paybondpaybond
Sign in

Legal

Paybond Privacy Policy

Effective May 26, 2026
This policy explains how Paybond handles account, billing, operator, support, website analytics, and tenant-scoped product data.
Effective: May 26, 2026Last updated: June 2, 2026

1. Scope and roles

This Privacy Policy applies to Paybond public websites, self-serve signup, hosted console, APIs, SDKs, product workflows, support, billing, and related services. "Paybond" means the Paybond entity identified in your order form, invoice, or other contracting record.

Paybond is generally the controller for account, website, billing, support, and service operations data. For tenant-submitted workflows, evidence, operator records, identity-provider settings, settlement configuration, and other customer content, Paybond processes that data to provide the service under the customer's instructions and applicable agreement.

Tenant isolation

Paybond designs its service so tenant scope is derived from authenticated credentials. Client-sent tenant identifiers are not the source of truth for authorization.

2. Data we collect

CategoryExamples
Account and organization dataName, work email, organization name, workspace realm, plan, role, signup status, and account settings.
Authentication and operator dataLogin identifiers, session metadata, role and permission assignments, API key metadata, SSO or SCIM configuration, trusted agent keys, support-session audit fields, and console activity needed to run tenant-scoped access controls.
Tenant configuration and product dataBusiness configuration, settlement rail choices, linked Stripe destination status, x402 Base receive address configuration, identity-provider settings, policy versions, dispute records, evidence references, signed mandate imports, receipts, ledger provenance, audit exports, and related workflow records.
Billing and commercial dataPlan selection, subscription status, Stripe customer, subscription, invoice, checkout, portal, and billing identifiers, usage records, and billing communications.
Support and communicationsMessages, troubleshooting context, attachments you provide, contact-sales requests, operational notices, and incident follow-up.
Website and analytics dataPublic page path, referrer, landing page, UTM fields, ad click identifiers such as gclid or fbclid when present in the URL, call-to-action label and destination, viewport and screen dimensions, language, timezone, cookie and browser context, visitor ID, session ID, user agent, source IP, approximate country or routing metadata from security providers, and bot/device classification.
Security, logs, and telemetryRequest IDs, tenant identifiers, timestamps, authentication and session events, rate-limit signals, webhook delivery status, structured service logs, traces, and incident records.

3. Sources of data

  • You and your authorized operators when you create accounts, configure workspaces, submit product data, or contact Paybond.
  • Your organization, identity provider, SCIM provisioner, trusted agent keys, SDK or API clients, and other tenant-directed systems.
  • Payment, settlement, and billing providers such as Stripe, and supported settlement rail providers such as Coinbase CDP Payments when those rails are enabled.
  • Public website, console, API, browser, network, and infrastructure logs generated when you use Paybond.

4. How we use data

  • Provide, secure, maintain, and improve Paybond services, including signup, billing, authentication, SSO, SCIM, policy workflows, disputes, settlement lifecycle operations, Signal records, audit exports, and support.
  • Enforce tenant isolation, authenticate operators, prevent cross-tenant access, detect abuse, investigate security incidents, and preserve auditability.
  • Process subscriptions, invoices, plan changes, usage records, tax and accounting records, and contract-managed exceptions.
  • Operate public analytics for product, marketing, reliability, and conversion measurement without exposing one tenant's workflows to another tenant.
  • Comply with law, enforce agreements, respond to lawful requests, and protect the rights, safety, and security of Paybond, customers, operators, and third parties.

Where law requires a specific legal basis, Paybond relies on contract performance, legitimate interests in operating and securing the service, compliance with legal obligations, consent where required, and the customer's instructions for customer-controlled product data.

5. Cookies and public analytics

Paybond uses first-party cookies and browser storage to run sessions, remember temporary login and SSO state, measure public page requests, and understand public call-to-action activity. Session cookies are protected from browser scripts where they hold access or refresh material. Public analytics uses a first-party visitor cookie named pb_vid and session storage keys for session, landing page, and initial referrer context.

Paybond's public website analytics are intended for public marketing, documentation, and legal pages. They are not intended to record private console workflows, authentication steps, account recovery flows, API requests, or static asset requests.

More detail is available in the Cookies & Analytics Notice.

6. Sharing and subprocessors

Paybond does not sell personal information. Paybond does not use one tenant's private workflows to expose another tenant's workflows, and Paybond does not use customer content to train foundation models unless a separate agreement expressly permits that use.

  • Service providers and subprocessors that host, secure, operate, bill, email, or support Paybond.
  • Payment and settlement providers where needed to process subscriptions, invoices, webhook events, settlement states, chargebacks, refunds, or rail-specific operations.
  • Customer-directed identity providers, SCIM provisioners, observability systems, or integrations configured by your organization.
  • Professional advisors, auditors, counterparties in a corporate transaction, or authorities when required by law, legal process, or security response.

The current public list is available at Subprocessors.

7. Retention

Paybond retains personal data for as long as needed to provide the service, satisfy legal and accounting obligations, preserve ledger and audit integrity, resolve disputes, investigate incidents, enforce agreements, and maintain security. Retention periods vary by data type and customer agreement.

Data typeGeneral retention approach
Account and billing recordsRetained while the account or commercial relationship is active and as needed for tax, accounting, contract, and dispute obligations.
Ledger, receipts, audit exports, disputes, and settlement recordsRetained as needed to preserve replayable product history, auditability, payment and dispute records, and customer obligations.
Session and authentication recordsRetained for operational security, account recovery, incident investigation, and abuse prevention.
Public analytics visitor cookieThe first-party visitor cookie is configured for up to one year unless deleted earlier by the browser or user.
Support communicationsRetained while needed to answer the request, maintain account history, improve support quality, and satisfy legal obligations.

8. Security

Paybond uses technical and organizational safeguards designed for a multi-tenant service: authenticated tenant scope, role-based access, httpOnly console session cookies, short-lived tokens, refresh rotation, signed audit bundles, structured logging, provider-managed secret storage, and operational controls for elevated support access.

No service can guarantee absolute security. Customers are responsible for safeguarding their own operator credentials, tenant configuration, IdP settings, API keys, trusted agent keys, settlement destinations, and systems that call Paybond APIs.

9. International transfers

Paybond may process and store data in the United States and other locations where Paybond, its affiliates, or subprocessors operate. If applicable law requires transfer safeguards, Paybond uses appropriate contractual and operational measures in customer agreements or data processing terms.

10. Your rights and choices

Depending on where you live and how you use Paybond, you may have rights to request access, correction, deletion, portability, restriction, objection, or appeal of a privacy decision. Authorized agents may submit requests where law permits. Paybond will verify requests before acting on them.

  • Privacy requests: [email protected].
  • Contract, DPA, or formal notice requests: [email protected].
  • Public analytics choices: delete or block cookies and local/session storage in your browser, use browser privacy controls, or contact Paybond for assistance with analytics data tied to a visitor ID.
  • Workspace data requests: contact your organization admin first when Paybond processes the data on behalf of your organization.

11. Children

Paybond is a business service and is not directed to children. Do not use Paybond to knowingly submit personal data about children unless your organization has a lawful basis and the relevant customer agreement permits that use.

12. Changes and contact

Paybond may update this Privacy Policy as the service, subprocessors, analytics, or legal requirements change. Material changes will be reflected by updating the effective or last-updated date and, where appropriate, by providing additional notice through the service, contract record, or email.

Privacy questions should go to [email protected]. Legal notices should go to [email protected] or the notice address stated in your order form or invoice.