Privacy Policy

convegrepay collects personal information that you voluntarily provide when you create a merchant account, submit a contact form, subscribe to our communications, or interact with our services. This information may include your full name, email address, phone number, business name, business address, tax identification number, bank account details for settlement purposes, and website URL. We also automatically collect certain technical data when you visit our website, including your IP address, browser type and version, operating system, referring URLs, pages viewed, time spent on pages, and click patterns. When you process transactions through our platform, we collect transaction-related data such as payment amounts, card type, and transaction timestamps. We may also collect information from third-party sources such as credit bureaus and identity verification services as part of our merchant underwriting and compliance processes. All data collection is conducted in accordance with applicable data protection laws and is limited to what is necessary for the purposes described in this policy.

We use the personal information we collect for several important purposes. Primarily, we use your data to provide, maintain, and improve our payment processing services, including processing transactions, settling funds to your bank account, detecting and preventing fraud, and managing your merchant account. We also use your information to communicate with you about your account, respond to your inquiries, provide technical support, and send important service-related notifications such as security alerts and system updates. With your consent, we may use your contact information to send marketing communications about new features, promotions, and industry insights that may be relevant to your business. We use aggregated and anonymized data for analytics purposes to understand usage patterns, improve our platform performance, and develop new features. We may also use your information to comply with legal obligations, enforce our terms of service, and protect the rights, property, and safety of convegrepay, our merchants, and the public.

Your personal data is stored on secure servers located in the United States, hosted by reputable cloud infrastructure providers that maintain SOC 2 Type II certifications and comply with industry-standard security frameworks. We retain your personal information for as long as your merchant account remains active or as needed to provide you with our services. After account closure, we may retain certain data for a period necessary to comply with legal obligations, resolve disputes, enforce our agreements, and meet regulatory requirements in the payment processing industry. Transaction records are typically retained for a minimum of seven years in accordance with financial record-keeping regulations. All stored data is encrypted at rest using AES-256 encryption, and we implement strict access controls to ensure that only authorized personnel can access personal information on a need-to-know basis. We regularly review our data retention practices to ensure we are not holding personal information longer than necessary.

Depending on your jurisdiction, you may have certain rights regarding your personal data under applicable data protection laws such as the GDPR, CCPA, or other regional privacy regulations. These rights may include the right to access the personal information we hold about you, the right to request correction of inaccurate or incomplete data, the right to request deletion of your personal data (subject to legal retention requirements), the right to restrict or object to certain processing activities, the right to data portability in a structured and machine-readable format, and the right to withdraw consent for processing activities based on consent. To exercise any of these rights, please contact us at [email protected] with a detailed description of your request. We will verify your identity before processing any request and aim to respond within 30 days. Please note that certain rights may be limited where we have a legitimate business reason or legal obligation to continue processing your data.

In the course of providing our payment processing services, we may share your personal information with trusted third-party service providers who assist us in operating our platform and delivering our services. These third parties include payment network operators such as Visa and Mastercard, acquiring banks and financial institutions, fraud detection and identity verification providers, cloud hosting and infrastructure providers, email and communication service providers, and analytics platforms. We require all third-party service providers to enter into data processing agreements that obligate them to protect your personal information in accordance with this Privacy Policy and applicable data protection laws. We do not sell your personal information to third parties for their own marketing purposes. We may also disclose your information to law enforcement agencies, regulatory bodies, or other parties when required by law or when we believe disclosure is necessary to protect our rights, investigate fraud, or ensure the safety of our users.

convegrepay implements comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. As a PCI DSS Level 1 certified service provider, we adhere to the most stringent security standards in the payment industry. Our security measures include 256-bit SSL/TLS encryption for all data in transit, AES-256 encryption for data at rest, tokenization of sensitive cardholder data, multi-factor authentication for system access, regular vulnerability scanning and penetration testing conducted by independent security firms, 24/7 monitoring by our security operations center, employee security awareness training programs, and strict physical access controls at our data center facilities. Despite these robust measures, no method of electronic transmission or storage is completely secure. We continuously evaluate and improve our security practices to address emerging threats and vulnerabilities. In the unlikely event of a data breach, we will notify affected individuals and relevant authorities in accordance with applicable notification laws.

convegrepay's services are designed for use by businesses and their authorized representatives who are at least 18 years of age. We do not knowingly collect, use, or disclose personal information from children under the age of 13 (or the applicable age of consent in your jurisdiction). Our website and payment platform are not directed at children, and we do not intentionally target or market our services to minors. If we become aware that we have inadvertently collected personal information from a child under the applicable age threshold, we will take immediate steps to delete that information from our systems. If you are a parent or guardian and believe that your child has provided personal information to convegrepay without your consent, please contact us immediately at [email protected] so that we can take appropriate action to remove the data.

convegrepay reserves the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes to this policy, we will notify you by posting the updated policy on our website with a revised 'Last Updated' date, and for significant changes, we may also provide additional notice via email to the address associated with your merchant account or through a prominent banner on our website. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information. Your continued use of our services after any changes to this policy constitutes your acceptance of the updated terms. If you disagree with any changes, you may close your account by contacting our support team. The previous version of this policy will remain available upon request for your reference.