Products
Solutions
Resources
Effective Date: June 23, 2026
Last updated: June 23, 2026
This Privacy Policy explains how Payment Kit LLC (“Payment Kit,” “we,” “us,” or “our”) collects, uses, discloses, and otherwise processes personal information in connection with paymentkit.com and other websites that link to this Policy, our applications and dashboards, sales and marketing activities, support, events, and business operations (collectively, the “Business Services”).
This Policy also explains the distinction between information Payment Kit processes for its own purposes and personal information contained in a customer’s billing, subscription, payment, or end-customer data that Payment Kit processes on behalf of that customer.
When Payment Kit decides why and how personal information is processed—for example, information about website visitors, prospects, customer administrators, job applicants, or business contacts—Payment Kit acts as a controller or business under applicable privacy laws.
When Payment Kit processes personal information submitted by or for a customer to provide subscription billing, payment orchestration, hosted checkout, payment routing, dunning, analytics, fraud-management, tokenization, or related services, Payment Kit generally acts as a processor or service provider on behalf of that customer. The customer’s privacy policy governs that processing, and individuals should ordinarily direct privacy requests regarding that data to the relevant customer.
This Policy does not apply to third-party websites, Payment Providers, or services that have their own privacy practices.
We may collect the following categories of personal information, depending on how you interact with us:
Category
Examples
Identifiers and contact information
Name, business email, telephone number, mailing address, username, account identifier, online identifiers, and IP address.
Category
Examples
Professional and company information
Employer, job title, department, company size, industry, business contact information, and business interests.
Category
Examples
Account and authentication information
Login credentials, authentication events, roles, permissions, API-key metadata, and account settings.
Category
Examples
Commercial and billing information
Plans, orders, invoices, subscription details, payment status, billing contacts, tax information, and records of products or services considered or purchased.
Category
Examples
Transaction and service data
Transaction amounts and status, subscription activity, invoices, routing and processor information, fraud signals, chargebacks, refunds, customer records, payment-method metadata, token references, and related data processed through the Services.
Category
Examples
Payment information
Payment-card or bank-account information used to pay Payment Kit, and payment-method data processed through the Services. Payment information may be collected or tokenized by Payment Providers and may not be directly accessible to Payment Kit in raw form.
Category
Examples
Device, network, and usage information
Browser, device, operating system, referring URLs, pages viewed, clicks, timestamps, log data, approximate location derived from IP address, and interactions with websites, applications, emails, and documentation.
Category
Examples
Communications and support information
Emails, calls, chat messages, support tickets, meeting notes, survey responses, and other communications with Payment Kit.
Category
Examples
Security and compliance information
Fraud indicators, identity or business verification information, sanctions screening results, security events, audit logs, and information needed to satisfy legal, Payment Provider, or card-network requirements.
Category
Examples
Inferences
Preferences, interests, likely product needs, and inferences derived from business and usage information.
Category
Examples
Where the GDPR, UK GDPR, or similar laws apply, we rely on one or more of the following legal bases: performance of a contract; steps requested before entering into a contract; compliance with legal obligations; legitimate interests such as operating and securing our business, improving products, preventing fraud, and business-to-business marketing; consent where required; and establishment, exercise, or defense of legal claims.
Payment Kit does not sell personal information for money. Certain disclosures of online identifiers or activity data may be treated as a “sale,” “sharing,” or targeted advertising under some U.S. state privacy laws. Where applicable, you may submit an opt-out request to privacy@paymentkit.com. Payment Kit will also honor legally recognized browser-based opt-out signals where required by law and technically applicable.
We and our vendors may use cookies, pixels, local storage, SDKs, and similar technologies to operate websites and applications, maintain sessions, remember preferences, protect security, diagnose errors, understand usage, improve performance, and support marketing where enabled. For more information and available choices, review the Payment Kit Cookie Policy. Payment Kit does not currently provide a dedicated cookie-preference tool; browser settings may allow you to block or delete cookies, although doing so may limit functionality.
We retain personal information for as long as reasonably necessary for the purposes described in this Policy, including to provide Services, maintain business and financial records, comply with legal and Payment Provider requirements, resolve disputes, enforce agreements, and protect security. Retention depends on the nature and sensitivity of the information, the purposes of processing, contractual commitments, applicable limitation periods, and legal obligations.
Customer Data processed on behalf of a customer is retained and deleted in accordance with the applicable agreement and Data Processing Addendum. Unless otherwise agreed, Payment Kit’s standard post-termination retrieval period is thirty (30) days, subject to legal retention, inaccessible backups, and archival records.
We maintain administrative, technical, physical, and organizational safeguards designed to protect personal information. Measures include access controls, encryption and tokenization where appropriate, logging and monitoring, secure development practices, incident response, personnel confidentiality, vendor-management controls, and resilience measures. Payment Kit maintains PCI DSS Level 1 compliance for the systems and services within its applicable PCI scope. No security method is guaranteed to be completely effective, and users and customers remain responsible for protecting their credentials, devices, systems, and integrations.
Payment Kit is based in the United States, and personal information may be processed in the United States and other countries where we or our vendors operate. These countries may have privacy laws different from those where you live. Where required, we use recognized transfer mechanisms, such as adequacy decisions, the European Commission Standard Contractual Clauses, and the United Kingdom International Data Transfer Addendum, together with supplementary measures where appropriate. We do not claim participation in the EU-U.S. Data Privacy Framework unless and until Payment Kit is listed as an active participant.
Depending on your location and applicable law, you may have rights to request access, correction, deletion, portability, restriction, or objection; opt out of certain sales, sharing, targeted advertising, or profiling; withdraw consent; and appeal a denied request. You may also have the right to complain to a privacy regulator.
To submit a request regarding information Payment Kit controls, contact privacy@paymentkit.com. We may verify your identity and authority. Authorized agents may submit requests where permitted by law, subject to verification. We will not discriminate against you for exercising a legally protected right.
If your request concerns personal information that Payment Kit processes on behalf of one of our customers, please contact that customer directly. We will assist the customer as required by our agreement and applicable law.
You may unsubscribe from marketing emails using the link in the message or by contacting us. You may still receive transactional, security, account, legal, and service communications. Cookie and targeted-advertising choices are described in the Cookie Policy.
The Business Services are not directed to children, and we do not knowingly collect personal information directly from children under eighteen (18). If you believe a child has provided personal information directly to us, contact privacy@paymentkit.com.
Unless expressly agreed in writing, the Business Services are not intended for protected health information subject to HIPAA, special-category personal data under GDPR, biometric identifiers, precise geolocation, government identification numbers, or other highly sensitive information. Customers are responsible for avoiding submission of such information unless required protections and agreements are in place.
The table below provides a general notice of the categories of personal information we may collect, the purposes for which we use them, and categories of recipients. The specific categories applicable to an individual depend on the relationship and interaction with Payment Kit.
Category
Purposes
Recipient categories
Identifiers; customer records; professional information
Provide Services; account administration; communications; billing; sales; security; compliance
Affiliates; service providers; Payment Providers; advisers; authorities; transaction parties
Category
Purposes
Recipient categories
Commercial information
Orders; subscriptions; invoicing; customer relationship management; analytics
Service providers; advisers; transaction parties
Category
Purposes
Recipient categories
Internet or electronic activity
Security; authentication; website and product analytics; troubleshooting; marketing where permitted
Hosting, security, analytics, communications, and marketing providers
Category
Purposes
Recipient categories
Geolocation data (approximate)
Security; localization; fraud prevention; analytics
Security, analytics, and infrastructure providers
Category
Purposes
Recipient categories
Audio, electronic, or communications information
Support; training; quality; records; dispute resolution
Communications and support providers; advisers
Category
Purposes
Recipient categories
Inferences
Product improvement; personalization; sales and marketing
Analytics, CRM, and marketing providers
Category
Purposes
Recipient categories
Sensitive personal information, if provided and legally permitted
Payment security; account access; legal or compliance purposes; providing requested Services
Payment Providers; security and verification providers; authorities as required
Category
Purposes
Recipient categories
We retain each category for the period reasonably necessary for the purposes described above, considering legal, contractual, security, operational, and dispute-resolution needs. We do not use sensitive personal information to infer characteristics about individuals except as permitted by law. We do not knowingly sell or share personal information of consumers under sixteen (16).
We may update this Policy from time to time. We will post the revised Policy and update the Effective Date. If changes materially affect how we use personal information, we will provide additional notice where required by law.
Payment Kit LLC
Attn: Privacy
1111B S Governors Ave STE 47765
Dover, DE 19904
Email: privacy@paymentkit.com
Privacy and international data-protection inquiries: legal@paymentkit.com
