PRIVACY POLICY

ORA PAY – PRIVACY POLICY

Last Updated: May 23, 2026

At ORA PAY, we are fully committed to protecting the privacy, security, and integrity of the data shared with us by our merchants and digital creators. This Privacy Policy describes how we collect, protect, utilize, and manage your personal and corporate information when you apply for a merchant account, use our dashboard, or interact with our payment API infrastructure.

By submitting an application or utilizing our network, you explicitly consent to the data practices described in this policy.

1. Information We Collect

To provision and maintain your secure merchant node, we collect specific compliance and technical data, including:

  • Personal Identification Data: Full name, business email address, and active Telegram username or telephone details.

  • Corporate & Platform Data: Your website URL, platform framework info, and business category (such as IPTV node, SaaS, or Digital Assets).

  • Identity Verification Documents: A digital scan or photographic upload of your valid International Passport or National Identification Card.

  • Technical Transactional Data: Localized network indicators, device configurations, browser fingerprints, and hardware IP logs processed during user checkouts via our Smart-Flow framework.

2. How We Use Your Data

We process your personal and verification records strictly for lawful commercial purposes:

  • Account Provisioning: To review and verify your identity within our 24-hour verification SLA.

  • Fraud Prevention & Mitigation: To power our predictive risk engines, blocking proxies, malicious VPN configurations, and stolen checkout credentials.

  • Dispute Resolution Infrastructure: In the event of an unauthorized chargeback or friendly fraud claim, the captured checkout contract signatures and client IP logs are compiled to provide institutional-grade evidence to legal payment networks (such as PayPal).

3. Document Protection & Encryption Standards

We understand the highly sensitive nature of the identity documents (Passports and National IDs) you upload.

  • Enterprise Security: All uploaded documents and sensitive fields are instantly encrypted using Advanced Encryption Standard (AES-256) protocols before being written to our storage layer.

  • Immutable Storage: Document assets are locked on secured server ledgers accessible only by authorized compliance personnel strictly for KYC (Know Your Customer) and underwriting audits.

  • No Selling of Data: ORA PAY will never sell, rent, lease, or distribute your identity documents or business metrics to third-party marketing networks or external entities.

4. Data Sharing and Third-Party Disclosures

Your information is only shared under strict legal and operational conditions:

  • Upstream Payment Infrastructure: Data required to validate transaction authenticity may be transmitted to upstream processing entities (e.g., PayPal) strictly to defend your merchant accounts against false disputes.

  • Legal Enforcement: We may disclose information if explicitly ordered to do so by a binding court order, legal mandate, or international digital commercial regulatory authority.

5. Data Retention Boundaries

ORA PAY retains merchant account profiles and identity verification files for as long as your merchant profile remains active, or as structurally required to satisfy ongoing financial compliance, legal dispute window liabilities, and systemic auditing metrics.

6. Your Rights & Access Controls

Under international data protection frameworks, verified merchants have the right to inspect their registered business profiles or request clarity on stored credentials. For adjustments regarding your administrative profile, you may contact our secure support desk via your verified merchant channels.

7. Policy Adjustments

ORA PAY reserves the right to modify this Privacy Policy to align with evolving global financial privacy frameworks. Any updates will be pushed to this interface with an updated revision date.