Information We Collect

Account Information: When you create an account, we collect your name, email address, company name, and contact information.
Payment Information: We collect payment card details and billing information to process transactions. Card data is tokenized and stored securely by our PCI-compliant payment processors.
Transaction Data: We collect information about transactions processed through our platform, including amounts, currencies, timestamps, and payment methods.
Usage Data: We automatically collect information about how you interact with our services, including IP addresses, browser type, pages visited, and feature usage.
Communications: We retain records of your communications with our support team and any feedback you provide.

How We Use Your Information

Provide Services: To process payments, payouts, and other financial services you request.
Improve Our Platform: To analyze usage patterns and improve our products and services.
Security & Fraud Prevention: To detect, prevent, and respond to fraud, unauthorized access, and other illegal activities.
Compliance: To meet our legal and regulatory obligations, including KYC/AML requirements.
Communications: To send you service updates, security alerts, and marketing communications (with your consent).

Service Providers: We share data with trusted third parties who help us operate our platform, including payment processors, cloud providers, and analytics services.
Financial Partners: We share transaction data with banks and payment networks as necessary to process your transactions.
Legal Requirements: We may disclose information when required by law, court order, or government request.
Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
We never sell your personal information to third parties for marketing purposes.

We implement industry-leading security measures to protect your data, including:
Encryption of data at rest (AES-256) and in transit (TLS 1.3)
PCI DSS Level 1 compliance for payment card data
SOC 2 Type II certified security controls
Regular security audits and penetration testing
Multi-factor authentication and role-based access controls

We retain your personal information for as long as necessary to provide our services and comply with legal obligations.
Transaction records are retained for 7 years to meet regulatory requirements.
You may request deletion of your account and associated data at any time, subject to legal retention requirements.

Access: Request a copy of the personal information we hold about you.
Correction: Request correction of inaccurate or incomplete information.
Deletion: Request deletion of your personal information, subject to legal requirements.
Portability: Request a machine-readable copy of your data.
Objection: Object to processing of your data for certain purposes.
To exercise these rights, contact us at privacy@sahmtech.com.

We operate globally and may transfer your data to countries outside your country of residence.
We ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions.
For EU residents, we comply with GDPR requirements for international data transfers.

If you have questions about this Privacy Policy or our data practices, please contact us:
Email: privacy@sahmtech.com
Address: Sahm Inc., 123 Financial District, San Francisco, CA 94111, United States