cannot erase data recorded on public ledgers.

3. How We Use Personal Information

• Provide, maintain, and secure the platform.
• Authenticate users and manage sessions.
• Process purchases, enforce listing constraints, and issue access.
• Detect, investigate, and prevent fraud, abuse, policy violations, sanctions risks, and unlawful activity.
• Respond to support requests, legal notices, and DMCA claims.
• Comply with legal obligations, enforce agreements, and protect rights and safety.
• Perform analytics, debugging, and service improvements in aggregated/minimized form where possible.

4. Legal Bases (EEA/UK and Similar Regimes)

Where required, we process personal information under one or more of the following legal bases: contractual necessity, legitimate interests (for example security and fraud prevention), compliance with legal obligations, and consent where specifically requested.

5. Cookies and Similar Technologies

We use essential cookies and similar mechanisms for authentication, session continuity, security controls, and core functionality. Non-essential analytics or marketing technologies are handled according to applicable consent requirements.

Analytics tooling is configured to minimize personal data processing and follows consent requirements where storage or access on user devices is not strictly necessary.

We use the following categories:

• Strictly necessary technologies required for core functionality, security, and fraud prevention.
• Analytics technologies used to understand service usage and improve product and UX.
• Marketing/attribution technologies, where enabled, used for campaign measurement and activated only with valid consent where required by law.

Users can accept or reject optional categories through consent controls and can change choices later. Consent logs may be retained to demonstrate compliance obligations.

Depending on configuration, analytics may process page views, event names, timestamps, coarse device/browser metadata, and truncated/pseudonymized identifiers. We avoid unnecessary personal data collection.

6. Sharing and Disclosure

We may disclose information to:

• Service providers and subprocessors that help us operate the platform (hosting, storage, infrastructure, security, and support).
• Analytics providers used for privacy-focused product improvement.
• Payment, wallet, and blockchain ecosystem services as required to complete transactions.
• Authorities, courts, regulators, or counterparties when required by law, legal process, or to protect rights, safety, and platform integrity.
• Successors in a merger, financing, acquisition, reorganization, or asset transfer.

We do not sell personal information for money. If laws in your jurisdiction define certain data-sharing as a “sale” or “sharing,” we will honor applicable opt-out rights where required.

7. Data Retention

We retain personal information for as long as reasonably necessary to provide services, maintain security records, enforce agreements, resolve disputes, comply with legal obligations, and meet tax/accounting requirements.

Retention periods may vary by data category. Certain records (for example transaction hashes and compliance evidence) may need longer retention. Public blockchain data cannot be deleted by us.

8. International Data Transfers

We may process data in countries other than your own. Where legally required, we use appropriate transfer safeguards (for example contractual measures) for cross-border data transfers.

9. Security

We use technical and organizational safeguards designed to protect personal information. However, no system is perfectly secure, and we cannot guarantee absolute security.

10. Your Privacy Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, object, or port your personal information, and to withdraw consent where processing is based on consent.

To exercise rights, contact contact@payable.link. We may need to verify your identity and may decline requests where exemptions apply.

11. Refunds and Withdrawal Rights

Refund eligibility and EU withdrawal-right rules are explained on our Refunds & Withdrawal Rights page. That page describes immediate-performance confirmations, withdrawal-right limitations for digital content, and how requests are reviewed.

12. Children

payable.link is not directed to children and is not intended for users under the age required by applicable law to consent to data processing. If you believe a child has provided personal information, contact us so we can take appropriate action.

13. Region-Specific Notices

EEA/UK: you may lodge a complaint with your local data protection authority.

California: if applicable, you may request details about categories of personal information collected, disclosed, and rights available under California law.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Material updates will be posted here with a revised effective date.

15. Contact

Privacy inquiries: contact@payable.link