Privacy Policy

1. Introduction

Privyn, Inc. ("Privyn," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our fraud monitoring platform, or interact with our services.

By accessing or using our services, you agree to the terms of this Privacy Policy. If you do not agree with the terms, please do not access or use our services.

2. Information We Collect

Information You Provide

• Account Information: Name, email address, company name, and billing information when you create an account.
• Contact Information: Name, email, and message content when you reach out through our contact form or email.
• Payment Information: Credit card details and billing address processed through Stripe. We do not store full credit card numbers on our servers.

Information Collected Automatically

• Usage Data: Pages visited, time spent, referring URLs, and interactions with our website.
• Device Information: Browser type, operating system, IP address, and device identifiers.
• Transaction Data: Payment method fingerprints, transaction amounts, timestamps, and risk scores processed through our fraud monitoring platform.

Information From Third Parties

• Payment Processors: Transaction metadata from Stripe and connected payment platforms.
• Ecommerce Platforms: Order and customer data from WooCommerce, Shopify, and other integrated platforms as configured by the merchant.

3. How We Use Your Information

We use your information for the following purposes:

• Service Delivery: To provide, maintain, and improve our fraud monitoring and payment protection services.
• Fraud Detection: To analyze transaction patterns, identify fraudulent activity, and prevent chargebacks for our merchant customers.
• Communication: To send you alerts, notifications, and updates about your account and our services.
• Analytics: To understand how our services are used and improve performance and user experience.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party services that help us operate our platform, including Stripe (payment processing), Cloudflare (hosting and edge computing), and analytics providers.
• Merchants: Transaction-level fraud analysis results are shared with the merchant who processes the transaction.
• Legal Requirements: When required by law, subpoena, or other legal process, or to protect our rights, privacy, safety, or property.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

5. Data Security

We implement industry-standard security measures to protect your data:

• All data is encrypted in transit using TLS 1.3
• Sensitive data is encrypted at rest using AES-256
• We maintain PCI DSS Level 1 compliance for payment data handling
• SOC 2 Type II certified controls and procedures
• Regular security audits and penetration testing
• Role-based access controls with audit logging

6. Data Retention

We retain your information for as long as your account is active or as needed to provide our services. Transaction data used for fraud detection is retained for 24 months. After account closure, we retain data for an additional 90 days before permanent deletion, unless required by law to retain it longer.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data (subject to legal obligations).
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to specific types of processing, including direct marketing.
• Restriction: Request restriction of processing under certain circumstances.

To exercise these rights, contact us at privacy@privyn.com.

8. Cookies and Tracking

We use minimal cookies necessary for the operation of our website and services. We do not use third-party advertising trackers or sell data to advertising networks. Essential cookies include session management, authentication, and security tokens.

9. International Data Transfers

Our services are hosted on Cloudflare's global edge network. Your data may be processed in data centers located outside your country of residence. We ensure appropriate safeguards are in place for international transfers in compliance with GDPR and other applicable data protection laws.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Privyn, Inc.
Email: privacy@privyn.com
Web: Contact Page