NasPay Legal

Privacy Policy

Effective date: April 21, 2026

1. Information We Collect

NasPay may collect account identity data, business registration data, contact details, device identifiers, app and web usage logs, wallet and transaction records, card metadata, approval events, merchant API usage, support messages, compliance review notes, sanctions-screening outputs, and technical security events.

2. Why We Use Data

We use data to open and operate accounts, process wallet activity, deliver merchant checkout and payout services, verify identity, protect users from fraud, secure accounts and API keys, send notifications, provide support, satisfy legal and accounting obligations, enforce terms, and improve reliability.

3. Sharing

Data may be shared with service providers, cloud infrastructure, payment partners, fraud and compliance vendors, auditors, professional advisers, regulators, law enforcement, or counterparties where needed to complete a transaction, comply with law, investigate risk, or protect rights and safety.

4. Security and Retention

NasPay applies access controls, encryption, audit logging, token revocation, operational monitoring, and role-based admin permissions. Records are retained as long as necessary for service delivery, disputes, chargebacks, audits, tax, accounting, fraud prevention, sanctions compliance, and legal obligations.

5. Account Closure and Deletion

Closing a merchant account disables access and PSP processing but does not immediately erase records. NasPay keeps merchant, transaction, payout, refund, webhook, and audit records where needed for compliance, fraud prevention, dispute handling, and financial reporting.

6. Your Choices

You may request access, correction, export, restriction, or deletion where applicable law provides those rights. Some records cannot be deleted immediately because financial services require retention. Contact privacy@naspay.io.