Direct Connect Pay
← Back to home

Privacy Policy

Last updated: June 16, 2026

Direct Connect Pay (“DCP,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our website, merchant dashboard, mobile applications, and APIs (collectively, the “Services”).

1. Information we collect

Merchant account information

When you register or onboard as a merchant, we may collect:

  • Business name and contact email
  • Webhook endpoint URLs and integration configuration
  • API usage metadata (request timestamps, IP addresses, error logs)
  • KYC verification status when enabled by an administrator

Payment and transaction data

DCP operates a non-custodial payment flow. We process invoice metadata such as amounts, currencies, blockchain addresses, destination tags, transaction hashes, and payment status. We do not collect or store private keys, seed phrases, or wallet credentials.

Technical data

  • Browser type, device information, and pages visited
  • Session and authentication tokens stored locally in your browser (API key session for dashboard access)
  • Server logs for security, rate limiting, and reliability

2. How we use information

We use collected information to:

  • Provide, operate, and maintain the Services
  • Authenticate merchants and deliver API responses
  • Send webhook notifications for payment events
  • Detect fraud, abuse, and security incidents
  • Comply with legal obligations and enforce our Terms
  • Improve reliability, performance, and product features

3. Legal bases (where applicable)

Depending on your jurisdiction, we process personal data based on contract performance (providing the Services), legitimate interests (security and analytics), and legal compliance. Where consent is required, we will obtain it before processing.

4. Sharing and disclosure

We do not sell personal information. We may share data with:

  • Infrastructure providers — hosting (e.g. Vercel, Railway), databases, and caching services under data processing agreements
  • Blockchain networks — transaction data is recorded on public ledgers when payments are made; this data is inherently public
  • Legal authorities — when required by law, subpoena, or to protect rights and safety

5. Data retention

Merchant records and invoice data are retained for as long as your account is active and as needed for legal, accounting, and dispute resolution purposes. Logs may be retained for a limited period for security and operations.

6. Security

We implement administrative, technical, and organizational measures including API key authentication, HMAC-signed webhooks, rate limiting, and encrypted connections (HTTPS/TLS). No method of transmission over the Internet is 100% secure; we cannot guarantee absolute security.

7. Your rights

Depending on your location (including certain US state privacy laws and, where applicable, GDPR), you may have rights to access, correct, delete, or port your personal data, and to opt out of certain processing. To exercise these rights, contact us through directconnectpay.com.

8. Cookies and local storage

The merchant dashboard may store your API key in browser local storage to maintain your session. We do not use third-party advertising cookies. Essential cookies or storage may be used for security and functionality.

9. Children

The Services are not directed to individuals under 18. We do not knowingly collect personal information from children.

10. International transfers

Data may be processed in the United States and other countries where our service providers operate. Appropriate safeguards are applied where required by law.

11. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top reflects the current version. Material changes will be posted on this page.

12. Contact

Questions about this Privacy Policy: www.directconnectpay.com