Privacy Policy

Effective date: April 3, 2023

Last updated: March 7, 2026

1. Introduction

PerfectPay (“we,” “us,” or “our”) operates the perfectpay.ai platform, the Perfect mobile application, and related services across the *.perfectpay.ai domains. PerfectPay is incorporated in the State of Delaware, United States. We are committed to protecting the privacy of our users and handling personal data responsibly and transparently.

This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our website, use our application programming interfaces (APIs), integrate with our payment processing platform, use the Perfect consumer application, or otherwise interact with our services. It applies to two primary audiences:

  • Merchants and businesses (B2B): Entities using PerfectPay to process payments, manage agent commerce, syndicate product catalogs, and settle transactions.
  • Consumers (B2C): Individuals using the Perfect app for chat, peer-to-peer (P2P) payments, agent authorization, cash-out services, and related consumer features.

By accessing or using PerfectPay or the Perfect app, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Information We Collect

We collect information necessary to provide, maintain, and improve our payment processing, agent commerce, and consumer payment services. The categories of information we collect include:

Account & Identity Information

When you create an account, we collect your name, email address, phone number, and phone country code (all encrypted at rest). For merchant accounts, we additionally collect your business name, business details, business type, country, merchant category code (MCC), tax registration ID (encrypted), billing and shipping addresses (encrypted, including line 1–3, city, state, zip, and country), support email, support phone, and website URL. We also collect customer metadata (up to 50 key-value pairs) that you choose to associate with customer records. This information is used to verify your identity and comply with regulatory requirements such as Know Your Customer (KYC) and Anti-Money Laundering (AML) obligations.

Authentication & Security Data

We store password hashes (never plaintext passwords), TOTP two-factor authentication secrets, recovery codes, user roles, permissions, and organization associations. Where you configure single sign-on, we store OAuth and SAML configuration data. API key data includes key name, description, hashed key value, key prefix, expiration date, and last-used timestamp.

Payment Intent & Transaction Data

For each payment processed through our platform, we collect payment intent data including amount, currency, status, description, order details (encrypted), capture method, authentication type, statement descriptor, and billing descriptor. We also collect payment attempt data including the connector (processor) used, error codes and messages, cancellation reasons, payment tokens, and network-level details. We record surcharge amounts, tax amounts, tax status, duty amounts, shipping amounts, and discount amounts associated with each transaction.

Payment Method Data

We collect and process data about the payment methods used for transactions. For cards, this includes the cardholder name (encrypted), card scheme and network, issuer name and country, card fingerprint (hashed for deduplication), ISIN (first 6 digits), last 4 digits, and network token data. For bank payments, this includes account number (masked), routing number (masked), sort code (masked), SWIFT code, bank name, bank type, and account holder name. For wallet payments, we collect provider-specific details. Billing addresses associated with payment methods are encrypted. We also store connector mandate details where applicable.

Card Vault Data

Our PCI-compliant card vault service, operated as a separate isolated environment, stores card numbers (encrypted with hardware security modules), CVV values (encrypted, not stored long-term and purged after authorization), expiry dates (encrypted), cardholder names, and card fingerprints (hashed for deduplication). Card data is never stored in plain text and is handled in accordance with PCI-DSS Version 4 standards.

Refund, Dispute & Authorization Data

We collect refund data including amount, reason, status, connector reference, and acquirer reference number (ARN). For disputes, we collect the disputed amount, dispute stage (from pre-chargeback through arbitration), status, evidence documents (encrypted), and connector-provided reason codes. Authorization records include the authorized amount, status, and connector authorization identifier.

Fraud & Risk Data

When fraud management is configured, we collect and process data from fraud and risk management (FRM) providers such as Riskified, Signifyd, and Kount. This includes the FRM provider used, risk scores, fraud decisions, and fraud reason codes. We also collect device fingerprints (hashed) and maintain blocklist entries covering cards, email addresses, and device fingerprints flagged for fraud.

3DS & Authentication Data

For transactions requiring strong customer authentication, we collect the authentication connector used, authentication type (decoupled, frictionless, or challenge flow), CAVV (cardholder authentication verification value), ECI (electronic commerce indicator), 3DS transaction identifiers, ACS URL, directory server identifiers, message version, challenge request data, and PSD2 SCA exemption type where applicable.

Mandate & Recurring Payment Data

For mandates and recurring payments, we collect mandate type, status, authorized amount, currency, start and end dates, customer IP address (encrypted), customer user agent, network transaction identifiers, and connector mandate identifiers. Subscription data includes subscription status, billing processor, plan identifier, and item price identifier.

Payout & Recipient Data

For payouts, we collect the payout amount, currency, status, destination type, recipient bank account details (masked), recipient wallet details, routing configuration, and connector payout identifiers.

Network Tokenization Data

When network tokenization is used, we collect the card network, token requestor identifier, network token data (encrypted), token status, token expiration, and cryptograms used for token-based transactions.

Webhook & Event Data

For webhook deliveries, we collect event type, delivery status, attempt count, request and response payloads (encrypted), and idempotent event identifiers. Merchant webhook URLs and headers are stored as part of your account configuration.

Merchant Configuration Data

We store your connector account credentials (encrypted API keys and secrets), routing algorithm configurations (including volume split percentages and connector selection criteria), Apple Pay verified domains, and FRM provider configurations.

Routing Decision Data

We log routing algorithm definitions, the decisions made for each transaction, connector selection criteria evaluated, and volume split percentages applied. This data is used for analytics, optimization, and audit purposes.

Agent Commerce Data

When merchants enable agent commerce features, we collect agent identifiers, authorization scopes, spending limits, and transaction logs associated with AI agent payment activity. This data is used to verify agent credentials, enforce spending controls, and provide audit trails.

Product Catalog Data

When merchants opt into AI agent discovery syndication, we collect product descriptions, pricing information, availability status, and other catalog attributes that merchants choose to make discoverable by AI shopping agents.

Payment Link Data

For payment links, we collect the link URL, amount, currency, description, merchant display name, link configuration, and expiration date.

File & Document Data

When files are uploaded (for example, dispute evidence documents), we collect the file name, file size, and file type. Files are stored with our cloud storage provider (Amazon Web Services S3) with encryption at rest.

Invoice & Billing Data

We collect invoice amounts, currency, status, billing provider name, and subscription associations for billing and invoicing purposes.

Analytics & Telemetry Data

We collect payment analytics (including amount, count, and success/failure rates segmented by connector, currency, and region), SDK event data (payment method usage, page load times, errors), and API event data (endpoints called, response times, error rates). We also log routing decision analytics to improve transaction success rates.

Browser & Device Data

We collect browser information including user agent string, operating system type and version, device model, browser name and version, and IP address. This data is captured with payment attempts for fraud prevention and is also collected through general platform usage for analytics and security purposes.

Tax & Compliance Data

We collect tax amounts, tax status, duty amounts, and shipping tax data as required for transaction processing and regulatory compliance.

3. Consumer Data (Perfect App)

In addition to the data described in Section 2, the Perfect consumer application collects the following categories of data from individual users:

Perfect App Account Data

When you create a Perfect app account, we collect your name, email address, phone number, and profile photo. This information is used to identify you within the app, enable communications with other users, and personalize your experience.

Peer-to-Peer (P2P) Transfer Data

When you send or receive money through the Perfect app, we collect sender and recipient identifiers, transfer amount, currency, timestamp, transfer status, and any note or memo you attach to the transfer. This data is necessary to execute the transfer, provide transaction history, and comply with financial reporting requirements.

Agent Authorization Preferences

When you authorize AI agents to make purchases on your behalf through the Perfect app, we collect your authorization preferences including which agents you have authorized, spending rules you have defined (per-transaction limits, daily or monthly limits), category restrictions (permitted and blocked merchant categories), and expiration settings. You can view, modify, or revoke these preferences at any time within the app.

Agent Transaction Logs

We maintain logs of all transactions initiated by agents you have authorized, including what the agent purchased, when the purchase occurred, the amount, the merchant, and whether the transaction was approved or denied based on your authorization rules. These logs are retained for 365 days to provide you with a complete audit trail.

Cash-Out Transaction Data

When you use the cash-out feature, we collect the cash-out location, amount, timestamp, and transaction status. This data is used to process the cash-out, generate your transaction history, and comply with financial regulations.

Chat Data

The Perfect app includes a messaging feature. We collect and store messages exchanged between users, including payment requests made within chat conversations. Chat data is encrypted in transit and at rest. We may review chat data to enforce our terms of service, respond to legal process, or prevent fraud and illegal activity.

Location Data

With your explicit consent, we collect your device location to provide nearby cash-out location services. Location data is used only for this purpose and is not stored beyond the duration of the location lookup. You can revoke location permissions at any time through your device settings, though this may limit the availability of location-dependent features.

Push Notification Tokens

We collect push notification tokens from your device to send you transaction alerts, payment requests, agent activity notifications, and other service communications. You can manage notification preferences within the app settings or through your device settings.

Bank Account Linkage Data

When you link a bank account to the Perfect app (for pay-by-bank via FedNow or the RTP Network), we collect your bank account details as necessary to initiate transfers. Bank account data is encrypted and stored in accordance with our security standards. We do not store your bank login credentials.

4. How We Use Your Information

We use the information we collect for the following purposes:

  • Process payments and settle transactions. We use your account and transaction data to authorize, process, and settle payments through our network of payment processors, including card-present and card-not-present transactions.
  • Route transactions to optimal payment processors. We use transaction metadata, historical performance data, and routing algorithm configurations to intelligently route each transaction to the processor most likely to approve it at the lowest cost.
  • Facilitate consumer payments and transfers. We use Perfect app account data and linked bank information to process P2P transfers, cash-out transactions, and agent-initiated purchases on behalf of consumers.
  • Syndicate product catalogs to AI shopping platforms. With your explicit consent, we distribute your product catalog data to participating AI platforms so that AI agents can discover and present your products to consumers.
  • Issue and verify agent payment authorization credentials. We use agent commerce data to issue, validate, and enforce authorization credentials that define what AI agents are permitted to purchase on behalf of businesses and consumers.
  • Prevent fraud and comply with legal obligations. We analyze transaction patterns, device fingerprints, risk scores, blocklist data, 3DS authentication results, and browser data to detect and prevent fraudulent activity. We also use your information to comply with applicable laws, regulations, card network rules, and financial reporting requirements.
  • Manage disputes, refunds, and chargebacks. We use transaction records, dispute evidence, and connector-provided data to facilitate the resolution of payment disputes and process refunds.
  • Calculate and apply taxes. We use transaction data and tax calculation services to determine applicable tax amounts, duties, and shipping taxes.
  • Improve our services and develop new features. We use aggregated analytics and telemetry data (payment metrics, SDK events, API performance data, and routing decision analytics) to understand how our platform is used, optimize transaction success rates, and develop new capabilities.
  • Communicate about your account and our services. We use your contact information to send transactional notifications (such as settlement confirmations, payment receipts, agent activity alerts, and security alerts), respond to support requests, and, where you have opted in, share product updates and announcements.

5. AI Agent Commerce & Data

PerfectPay enables a new category of commerce where AI agents can discover products, negotiate terms, and complete purchases on behalf of consumers and businesses. This section addresses data practices specific to these capabilities for both B2B and B2C users.

Catalog Syndication

When merchants enable agent commerce, product data (including descriptions, pricing, availability, and merchant-defined attributes) is shared with participating AI platforms — including but not limited to ChatGPT/OpenAI, Google AI, Perplexity, and Microsoft Copilot — via the Agent Commerce Protocol (ACP) and Universal Catalog Protocol (UCP). This syndication occurs only with explicit merchant consent, and merchants retain full control over which products are shared and with which platforms. During catalog syndication, we share product-level data only; no consumer personal data is transmitted to AI platforms as part of the catalog syndication process.

Merchant Control

Merchants can opt out of catalog syndication at any time through their PerfectPay dashboard. Upon opting out, we will remove your product data from syndication feeds within 48 hours, though cached data on third-party AI platforms may persist according to those platforms' own data retention policies.

Agent Authorization Credentials

Agent authorization credentials issued through PerfectPay contain only the minimum data required for transaction verification. Specifically, each credential includes an agent identifier, the authorizing party (merchant or consumer), a spending scope (permitted categories, maximum per-transaction amount, aggregate spending limits), and expiration parameters. For consumer-issued credentials via the Perfect app, the credential additionally encodes the consumer's category restrictions and any merchant-specific rules. No personal consumer data such as name, email, or payment method details is embedded in authorization credentials.

Agent Transaction Audit Logs

All transactions initiated by authorized agents are logged with full audit detail, including the agent identifier, authorizing party, transaction amount, merchant, timestamp, and approval/denial outcome. These audit logs are retained for 365 days from the date of the transaction and are available to the authorizing party (merchant or consumer) through the PerfectPay dashboard or Perfect app, respectively.

Agent-to-Agent Negotiation Data

When AI agents engage in agent-to-agent payment negotiation (for example, automated procurement, multi-party settlements, or price negotiation between a buyer agent and seller agent), the negotiation data — including payment terms proposed and agreed upon, counterparty agent identifiers, and final settlement terms — is logged for audit and compliance purposes. These logs are retained for 365 days from the date of the transaction and are then permanently deleted.

No Sale of Agent Transaction Data

We do not sell agent transaction data to third parties. Agent transaction records are used solely for payment processing, dispute resolution, fraud prevention, and audit compliance.

Consumer Right to Revoke & Delete

Consumers who have authorized agents through the Perfect app may revoke any agent's authorization at any time through the app settings. Upon revocation, no further transactions will be accepted from that agent. Consumers may also request deletion of their agent transaction logs by contacting us at [email protected], subject to any applicable regulatory retention requirements.

6. Third-Party Marketplace Offers

PerfectPay enables consumers to opt in to receive personalized offers from third-party marketplace merchants. This section explains what data is shared, how it is used, and how to opt out.

Opt-In Required

Third-party marketplace offers are strictly opt-in. Consumers must affirmatively choose to receive offers through their Perfect app settings. Offers are never sent without explicit consumer consent.

Data Shared with Marketplace Merchants

When you opt in, we share limited, aggregated data with participating marketplace merchants to enable relevant offers. This data includes purchase history categories (broad categories such as “electronics” or “dining,” not specific items or transaction details), location at the city level only (never precise location), and spending ranges (broad brackets, not exact amounts). PerfectPay does not sell individual transaction data to marketplace merchants. Merchants receive aggregated and anonymized data unless you explicitly opt in to personalized offers, in which case merchants may receive your name and email address to deliver tailored promotions.

How to Opt Out

You may opt out of third-party marketplace offers at any time through your Perfect app settings under “Marketplace Preferences,” or by emailing [email protected]. Upon opting out, we will cease sharing your data with marketplace merchants within 48 hours. Offers already in transit may still be delivered, but no new data will be shared.

Merchant Responsibility

Third-party marketplace merchants are solely responsible for the accuracy, content, and fulfillment of their offers. PerfectPay acts as an intermediary facilitating the connection between consumers and merchants; we do not endorse, guarantee, or assume liability for any third-party offer, product, or service.

7. Data Sharing

We share your information with third parties only in the following circumstances:

  • Payment processors. We share transaction data with payment processors (such as those in our routing network) as necessary to authorize, process, and settle your transactions.
  • AI platforms. With your explicit consent, we share product catalog data with participating AI platforms (including OpenAI, Google, Microsoft, and Perplexity) via the Agent Commerce Protocol (ACP) and Universal Catalog Protocol (UCP) for the purpose of making your products discoverable by AI agents.
  • Card networks. We share transaction data with card networks such as Visa and Mastercard as required for the authorization, clearing, and settlement of card-based transactions, as well as for network tokenization services.
  • Fraud prevention providers. Where configured by you (for merchants) or as part of our standard security measures (for consumers), we share transaction data, device fingerprints, IP addresses, browser information, and blocklist data with fraud prevention providers such as Riskified, Signifyd, and Kount to assess transaction risk, generate risk scores, and prevent fraudulent activity.
  • 3DS authentication providers. We share cardholder and transaction data with 3D Secure authentication providers (such as directory servers and ACS providers) as required to perform strong customer authentication for card transactions.
  • Tax calculation services. We share transaction amounts, merchant location, and customer location data with tax calculation service providers to determine applicable tax amounts, duties, and shipping taxes.
  • Analytics provider (PostHog). We use PostHog, a SOC 2 Type II certified analytics platform, to analyze how visitors interact with our website and platform. Data shared includes pageviews, session duration, referral sources, IP address, browser and device information, heatmap data (clicks, scroll depth, mouse movement), web performance metrics, and session replays (recordings of user interactions with sensitive form inputs masked by default). When you submit a contact form, your name, email, and company may be associated with your analytics profile. Data is stored in the United States. PostHog's privacy policy is available at posthog.com/privacy.
  • Cloud storage providers. Files uploaded to the platform (such as dispute evidence documents) are stored with Amazon Web Services (AWS) S3 with encryption at rest and in transit.
  • Banking partners. For consumer services through the Perfect app, we share transaction data with our licensed banking partners who hold consumer funds, process P2P transfers, and facilitate cash-out transactions.
  • Marketplace merchants. Where consumers have opted in to third-party marketplace offers, we share aggregated consumer data with participating merchants as described in Section 6 above.
  • Legal compliance. We may disclose your information when required by law, in response to a valid subpoena or court order, or when we believe in good faith that disclosure is necessary to comply with a legal obligation, protect our rights, protect the safety of our users or the public, or respond to a government request.

We never sell your personal data to third parties for marketing or advertising purposes. We do not sell individual transaction data. Where consumer data is shared with marketplace merchants, it is aggregated and anonymized unless the consumer has explicitly opted in to personalized offers.

8. Data Security

We implement and maintain comprehensive security measures designed to protect your information from unauthorized access, alteration, disclosure, or destruction:

  • PCI-DSS v4 compliance. Our payment processing infrastructure is certified compliant with Payment Card Industry Data Security Standard Version 4, the most current standard for handling payment card data. Our card vault operates as an isolated PCI-compliant environment with hardware security module (HSM) encryption.
  • SOC 2 Type II. We are pursuing SOC 2 Type II certification to provide independent assurance of our security, availability, and confidentiality controls. Certification status is available upon request.
  • Encryption in transit. All data transmitted between your systems and ours is encrypted using TLS 1.3, the latest version of the Transport Layer Security protocol.
  • Encryption at rest. All stored data is encrypted using AES-256 encryption. Sensitive fields (names, email addresses, phone numbers, addresses, tax IDs, payment method details, order details, dispute evidence, webhook payloads, and customer IP addresses) receive field-level encryption in addition to storage-level encryption.
  • Hashing and tokenization. Passwords are stored as cryptographic hashes, never in plaintext. Card fingerprints and device fingerprints are hashed for deduplication and blocklist matching. API keys are hashed after issuance. Card data is tokenized within PCI-compliant infrastructure.
  • Access controls and audit logging. We enforce role-based access controls and maintain comprehensive audit logs of all access to sensitive data, retained for 365 days. Access to production systems is restricted to authorized personnel and subject to multi-factor authentication.
  • Security assessments and penetration testing. We conduct regular security assessments, vulnerability scans, and third-party penetration testing to identify and remediate potential security issues.

9. Data Retention

We retain your information only for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. Specific retention periods are as follows:

Data CategoryRetention Period
Transaction data (payments, refunds, settlements)7 years (regulatory requirement)
Dispute & chargeback records7 years (regulatory requirement)
Payout records7 years (regulatory requirement)
Mandate & subscription dataDuration of mandate/subscription plus 7 years
Agent authorization logs365 days
Agent-to-agent negotiation logs365 days
Consumer agent transaction logs365 days
Fraud & risk data (scores, blocklists)7 years or duration of blocklist entry
3DS authentication data7 years (aligned with transaction data)
Merchant account dataDuration of account plus 30 days after deletion
Consumer account data (Perfect app)Duration of account plus 30 days after deletion
Product catalog dataUntil merchant disables syndication
Webhook & event data90 days
Analytics & telemetry data24 months (aggregated), 90 days (raw)
PostHog analytics (identified users)Per PostHog retention policy; deletable on request
Routing decision data24 months
Audit & access logs365 days (PCI-DSS v4 requirement)
Chat data (Perfect app)Duration of account plus 30 days after deletion
P2P transfer data7 years (regulatory requirement)
File uploads (dispute evidence)Duration of dispute plus 7 years
Invoice & billing data7 years (regulatory requirement)
Network tokenization dataDuration of token validity plus 7 years
Payment link dataUntil expiration plus 90 days
CVV data (card vault)Purged immediately after authorization
Location data (Perfect app)Not stored beyond location lookup

When data is no longer required, it is securely deleted or anonymized in accordance with industry best practices and applicable regulatory requirements.

10. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data. These rights apply to both merchant users and consumer users of the Perfect app:

  • Access. You have the right to request a copy of the personal data we hold about you.
  • Correction. You have the right to request that we correct inaccurate or incomplete personal data.
  • Deletion. You have the right to request that we delete your personal data, subject to regulatory retention requirements described in Section 9 above.
  • Data portability. You have the right to receive a copy of your data in a structured, commonly used, machine-readable format.
  • Opt out of catalog syndication. Merchants may opt out of product catalog syndication to AI platforms at any time through the PerfectPay dashboard.
  • Opt out of marketplace offers. Consumers may opt out of third-party marketplace offers at any time through the Perfect app settings or by contacting [email protected].
  • Revoke agent authorization. Consumers may revoke any agent authorization at any time through the Perfect app and request deletion of associated agent transaction logs.
  • Opt out of marketing communications. You may opt out of marketing emails at any time by clicking the “unsubscribe” link in any marketing communication or by contacting us directly.

California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • Right to know. You have the right to know what personal information we collect, use, disclose, and sell.
  • Right to delete. You may request deletion of your personal information, subject to certain exceptions.
  • Right to opt out of sale. You have the right to opt out of the sale of your personal information. We do not sell personal information, so this right is satisfied by default.
  • Right to limit use of sensitive personal information. You have the right to limit the use and disclosure of your sensitive personal information to purposes necessary for providing the services you have requested.
  • Non-discrimination. We will not discriminate against you for exercising any of your CCPA or CPRA rights.

EU and UK Residents

If you are located in the European Union or the United Kingdom, you have rights under the General Data Protection Regulation (GDPR) and the UK GDPR, including the rights of access, rectification, erasure, restriction of processing, data portability, and objection to processing. You also have the right to lodge a complaint with your local data protection authority.

To exercise any of your rights, please contact us at [email protected]. We will respond to verified requests within 30 days (or within the timeframe required by applicable law).

11. Cookies & Tracking

We use cookies and similar tracking technologies to operate and improve our platform:

  • Essential cookies. These cookies are strictly necessary for the operation of our platform. They enable core functionality such as authentication, session management, and security protections. These cookies cannot be disabled.
  • Analytics cookies. We use PostHog, a SOC 2 Type II certified analytics platform, to understand how users interact with our platform, including pageviews, session duration, referral sources, and feature usage. When you submit a contact form, your name, email, and company may be associated with your analytics profile to help us understand your journey and respond effectively. You may opt out of analytics cookies through your browser settings or through the cookie preferences control on our website. PostHog's privacy policy is available at posthog.com/privacy.

We do not use third-party advertising cookies. We do not serve targeted advertisements, and we do not share browsing data with advertising networks.

12. International Data Transfers

PerfectPay is headquartered in the United States, and your data is primarily processed and stored in the United States. If you access our services from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your jurisdiction.

  • European Union users. For transfers of personal data from the EU, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical and organizational measures where appropriate.
  • United Kingdom users. For transfers of personal data from the UK, we rely on the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs, as applicable.

13. Children's Privacy

PerfectPay's services, including the Perfect consumer app, are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to promptly delete such information. If you believe that a child under 18 has provided us with personal information, please contact us at [email protected].

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by email (at the address associated with your account), by push notification (for Perfect app users), and by posting a prominent notice on our website at least 30 days before the changes take effect. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of PerfectPay or the Perfect app after the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms.

15. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

PerfectPay

Privacy Inquiries
Email: [email protected]
Security Inquiries: [email protected]
Legal Inquiries: [email protected]
General Support: [email protected]

© 2026 PerfectPay. All rights reserved.

Terms of Service →