Chiizu Inc. ("Chiizu", "we", "our", or "us") provides a regulated payments, invoicing, and commerce platform for businesses and consumers in the United States and Canada. This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information.

This policy applies to visitors to our website, customers, merchants, business users, and end-users of our platform.

Key Points

No sale of personal information

Chiizu does not sell personal information.

No cross-context behavioral advertising sharing

Chiizu does not share personal information for cross-context behavioral advertising.

Payments retention

Certain transaction and compliance records must be retained for years due to legal and regulatory requirements.

California rights

CCPA/CPRA rights and request process are included in this policy.

1. Scope and Role

Chiizu acts as a business and data controller for information collected directly through our website, onboarding, and platform. In certain payment and financial workflows, Chiizu may act as a service provider/data processor on behalf of merchants and platforms. Certain information is processed by regulated financial institutions and payment processors (for example, acquiring banks, card networks, and payment processors) under their own legal obligations.

2. Information We Collect

A. Identifiers

• Name, email address, and phone number

• Business name and business contact details

• Account identifiers and internal IDs

• IP address and device identifiers

B. Financial and Transactional Information

• Payment tokens, transaction references, and settlement records

• Invoices, payouts, refunds, and reconciliation data

• Dispute/chargeback and risk-related information

Important: Chiizu does not store raw card numbers, CVV, or bank account credentials. These are typically tokenized and stored by regulated processors and financial partners.

C. Business and Compliance Information

• KYB/KYC information and verification results

• Beneficial ownership information

• Compliance documentation required for regulated payments services

D. Usage and Technical Data

• Device and browser information

• Log data (such as timestamps, pages visited, and actions taken)

• Approximate location derived from IP address

E. Communications

• Support requests, emails, and other communications with Chiizu

3. How We Use Information

We use personal information to:

• Provide, operate, and maintain the Chiizu platform
• Process payments, settlements, refunds, and related workflows
• Verify identity and perform KYB/KYC, where applicable
• Prevent fraud, manage risk, and secure our systems
• Provide customer support and respond to inquiries
• Comply with legal, regulatory, and audit obligations
• Improve platform performance, reliability, and user experience

4. Legal Basis for Processing

Depending on the context and jurisdiction, we process personal information based on:

• Performance of a contract (providing services you request)
• Compliance with legal and regulatory obligations
• Legitimate interests (security, fraud prevention, platform improvement)
• Consent (where required by law)

5. Data Sharing

We may share information with:

• Payment processors, acquiring banks, card networks, and financial institutions
• Compliance, identity verification, and risk/fraud service providers
• Cloud infrastructure and hosting providers
• Professional advisors (legal, accounting, auditors) where necessary
• Regulators, government authorities, or law enforcement where required by law

Sale of personal information: Chiizu does not sell personal information.

Sharing for cross-context behavioral advertising: Chiizu does not share personal information for cross-context behavioral advertising as defined under California law.

6. Data Retention

Chiizu retains personal information only as long as reasonably necessary for the purposes described in this Privacy Policy. However, as a payments company, we may be required to retain certain data for extended periods to comply with:

• Financial recordkeeping obligations
• Tax and accounting requirements
• Anti-money laundering (AML) and related compliance requirements
• PCI-DSS and payment network requirements
• Dispute/chargeback and fraud investigation timeframes
• Audit, regulatory, and legal requirements

Deletion limitations: If you request deletion of personal information, Chiizu will honor the request as required by law, but we may retain information that we are legally required or permitted to keep, particularly transaction, settlement, dispute, and compliance records.

When information is no longer required for these purposes, we will delete, de-identify, or anonymize it in accordance with our retention policies and applicable law.

7. Your Privacy Rights

Depending on your jurisdiction and the context, you may have rights to:

• Request access to personal information we hold about you
• Request correction of inaccurate personal information
• Request deletion (subject to legal exceptions)
• Object to or restrict certain processing (where applicable)
• Request data portability (where applicable)

To exercise any privacy rights, contact us at privacy@simplypay.app. We may need to verify your identity before processing your request.

8. California Privacy Rights (CCPA / CPRA)

If you are a California resident, the CCPA/CPRA provides you with specific rights regarding your personal information. This section supplements the information above.

Your Rights

• Right to Know: request disclosure of categories and specific pieces of personal information collected, used, and disclosed.
• Right to Correct: request correction of inaccurate personal information.
• Right to Delete: request deletion of personal information, subject to legal exceptions (including payments recordkeeping obligations).
• Right to Limit: request limitations on certain uses of sensitive personal information, where applicable.
• Right to Non-Discrimination: you will not be discriminated against for exercising your rights.

How to Submit a Request
Email: privacy@simplypay.app
Subject line: California Privacy Request
We will respond to verifiable consumer requests within 45 days, as required by law, and may request information to verify your identity.

Sale / Sharing

Chiizu does not sell personal information and does not share personal information for cross-context behavioral advertising as defined under California law.

9. International Transfers

Your information may be processed in the United States and Canada, and may be transferred to jurisdictions with different privacy laws. We implement contractual and technical safeguards to help protect personal information when it is transferred internationally.

10. Security

We implement administrative, technical, and physical safeguards designed to protect personal information, including:

• Encryption in transit and at rest where appropriate
• Tokenization and minimization of payment data
• Access controls, monitoring, and audit logging
• Vendor security assessments and governance controls

No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we work to maintain protections consistent with industry standards (including PCI-DSS where applicable).

11. Cookies and Tracking

We use cookies and similar technologies for:

• Core site functionality
• Security and fraud prevention
• Analytics and performance measurement

You can control cookies through your browser settings. Some features may not function properly if cookies are disabled.

12. Children’s Privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided personal information, contact us and we will take appropriate steps.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be reflected in the “Last Updated” date at the top of this page. If required by law, we will provide additional notice.

14. Contact

Chiizu Inc.

Email: privacy@simplypay.app

Website: https://www.getchiizu.com

For access, deletion, or correction requests, email privacy@getchiizu.com and include enough detail for us to locate relevant records. We may require verification before responding.