Privacy Policy

Last updated: April 10, 2026

1. Overview

This Privacy Policy explains how IronixPay ("the Platform") collects, uses, stores, and protects personal information. For purposes of this policy, the Platform acts as the data controller for merchant account data unless otherwise required by applicable law. By using the Platform, you agree to this Privacy Policy, which forms part of our Terms of Service.

This policy covers two categories of individuals:

Merchants: Businesses or individuals who register an account to accept payments through the Platform.
End Users: Customers of merchants who interact with the Platform's checkout page to make payments.

2. Information We Collect

2.1 Merchant Registration Data

Name, email address
Login password (stored encrypted)
Two-factor authentication (2FA) configuration

2.2 Transaction Data

Blockchain addresses (collection, withdrawal)
Transaction hashes, amounts, timestamps
Payment session metadata (merchant reference IDs, etc.)

2.3 Technical Data (Merchants & End Users)

IP addresses (for security auditing, fraud prevention, and geographic restriction compliance)
Browser type and version
Access logs
Device information when accessing the checkout page

2.4 What We Do NOT Collect

End users' names, emails, or personal identity information
Fiat bank account details
Private keys or seed phrases

3. How We Use Information

We use collected information for the following purposes:

Service Delivery: Processing payments, sweeping, and withdrawals
Security: AML screening, fraud detection, anomaly identification
Geographic Restrictions: Using IP geolocation to detect user locations and enforce geographic restrictions as described in the Terms of Service
Service Improvement: Analyzing usage patterns to optimize the experience
Communication: Sending service notifications, security alerts, and important updates (merchants only)
Compliance: Meeting applicable legal and regulatory requirements

4. Data Storage & Security

Passwords are stored using industry-leading one-way hashing algorithms and cannot be reversed.
Sensitive data is protected with multiple layers of encryption (in-transit, at-rest, and key management services).
API keys are stored as hashes; plaintext is shown only once at creation.
Database backups are performed regularly and stored encrypted.
We implement industry-standard security measures, but no internet transmission is 100% secure.

We do not sell your personal information. Data is shared only in these cases:

Service Providers: Blockchain node services and infrastructure providers — only necessary public blockchain addresses and technical data are shared
Legal Requirements: When required by law or upon lawful request by authorities
Security: To prevent fraud and protect user rights
Business Transfers: In the event of a merger, acquisition, or asset sale, user data may be transferred to the successor entity

6. Data Retention

Account data is retained for the duration of the account.
Transaction records are retained in accordance with applicable industry standards and regulatory requirements.
After account deletion, personal data is deleted or anonymized within a reasonable period (typically 90 days), except where longer retention is required by law or for legitimate business purposes such as dispute resolution.
End user technical data (IP addresses, access logs) is retained for no longer than 12 months.

7. Cross-Border Data Transfer

The Platform's infrastructure is hosted in the Asia-Pacific region. If you access the Platform from other jurisdictions (including the European Economic Area), your data may be transferred to and processed in a different jurisdiction. By using the Platform, you consent to such transfer. We implement appropriate safeguards to protect data during cross-border transfers.

8. Cookies & Tracking

The merchant dashboard uses tokens for authentication, stored in browser local storage.
The checkout page uses local storage for language preferences only. No advertising cookies or third-party trackers are used on the checkout page.
We use error monitoring services to maintain platform stability, which may collect necessary technical information (error context, page URLs, browser metadata).

9. Your Rights

You have the right to:

Access your personal data
Correct inaccurate information
Delete your account and associated data
Export your transaction and billing data (CSV export)
Withdraw consent (note: this may affect service availability)
Object to certain processing activities

To exercise these rights, please contact us using the information below. We will respond within 30 days.

For end users who wish to exercise data rights, please contact the merchant through whom you made the payment. The merchant is the data controller for your transaction; IronixPay acts as a data processor on the merchant's behalf.

10. Children

The Platform is not intended for users under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that a minor has provided personal data, we will take steps to delete it promptly.

11. Policy Changes

We may update this Privacy Policy from time to time. Material changes will be communicated via email or platform notification at least 14 days in advance. The "Last updated" date at the top of this page indicates when the policy was last revised.

Contact Us

For privacy-related inquiries, please contact us:

Email: support@ironixpay.com
Telegram: @ironixpay

Privacy Policy ​

1. Overview ​

2. Information We Collect ​

2.1 Merchant Registration Data ​

2.2 Transaction Data ​

2.3 Technical Data (Merchants & End Users) ​

2.4 What We Do NOT Collect ​

3. How We Use Information ​

4. Data Storage & Security ​

5. Information Sharing ​

6. Data Retention ​

7. Cross-Border Data Transfer ​

8. Cookies & Tracking ​

9. Your Rights ​

10. Children ​

11. Policy Changes ​

Contact Us ​