PaylioBack to home

Privacy Policy

Last updated: February 28, 2025

At Paylio, your privacy matters to us. This Privacy Policy explains what information we collect, why we collect it, how we use it, and the choices you have. It applies to your use of the Paylio platform, website at paylio.pro, APIs, SDKs, and related services (the "Service").

By using the Service, you agree to the collection and use of information as described in this policy.

1. Information We Collect

Information you provide

  • Account information. When you create an account, we collect your name, email address, and authentication credentials (managed through our authentication provider).
  • Billing information. If you subscribe to a paid plan, we collect payment details through our payment processor. We do not store full credit card numbers on our servers.
  • Project and plan data. Configuration data you create in the Service, such as subscription plans, pricing rules, entitlement definitions, and gateway settings.
  • Support communications. Messages you send to us through email or our in-app chat.

Information collected automatically

  • Usage data. We collect data about how you interact with the Service, including pages visited, features used, API call volumes, and session duration.
  • Device and browser data. Browser type, operating system, screen resolution, and language preference.
  • IP address. Used for security, analytics, and approximate geographic location.
  • Cookies and similar technologies. We use cookies for authentication, preferences, and analytics. See Section 6 for details.

Information from third parties

  • Authentication providers. If you sign in with Google or another provider, we receive your name, email, and profile image from that service.
  • Payment providers. We receive transaction confirmations and subscription status updates from Stripe and Razorpay.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Process your subscription payments and manage your account.
  • Send transactional emails (account verification, payment receipts, security alerts).
  • Respond to your support requests and provide customer service.
  • Improve the Service through usage analytics and feedback.
  • Detect and prevent fraud, abuse, and security incidents.
  • Comply with legal obligations.

We do not sell your personal information to third parties. We do not use your data for advertising.

3. How We Share Your Information

We share your information only in the following limited circumstances:

  • Service providers. We use third-party services to help operate the platform (hosting, email delivery, analytics, payment processing). These providers only access your data to perform tasks on our behalf and are contractually obligated to protect it.
  • Payment providers. Transaction data is shared with Stripe and/or Razorpay to process payments. Their use of your data is governed by their own privacy policies.
  • Legal requirements. We may disclose your information if required by law, legal process, or a government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers. If Paylio is acquired or merged with another company, your data may be transferred as part of that transaction. We will notify you before your data is subject to a different privacy policy.

4. Your End Customers' Data

When you use Paylio to manage subscriptions for your own customers, you act as the data controller for your customers' data. Paylio processes this data on your behalf (as a data processor) solely to provide the Service.

The end-customer data we process on your behalf typically includes email addresses, subscription status, and payment identifiers provided by your payment gateway. We do not access, share, or use your customers' data for any purpose other than delivering the Service to you.

You are responsible for obtaining any necessary consents from your end customers and for complying with applicable data protection laws in your jurisdiction.

5. Data Retention

We retain your account data for as long as your account is active. After account deletion, we may retain certain data for a reasonable period to comply with legal obligations, resolve disputes, or enforce our Terms of Service.

Usage logs and analytics data are retained in aggregate form and are not linked to individual accounts after deletion.

6. Cookies and Tracking

We use the following types of cookies:

  • Essential cookies. Required for authentication and core functionality. You cannot opt out of these.
  • Analytics cookies. We use Google Analytics and Microsoft Clarity to understand how visitors use the site. These tools collect anonymous usage data. You can opt out through your browser settings or through the respective opt-out tools provided by Google and Microsoft.

We do not use advertising cookies or tracking pixels for targeted advertising.

7. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption of data in transit (TLS) and at rest.
  • Secure authentication with token-based sessions.
  • Regular security reviews and dependency updates.
  • Access controls limiting employee access to production data.

No system is completely secure. If you discover a security vulnerability, please report it to support@paylio.pro and we will investigate promptly.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access. Request a copy of the personal data we hold about you.
  • Correction. Request that we correct inaccurate or incomplete data.
  • Deletion. Request that we delete your personal data, subject to legal retention requirements.
  • Data portability. Request your data in a structured, machine-readable format.
  • Objection. Object to certain types of processing.

To exercise any of these rights, contact us at support@paylio.pro. We will respond within 30 days.

9. International Data Transfers

Paylio's infrastructure is hosted on cloud providers with data centers in multiple regions. Your data may be transferred to and processed in countries other than the one where you reside. We ensure appropriate safeguards are in place for such transfers in compliance with applicable data protection laws.

10. Children's Privacy

The Service is not directed at children under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through a prominent notice on the Service at least 30 days before the changes take effect.

We encourage you to review this page periodically for the latest information about our privacy practices.

12. Contact

If you have questions or concerns about this Privacy Policy or how we handle your data, contact us at: