Payzum Back to home
Legal

Privacy Policy

Last updated: 25 June 2026 · Effective date: 25 June 2026
This Privacy Policy explains how Payzum (a trade name of Vexo International LLC, a Wyoming limited liability company) ("Payzum", "we", "us") collects, uses, and protects personal data when you use our websites and Services. For the EEA/UK, Payzum is the data controller of personal data described below, except where we act as a processor on a Merchant's behalf.

1.Scope

This Policy applies to personal data we process in connection with our public websites, dashboards, APIs, and Services. It does not apply to the practices of Merchants or third parties we do not control. Where we process personal data on behalf of a Merchant (for example, limited End-User checkout data), the Merchant is the controller and we act as a processor under our agreement with that Merchant.

Non-custodial reminder. Payzum does not hold customer funds or private keys and does not process fiat currency. We collect only the data needed to operate a non-custodial, crypto-only payment infrastructure.

2.Information We Collect

Information you provide

  • Account data — name, email address, password (hashed), and authentication settings.
  • Business / verification data — where required for compliance, business details, beneficial-ownership information, and "know-your-business" documentation.
  • Configuration data — Merchant Wallet addresses, terminals, cashiers, payment links, invoices, and integration settings.
  • Communications — messages, support requests, and survey or newsletter sign-ups.

Information collected automatically

  • Technical & usage data — IP address, device and browser type, language, pages viewed, referring URLs, timestamps, and diagnostic logs.
  • Cookies and similar technologies — see Section 5.

On-chain data

Transaction data recorded on public blockchains (such as wallet addresses, amounts, and timestamps) is inherently public and is not created or controlled by us. See Section 10.

3.How We Use Information

  • to provide, operate, maintain, and improve the Services;
  • to authenticate users, secure accounts, and prevent fraud and abuse;
  • to perform compliance, AML/CFT, and sanctions-screening obligations;
  • to provide customer support and respond to inquiries;
  • to analyze usage and improve performance and reliability;
  • to send service, security, and (where permitted) marketing communications; and
  • to comply with legal obligations and enforce our Terms.

4.Legal Bases for Processing (GDPR)

For individuals in the European Economic Area ("EEA"), the United Kingdom, and Switzerland, we rely on the following legal bases under the General Data Protection Regulation ("GDPR"):

  • Performance of a contract (Art. 6(1)(b)) — to provide the Services you request;
  • Legal obligation (Art. 6(1)(c)) — for compliance, AML/CFT, and record-keeping;
  • Legitimate interests (Art. 6(1)(f)) — to secure, improve, and market our Services, where not overridden by your rights;
  • Consent (Art. 6(1)(a)) — for non-essential cookies and certain marketing; you may withdraw consent at any time.

5.Cookies & Similar Technologies

We use cookies and similar technologies (such as local storage and pixels) to operate our websites, remember preferences, and understand usage. Strictly necessary cookies are required for the site to function. Non-essential cookies (preferences, analytics, and marketing) are used only with your consent where required by law (including the EU ePrivacy Directive and GDPR).

On your first visit from the EEA/UK, we present a cookie banner allowing you to accept, reject, or manage non-essential cookies. You can change or withdraw your choice at any time via the "Cookie settings" link in the website footer, and you can control cookies through your browser settings.

CategoryPurposeConsentTypical retention
Strictly necessary Security, load balancing, session integrity, and remembering your cookie choices. Not required Session – 12 months
Preferences Remember settings such as language and display options. Consent Up to 12 months
Analytics Measure traffic and usage to improve the Services (aggregated/pseudonymized where possible). Consent Up to 24 months
Marketing Measure campaigns and, where applicable, deliver relevant advertising. Consent Up to 12 months

We honor recognized browser-based opt-out signals (such as Global Privacy Control) where legally required.

6.How We Share Information

We do not sell personal data. We share personal data only as follows:

  • Service providers / processors — hosting, infrastructure, analytics, communications, and compliance vendors, bound by data-processing agreements and confidentiality obligations;
  • Compliance & screening providers — for KYB verification and sanctions/transaction risk screening (including Scorechain and, from time to time, additional providers), where required;
  • Legal & safety — to comply with law, respond to lawful requests, or protect rights, property, and safety; and
  • Corporate transactions — in connection with a merger, acquisition, or asset transfer, subject to this Policy.

7.International Data Transfers

We operate from the United States and may process personal data in countries that may not provide the same level of protection as your jurisdiction. Where we transfer personal data from the EEA, UK, or Switzerland, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum), together with supplementary measures where appropriate.

8.Data Retention

We retain personal data for as long as necessary to provide the Services and for legitimate business and legal purposes, including compliance, tax, accounting, and dispute-resolution requirements. Retention periods vary by data type and applicable law; where retention is no longer required, we delete or anonymize the data. Note that data recorded on public blockchains cannot be deleted or altered by us (see Section 10).

9.Your Rights

Subject to applicable law, you may have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete data;
  • erase data ("right to be forgotten"), where applicable;
  • restrict or object to certain processing, including direct marketing;
  • data portability, where applicable;
  • withdraw consent at any time, without affecting prior processing; and
  • lodge a complaint with your local supervisory authority (EEA/UK) or applicable regulator.

To exercise your rights, contact [email protected]. We will respond within the timeframes required by law. If you are a California resident, you may have additional rights under the CCPA/CPRA, including the right to know, delete, correct, and opt out of "sharing"; we do not sell personal information.

10.Blockchain & Public Data

The Services facilitate Transactions on public blockchains. Information written to a blockchain — including wallet addresses, transaction amounts, and timestamps — is public, immutable, and outside our control. It cannot be changed, hidden, or erased, including in response to an erasure request. You should consider this before transacting on-chain.

11.Data Security

We implement technical and organizational measures designed to protect personal data, including encryption of secrets, access controls, two-factor authentication, signed webhook payloads, and audit logging. No method of transmission or storage is fully secure; we cannot guarantee absolute security and you use the Services at your own risk.

12.Children's Privacy

The Services are not directed to individuals under eighteen (18), and we do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will take appropriate action.

13.Changes to this Policy

We may update this Policy from time to time. The "Last updated" date reflects the most recent revision. Material changes will be notified by reasonable means. Your continued use of the Services after the effective date constitutes acceptance of the updated Policy.

14.Contact

For privacy questions or to exercise your rights, contact:

Vexo International LLC (d/b/a Payzum)
State of Wyoming, United States
Privacy: [email protected]
General: [email protected]

EEA/UK users have the right to lodge a complaint with their local data-protection supervisory authority.