← PayToowe

Privacy Policy

Version 1.0 · Effective June 7, 2026

This Privacy Policy explains how PayToowe ("we", "us") collects, uses, and shares information about you when you use our Service.

1. Information We Collect

You provide directly

  • Account information: name, email address, password, profile photo.
  • Agreement information: counterparty name and email, loan amounts, dates, interest rates, notes, payment history.
  • Communications: messages you send through the platform, support inquiries.
  • Payment information: collected and stored by our payment processor (Stripe). We receive limited transaction metadata.

Collected automatically

  • Device and log data: IP address, browser type, operating system, pages viewed, timestamps.
  • Cookies and similar technologies for authentication, preferences, and analytics.
  • Trust Score signals derived from your platform activity.

2. How We Use Information

  • To operate, maintain, and improve the Service.
  • To process payments and platform fees through Stripe.
  • To send transactional emails (agreement invites, payment receipts, reminders) and, with your consent, product updates.
  • To calculate and display Trust Scores.
  • To detect, prevent, and respond to fraud, abuse, and security incidents.
  • To comply with legal obligations and enforce our Terms.

3. How We Share Information

  • With your counterparty: agreement details, your name, and your email are shared with the user you transact with.
  • Service providers: Stripe (payments), Supabase (database and authentication), Resend (email delivery), and analytics providers — bound by contractual confidentiality.
  • Legal: when required by law, court order, or to protect rights, safety, or property.
  • Business transfers: in connection with a merger, acquisition, or sale of assets.

We do not sell your personal information.

4. Data Retention

We retain account and agreement records while your account is active and for as long as needed to comply with legal, tax, and audit obligations (typically up to 7 years after account closure for financial records). Aggregated, de-identified data may be retained indefinitely.

5. Your Rights

Depending on your jurisdiction (including under GDPR, UK GDPR, and the CCPA/CPRA), you may have the right to access, correct, delete, port, or restrict processing of your personal data, and to object to certain uses. Email privacy@paytoowe.com to exercise these rights. We will verify your identity before responding.

6. Security

We use industry-standard safeguards including encryption in transit (TLS), encryption at rest, row-level security on database tables, and authenticated API access. No system is perfectly secure; you are responsible for keeping your password confidential.

7. International Transfers

Your data may be processed in countries other than your own, including the United States. We rely on standard contractual clauses and other lawful transfer mechanisms where required.

8. Children

The Service is not directed to children under 18 and we do not knowingly collect information from them.

9. Changes

We may update this Policy. Material changes will be notified in-app or by email.

10. Contact

privacy@paytoowe.com