1. Overview
ExpressPayments, Inc. (“ExpressPayments,” “we,” or “us”) provides payments infrastructure to merchants worldwide. This Privacy Policy explains what personal data we collect, why we collect it, and the rights you have over it.
We have written this in plain English. The legal terms that follow are real and binding, but we believe you should be able to understand them without a lawyer.
2. Data we collect
We collect three categories of data:
- Account data — name, email, business details, and bank account you provide during onboarding.
- Transaction data — amounts, currencies, metadata, and tokenized payment methods used to process payments.
- Usage data — IP addresses, device information, and analytics events used to operate and improve the service.
3. How we use data
We use your data to provide payments services, prevent fraud, comply with financial regulations (KYC, AML, sanctions screening), and improve the platform. We never sell personal data.
5. Security
We are PCI-DSS Level 1 certified and SOC 2 Type II audited. Card data is tokenized and stored in HSM-backed vaults. Internal access requires SSO, MFA, and is fully audit-logged.
6. Your rights
You can access, correct, export, or delete your personal data at any time from your dashboard, or by emailing privacy@expresspayments.ai. We respond to verified requests within 30 days.
7. International transfers
We operate globally. Personal data may be transferred to the United States and the European Union. Transfers rely on Standard Contractual Clauses and equivalent safeguards.
8. Contact
Questions? Email privacy@expresspayments.ai or write to us at 548 Market St #92421, San Francisco, CA 94104, USA.
