This interim page signals topics modern privacy notices cover until bespoke language ships.
Who this applies to
Merchants integrating TOTOPAY, their end customers, authenticated dashboard users, and prospects browsing marketing properties—each interacts with subsets of processing activities.
Controllers vs processors distinctions must be articulated with your counsel when data crosses entities or subprocessors.
Categories of personal data
Typically account registration data, billing artifacts, telemetry (IPs, device hints), communications metadata, webhook payloads referencing customer handles, transaction references—but finalize inventory with DPIAs.
Crypto addresses may be pseudonymous yet linkable—treat combined datasets according to prevailing regulatory guidance.
Purposes & lawful bases
Deliver core payment services, authenticate API traffic, mitigate fraud, satisfy accounting or regulatory asks, analyze reliability, communicate service updates—the precise lawful basis matrix depends on geography.
Marketing or analytics extras warrant explicit thresholds (consent vs legitimate interest assessments).
Retention & subprocessors
Define TTL policies for ledger artifacts, logs, backups, deleted-account tombstones—document restoration paths for litigation holds.
Subprocessor transparency (cloud hosts, observability stacks, messaging vendors) belongs in annexes alongside transfer mechanisms such as SCCs.
Your rights
Depending on geography, subjects may invoke access, rectification, portability, objection, deletion—establish identity-verification flows before honoring sensitive requests.
Describe appeal channels when merchants disagree with outcomes.
Last updated: April 2026
This page is provided for general information only and does not constitute legal advice. Replace this text with counsel-reviewed language before production launch.