# USDPAY — PRIVACY POLICY

**USDPAY** ("Platform," "we," "us," "our")
**Operated by:** PIXELTIDE LLC, 833 Saint Vincent, Irvine, CA 92618, United States
**Website:** https://usdpay.me
**Contact:** support@usdpay.me
**Effective Date:** July 14, 2026
**Last Updated:** July 14, 2026

---

## 1. Introduction and Scope

This Privacy Policy explains how PIXELTIDE LLC ("we") collects, uses, shares, and protects personal data in connection with USDPAY, a non-custodial software and blockchain-verification service that enables businesses ("Merchants") to accept USDT payments directly from their customers ("Customers").

This Policy is incorporated by reference into our Terms of Service and applies to our website, dashboard, payment widget, API, and checkout pages (collectively, the "Services"). By using the Services, you acknowledge the practices described here. If you do not agree, do not use the Services.

## 2. Our Role — Controller and Processor

Your relationship with us depends on the data involved:

- **Merchant account data — we are the controller.** For data about Merchants and their use of the dashboard, we decide how and why it is processed.
- **Customer and order data — we act as a processor.** When a Customer pays a Merchant through a USDPAY checkout or invoice, the Merchant is the controller of that Customer's order data, and we process it on the Merchant's behalf to confirm the payment and notify the Merchant. Customers with questions about how a specific Merchant uses their data should contact that Merchant directly.

## 3. What We Collect

**3.1 Merchant account data.** Email address, password (stored only as a salted hash — never in plain text), business name, support email, Merchant ID, plan, and account settings.

**3.2 Wallet data — public addresses only.** The public blockchain addresses a Merchant designates to receive payments. **We never request, collect, or store private keys, seed phrases, or any credential that grants access to funds.**

**3.3 Payment and invoice metadata.** Invoice IDs, order references, requested and received amounts, selected network, destination (recipient) address, sender address, transaction hashes, timestamps, and payment status.

**3.4 Technical and usage data.** IP address, device and browser type, approximate location derived from IP, language preference, session identifiers, and interactions with the Services.

**3.5 Support communications.** The content of messages you send to support@usdpay.me and related metadata.

**3.6 Optional AML screening data.** If a Merchant enables the optional AML screening add-on, we process risk-scoring signals about incoming on-chain funds. This is a data-only feature that returns information for the Merchant's decision; we do not act on the Merchant's behalf.

**3.7 What we do NOT collect or hold.** We do not collect private keys or seed phrases; we do not take custody of, hold, or control any funds; and we do not process card numbers or bank account details (the Services are crypto-only).

## 4. Blockchain Data Is Public and Permanent

Payments occur directly on public blockchains. Transaction details — including addresses, amounts, and timestamps — are recorded on the relevant network, are publicly visible, and are permanent and irreversible. We cannot alter, hide, delete, or reverse on-chain data. Any data written to a blockchain is outside our control and is not subject to deletion by us.

## 5. How We Use Data

We use personal data to:

- Provide the Services — generate invoices, watch supported blockchains, match and confirm payments, and send webhooks and notifications;
- Calculate and bill our software fees (percentage of confirmed volume and, where applicable, subscription);
- Secure the Services, prevent fraud and abuse, and enforce our Terms and Acceptable Use Policy;
- Provide the optional AML screening add-on where enabled by a Merchant;
- Respond to support requests;
- Comply with applicable law, lawful requests, and legal process;
- Maintain and improve the Services.

We do **not** sell personal data, and we do not use it to hold, move, or control funds — the Services are non-custodial by design.

## 6. Legal Bases (where GDPR or similar laws apply)

We rely on: performance of a contract (to provide the Services you request); our legitimate interests (security, fraud prevention, service improvement); compliance with a legal obligation; and consent (for example, optional communications), which you may withdraw at any time.

## 7. How We Share Data

We share personal data only as described here:

- **Service providers (subprocessors).** Vendors that host infrastructure, deliver email, provide blockchain data feeds, or supply the optional AML screening — bound by contract to process data only on our instructions.
- **AML/screening providers.** Where a Merchant enables screening, relevant on-chain signals are shared with the screening provider to return a risk score.
- **Legal and safety.** Authorities or third parties where required by law, valid legal process, or to protect rights, safety, or the integrity of the Services.
- **Business transfers.** In connection with a merger, acquisition, or sale of assets, subject to this Policy.

**We do not sell your personal data, and we do not share it for cross-context behavioral advertising.**

## 8. Cookies and Similar Technologies

We use strictly necessary cookies and local storage to keep you signed in, remember your language preference, and secure the dashboard. We do not use advertising cookies. You can control cookies through your browser, though disabling necessary cookies may break parts of the Services.

## 9. Data Retention

We keep personal data for as long as your account is active and as needed to provide the Services, then retain limited records as required for legal, tax, accounting, security, and dispute-resolution purposes. When no longer needed, data is deleted or anonymized. Note that on-chain transaction data is permanent and cannot be deleted by us (see Section 4).

## 10. Security

We use technical and organizational measures appropriate to the risk, including encryption in transit, hashing of passwords, access controls, and the deliberate design choice of never holding funds or private keys — which removes an entire category of risk. No system is perfectly secure; you are responsible for safeguarding your account credentials and your own wallet keys.

## 11. International Transfers

We are based in the United States, and data may be processed in the U.S. and other countries where we or our service providers operate. Where required, we use appropriate safeguards (such as standard contractual clauses) for cross-border transfers.

## 12. Your Rights

Depending on your location, you may have the right to access, correct, delete, restrict, or object to the processing of your personal data, to data portability, and to withdraw consent. To exercise these rights, contact support@usdpay.me. We will respond as required by applicable law and may need to verify your identity.

**California residents (CCPA/CPRA).** You have the right to know what personal information we collect and how we use and disclose it, to request deletion, and to correct inaccurate information. We do **not** sell or share personal information for cross-context behavioral advertising, and we will not discriminate against you for exercising your rights.

If you are a Customer of a Merchant, direct requests about that Merchant's order data to the Merchant (see Section 2); we will assist the Merchant as their processor.

## 13. Customers Paying Through USDPAY

When you pay a Merchant through a USDPAY checkout, we process the minimum data needed to confirm your payment (network, amount, addresses, transaction hash, timestamp, and — on networks that use it — the payment comment/memo). You pay the Merchant directly on-chain; we never hold your funds. The Merchant is the controller of your order data.

## 14. Children

The Services are intended for businesses and users who are at least 18 years old. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us data, contact support@usdpay.me and we will delete it.

## 15. Third-Party Links

The Services may reference third-party tools such as wallets and blockchain explorers. Those third parties have their own privacy practices, and we are not responsible for them. Review their policies before use, and only download wallet software from its official source.

## 16. Changes to This Policy

We may update this Policy from time to time. Material changes will be posted here with a new "Last Updated" date and, where appropriate, communicated to Merchants. Continued use of the Services after changes take effect constitutes acceptance.

## 17. Contact

Questions or requests regarding this Policy or your personal data:

**PIXELTIDE LLC**
833 Saint Vincent, Irvine, CA 92618, United States
support@usdpay.me
https://usdpay.me

---

*This Privacy Policy is governed by the laws of the State of California, consistent with our Terms of Service.*
