Xpress Pay Logo
Login

Privacy Policy

Data Processing & Merchant Protection Standard

At Xpress Pay, safeguarding the transactional details of our merchants and their users is a top priority. This Privacy Policy details how we collect, store, and process payment telemetry and metadata.

1. Information Collection

We process data required to execute secure bank and wallet routing operations. This includes:

  • Merchant Profile Data: Business titles, email addresses, dashboard login hashes, and 2FA authentication identifiers.
  • Integration Telemetry: API requests, webhook URLs, routing credentials, and gateway callback records.
  • Transaction Data: Ordered amounts, status codes, reference IDs, and payment method details (e.g. Easypaisa / JazzCash / bank indicators). We do not persist raw checkout wallet PINs.

2. Security & Encryption Standards

Xpress Pay deploys state-of-the-art protection layers. Webhook responses, API signature calls, and dashboard databases are stored under secure, restricted access clusters with active TLS 1.3 encryption.

3. Sharing & Disclosures

We never sell or distribute transaction telemetry records to marketing databases. Transaction logs are only relayed to the designated payment channels (e.g. e-wallets, bank systems) to settle transactions, or for law compliance checks.