Privacy Policy

Effective date: March 20, 2026

Last updated: March 20, 2026

Your privacy matters to us. This Privacy Policy explains what personal data Paysker collects, how we use and protect it, and what rights you have. Please read it carefully.

1. Introduction

Paysker LLC ("Paysker", "we", "us", or "our") is a Delaware limited liability company with its principal office at 8 The Green, Suite A, Dover, Delaware 19901, United States. We operate the Paysker platform at https://paysker.com (the "Service").

This Privacy Policy describes the personal data we collect when you use Paysker, how we use it, with whom we share it, how we protect it, and your rights in relation to it. It applies to all users of the Service globally, including users located in the European Union and European Economic Area (EEA) whose data processing is subject to the General Data Protection Regulation (GDPR), California residents whose rights are protected by the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA), and Australian residents whose data is subject to the Australian Privacy Act 1988.

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you have any questions, please contact us at [email protected].

2. Data We Collect

We collect the following categories of personal data when you use the Service:

Account data

When you register, we collect your name, username, email address, and phone number. This information is required to create and manage your account.

Profile data

Information you voluntarily provide for your public profile, including a bio, profile photo, professional title, and personal website URL.

Payment data

Payment transactions are processed by Stripe, Inc. Paysker does not collect or store your full payment card details. Stripe stores payment card data in accordance with PCI DSS standards. We receive and store limited payment metadata from Stripe, such as a truncated card number (last four digits), card brand, payment intent IDs, and transaction amounts.

Message data

Message content you send and receive through the Service, including text, images, and other attachments. Conversation history is retained while your account is active and for a reasonable period thereafter.

Transaction data

Records of payments made and received through the Service, including amounts, dates, transaction types, and associated offer details.

Identity verification data (Creators only)

Creators wishing to withdraw earnings must complete identity verification. This verification is conducted by Stripe using government-issued ID documents. Paysker never stores government ID documents. Document images are transmitted directly to and stored by Stripe in accordance with their privacy policy. We receive from Stripe only the verification outcome (pass/fail) and a document reference ID.

Device and usage data

We collect technical information when you use the Service, including your IP address, browser type and version, device type, operating system, referring URLs, pages visited, and timestamps of your interactions with the Service. This information is used for security, fraud detection, and operational monitoring.

Communications

If you contact us by email or through the in-app support feature, we retain records of those communications to assist you and improve our Service.

3. How We Use Your Data

We use your personal data for the following purposes:

To provide and operate the Service: including creating and managing your account, facilitating messaging between users, and processing payments.
To process payments: we share necessary payment data with Stripe to process transactions, hold payments safely until replies are confirmed, and facilitate Creator payouts.
To verify Creator identity: to comply with financial regulations and anti-money laundering requirements, we facilitate identity verification for Creators via Stripe.
To send transactional communications: including payment confirmations, message notifications, payout alerts, and other service-related emails. These are necessary for the operation of the Service and cannot be opted out of while you have an active account.
To respond to support requests: we use your account and communication data to help resolve issues and answer questions.
To detect and prevent fraud and abuse: we analyse usage patterns, IP addresses, and other signals to identify and prevent fraudulent activity, policy violations, and security threats.
To comply with legal obligations: including financial reporting requirements, law enforcement requests, tax obligations, and responses to valid legal process.
Marketing communications: we will only send you marketing or promotional emails with your explicit prior consent. You may withdraw consent at any time by clicking "unsubscribe" in any marketing email or by contacting us at [email protected].

Legal bases for processing (GDPR). For users in the EU/EEA, our legal bases for processing personal data are: (a) performance of a contract (to provide the Service to you); (b) compliance with a legal obligation; (c) our legitimate interests (fraud prevention, security, improving the Service); and (d) your consent (marketing communications).

4. Data Sharing

We do not sell your personal data to third parties. We do not share your personal data for advertising or marketing purposes by third parties. We share your data only in the following limited circumstances:

Service Provider	Purpose
Stripe, Inc.	Payment processing, saved card management, Creator payouts, and identity verification. Stripe is PCI DSS compliant.
Supabase, Inc.	Secure database hosting, authentication, and file storage. All data is encrypted at rest and in transit.
Vercel, Inc.	Hosting and serving the Paysker web application.
Resend, Inc.	Transactional email delivery (receipts, notifications, and account communications).

Each of these service providers processes your data only on our behalf, under written data processing agreements that restrict their use of your data to the specific services they provide to us.

Law enforcement and legal process. We may disclose your personal data to law enforcement agencies, government authorities, or other third parties when required by law, court order, or other valid legal process, or when we reasonably believe disclosure is necessary to protect the rights, property, or safety of Paysker, our users, or the public.

Business transfers. In the event of a merger, acquisition, or sale of all or substantially all of Paysker's assets, your data may be transferred as part of that transaction. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

5. Data Storage and Security

Storage. Your personal data is stored securely via Supabase, Inc. on servers located in the United States. Supabase employs industry-standard security controls including encryption at rest and strict access controls.

Encryption in transit. All data transmitted between your browser or device and our Service is encrypted using HTTPS (TLS). We do not transmit personal data over unencrypted channels.

Payment data security. All payment card data is handled exclusively by Stripe, which maintains PCI DSS Level 1 compliance. Paysker never transmits, stores, or processes raw card numbers.

Access controls. Access to personal data is restricted to Paysker staff and contractors who need it to perform their job functions. All access is subject to strict authentication and authorisation controls.

Data retention. We retain your personal data for as long as your account is active, and for a reasonable period thereafter to allow for account reinstatement and to resolve any outstanding issues. Specific retention periods:

Financial records (transaction data, payment records, ledger entries): retained for a minimum of 7 years from the date of the transaction, as required by applicable financial and tax regulations.
Account and profile data: deleted or anonymised within 90 days of account deletion request, subject to legal retention obligations.
Message data: retained while your account is active; subject to anonymisation upon account deletion.
Device and usage logs: retained for up to 12 months for security and fraud detection purposes.

Security incidents. Despite our efforts, no security system is impenetrable. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and, where required, the relevant supervisory authority, in accordance with applicable law.

6. Your Rights

GDPR rights (EU / EEA users)

If you are located in the European Union or European Economic Area, you have the following rights in relation to your personal data:

Right of access: you may request a copy of the personal data we hold about you.
Right to rectification: you may request correction of any inaccurate or incomplete personal data.
Right to erasure ("right to be forgotten"): you may request deletion of your personal data. This right is subject to legal retention obligations. You can initiate account deletion via Settings → Data & Privacy.
Right to data portability: you may request your personal data in a structured, machine-readable format. You can download a copy of your data via Settings → Download my data.
Right to restrict processing: in certain circumstances you may request that we restrict the processing of your personal data.
Right to object: you may object to the processing of your personal data where we rely on legitimate interests as the legal basis.
Rights related to automated decision-making: we do not make solely automated decisions that produce legal or similarly significant effects about you.
Right to lodge a complaint: you have the right to lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated. The lead supervisory authority for Paysker is the Delaware Department of Justice / Federal Trade Commission (US), but EU users may also contact their national supervisory authority.

CCPA / CPRA rights (California residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act / California Privacy Rights Act:

Right to know: you may request disclosure of the categories of personal information we collect, the purposes for which we use it, and the categories of third parties with whom we share it.
Right to delete: you may request deletion of your personal information, subject to certain exceptions.
Right to correct: you may request correction of inaccurate personal information we maintain about you.
Right to opt out of sale or sharing: Paysker does not sell your personal information and does not share your information for cross-context behavioural advertising. There is nothing to opt out of in this regard.
Right to limit use of sensitive personal information: you may request that we limit the use of sensitive personal information to purposes necessary to provide the Service.
Right to non-discrimination: we will not discriminate against you for exercising your CCPA rights.

To exercise your California rights, please contact us at [email protected]. We will respond within 45 days as required by the CCPA.

Australian Privacy Act rights (Australian residents)

If you are an Australian resident, the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) apply to our handling of your personal information. You have the following rights:

Right to access: you may request access to the personal information we hold about you.
Right to correction: you may request correction of personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading.
Right to complain: you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au if you believe we have breached the APPs. We ask that you contact us first at [email protected] to give us an opportunity to address your concern.

To exercise any of the rights described above, please contact us at [email protected]. We will respond to all verified requests within 30 days. We may need to verify your identity before processing your request.

7. Cookies and Tracking

Essential cookies only. Paysker uses cookies solely for authentication purposes — to maintain your logged-in session securely between page loads. These are strictly necessary cookies and cannot be disabled without preventing you from using the Service.

No advertising or tracking cookies. We do not use advertising cookies, marketing pixels, or behavioural tracking technologies. We do not build advertising profiles based on your activity on Paysker.

No cross-site tracking. We do not use any third-party analytics services that track your behaviour across other websites. Our usage analytics (if any) are limited to aggregate, non-identifiable operational metrics.

You can manage cookies through your browser settings. Note that disabling all cookies will prevent you from logging in to Paysker.

8. Children's Privacy

Paysker is a platform strictly intended for users who are 18 years of age or older. We do not knowingly collect, solicit, or maintain personal data from anyone under the age of 18.

If we become aware that we have collected personal data from a person under the age of 18, we will immediately terminate that account, delete the associated personal data, and, where applicable, issue any refunds due.

If you are a parent or guardian and believe that your child has provided us with personal data without your consent, please contact us immediately at [email protected].

9. International Data Transfers

Paysker is based in the United States. When you use our Service, your personal data may be transferred to, stored in, and processed in the United States or in other countries where our service providers (including Stripe, Supabase, Vercel, and Resend) operate.

These countries may have different data protection laws from your home country. We ensure all international transfers comply with applicable data protection laws through the following safeguards:

EU / EEA users: where we transfer personal data from the EU/EEA to third countries, we rely on appropriate safeguards including the European Commission's Standard Contractual Clauses (SCCs), adequacy decisions, or other lawful transfer mechanisms under Chapter V of the GDPR.
Australian users: we ensure international transfers of personal information comply with the Australian Privacy Principles, including Australian Privacy Principle 8 regarding cross-border disclosure.
All our service providers are contractually required to maintain appropriate technical and organisational measures to protect your personal data and to process it only in accordance with our instructions.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes — changes that significantly affect how we use your data or your rights — we will provide advance notice via email to the address associated with your account.

Your continued use of the Service after the effective date of any updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with the updated policy, you must stop using the Service.

11. Contact and Data Requests

For all privacy-related enquiries, data access requests, data deletion requests, or complaints, please contact us:

Paysker LLC — Privacy

8 The Green, Suite A

Dover, Delaware 19901

United States

Email: [email protected]

Website: https://paysker.com

We aim to respond to all privacy requests within 30 days of receipt. In some cases, particularly for complex requests, we may require up to an additional 30 days, in which case we will notify you of the extension and the reason for the delay.

To verify your identity before processing a data access or deletion request, we may ask you to confirm information associated with your account.