Privacy Policy

Last updated: April 14, 2026

1. Information We Collect

GroundedPay collects the following information in the course of providing our Service:

• Account Information: Email address, business name, and password (stored as a salted hash) when you register as a merchant.
• Wallet Addresses: Ethereum addresses and/or Bitcoin extended public keys that you provide for receiving payments.
• Transaction Data: Payment amounts, cryptocurrency types, transaction hashes, payment statuses, and timestamps associated with payments processed through the Service.
• Usage Data: IP addresses, browser type, pages visited, and access times collected automatically when you interact with the Service.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Service Provision: To process payments, derive payment addresses, monitor transactions, and provide the core functionality of the platform.
• Account Management: To authenticate your identity, manage your merchant account, and communicate service-related updates.
• Customer Support: To respond to your inquiries, troubleshoot issues, and provide technical assistance.
• Analytics: To understand how the Service is used, identify trends, and improve our platform.
• Security: To detect and prevent fraud, abuse, and unauthorized access.
• Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Third-Party Services

GroundedPay integrates with the following third-party services that may process your data according to their own privacy policies:

• NOWPayments: Used for multi-cryptocurrency payment processing. Payment amounts, wallet addresses, and transaction details may be shared. See NOWPayments Privacy Policy.
• Coinbase: Used for fiat on-ramp services. Transaction and wallet data may be shared. See Coinbase Privacy Policy.

4. Data Sharing

We do not sell, rent, or trade your personal information to third parties for marketing purposes. We may share your information only in the following circumstances:

• With third-party service providers as described above, solely to facilitate payment processing.
• When required by law, regulation, subpoena, or court order.
• To protect the rights, safety, or property of GroundedPay, our users, or the public.
• In connection with a merger, acquisition, or sale of assets, with appropriate notice.

5. Data Retention

We retain your account information for as long as your account remains active. Transaction data is retained for a minimum of five (5) years to comply with financial record-keeping requirements. You may request deletion of your account by contacting us, subject to our legal retention obligations.

6. Data Security

We implement reasonable technical and organizational measures to protect your information, including encrypted storage of sensitive credentials, secure password hashing, and access controls. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Cookies

GroundedPay uses minimal cookies. We do not use third-party advertising or tracking cookies. Cookies used are limited to:

• Essential Cookies: Required for authentication and session management.
• Analytics Cookies: Used to understand usage patterns and improve the Service. These can be disabled in your browser settings.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data, subject to legal retention requirements.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing of your data in certain circumstances.

9. CCPA (California Residents)

If you are a California resident, you have the right to know what personal information we collect, request deletion of your data, and opt out of the sale of your personal information. As stated above, we do not sell personal information. To exercise your rights, contact us at support@groundedpay.com.

10. GDPR (European Residents)

If you are located in the European Economic Area (EEA), we process your personal data based on legitimate interests (providing the Service), contractual necessity, and legal obligations. You have rights under the GDPR including access, rectification, erasure, restriction, and data portability. To exercise these rights or lodge a complaint, contact us or your local data protection authority.

11. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 18, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or through the Service. The "Last updated" date at the top of this page indicates when the policy was last revised.

13. Contact

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at support@groundedpay.com.