Legal

Privacy Policy

Last updated January 2025 · Effective immediately

Paythos is an accounts-payable workflow platform for finance teams — managing the full lifecycle from spend request to settled payment. We respect your privacy and are committed to protecting your personal information. This Privacy Policy describes how we collect, use and share information in connection with your use of our services. By using Paythos, you agree to the collection and use of information in accordance with this policy.

1. Information we collect

We collect information you provide directly to us, such as your name, business email address, company name, and billing details when you create an account. We also collect information automatically as you use our services, including usage data, device information, and log data such as IP addresses and browser type.

2. How we use your information

We use the information we collect to provide, maintain and improve our services; process transactions; send you technical notices and support messages; respond to your comments and questions; and monitor and analyse usage patterns to improve the product. We do not sell your personal information to third parties.

3. Data sharing

We share your information with third-party vendors and service providers that perform services on our behalf, such as payment processing (Stripe, Wise, Adyen), cloud infrastructure (Supabase/AWS), and email delivery. All third parties are bound by data processing agreements. We may also disclose your information if required by law or to protect the rights, property, or safety of Paythos, our users, or others.

4. Data retention

We retain your personal information for as long as your account is active or as needed to provide services. Payment and audit records are retained for seven years to comply with financial regulations. You may request deletion of your account and associated data at any time by contacting us, subject to legal retention requirements.

5. Security

We take the security of your data seriously. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. We enforce multi-factor authentication, conduct regular penetration tests, and maintain SOC 2-aligned security controls. See our Security page for full details.

6. Your rights

Depending on your location, you may have the right to access, correct, or delete your personal information; object to or restrict our processing; and request portability of your data. To exercise these rights, contact us at privacy@paythos.io. We will respond within 30 days.

7. Cookies

We use essential cookies to keep you signed in and remember your preferences. We do not use advertising or tracking cookies. You can control cookie settings through your browser, though disabling essential cookies may affect service functionality.

8. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and, where appropriate, sending you an email notification. The date at the top of this page reflects when the policy was last updated.

Questions about this policy? Contact us at privacy@paythos.io