Privacy notice

ZONIPAY LLC (“Zonipay”, “we”), a New York-registered company with mailing address at 54 State Street, Ste 804 #16565, Albany, NY 12207 (EIN 98-1919082), is the controller for the personal data we collect when you use our website, dashboard and APIs. We process data in accordance with applicable US state privacy laws (including the CCPA/CPRA) and, for EU/UK residents, the GDPR.

1. Data we collect

Account data (name, email, role), business data (legal entity, EIN/TIN, beneficial owners collected for BSA/AML KYC), payment data (only what is required to process and reconcile transactions, never raw PAN — the Vault stores network tokens), telemetry (IP, UA, request IDs, latency).

2. Why we process it

To execute the merchant agreement, comply with our obligations to card networks and to FinCEN under the Bank Secrecy Act, prevent fraud (legitimate interest), and improve the platform.

3. Retention

Transactional records: 5 years (BSA recordkeeping). Account data: until termination + 24 months. Telemetry: 90 days.

4. Your rights

Access, correction, deletion, portability, opt-out of sale/sharing (we do not sell personal data). Email privacy@zonipay.io. California residents may exercise CCPA rights; EU/UK residents may lodge a complaint with their supervisory authority.