top of page

Privacy Policy

PlanPay Privacy Policy

Last Updated: April 27, 2026

Introduction

PlanPay LLC (“PlanPay”, “we”, “us”, or “our”) respects your privacy and is committed to protecting personal data. This Privacy Policy explains how we process personal data in connection with our services and describes our participation in the EU-U.S. Data Privacy Framework (“DPF”).

1. Our Role as a Service Provider

PlanPay provides payment and financial workflow services to business customers (“Merchants”).

PlanPay acts as a data processor (service provider) and processes personal data only on behalf of and

under the instructions of its Merchants.

 

2. Data Privacy Framework (DPF) Commitment

PlanPay complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  PlanPay has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. PlanPay has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the DPF Principles and/or the Swiss-U.S. DPF Principles (DPF Principles), the Principles shall govern.  To learn more about the Data Privacy Framework Program (DPF Program), and to view our certification, please visit https://www.dataprivacyframework.gov/

 

3. Types of Personal Data We Process

PlanPay processes personal data such as name, email address, contact information, and

transaction-related data. PlanPay does not collect, store, or process credit card or payment card information.

 

4. Purpose of Processing

PlanPay processes personal data to provide services, facilitate workflows, support Merchants, improve the platform and comply with legal obligations. PlanPay does not sell or share personal data for advertising purposes.

 

5. Data Sharing and Onward Transfers

If you are an EU, UK, or Swiss individual, where we transfer your personal data to third-party service providers who perform services for us or on our behalf, we are responsible for the processing of that data by them and shall remain liable if they process your personal data in a manner inconsistent with the DPF Principles, unless we prove that we are not responsible for the event giving rise to the damage. PlanPay may share data with sub-processors, infrastructure providers, and authorities where required.

All third parties are required to provide the same level of protection under the DPF.

 

6. Individual Rights

Pursuant to the DPF Program, EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States in reliance on the DPF Program should direct their query to privacy@planpay.com. If requested to remove data, we will respond within a reasonable timeframe. 

 

7. Choice

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to privacy@planpay.com.


8. Data Security

PlanPay implements appropriate safeguards to protect personal data against unauthorized access, loss, or misuse.

 

9. Data Integrity and Retention

Data is retained only as long as necessary and is returned or deleted upon termination unless required by law.

 

10. Security Incidents

PlanPay will notify Merchants of security incidents and assist in mitigation.

 

11. Disclosure to Public Authorities

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

 

12. Independent Dispute Resolution

In compliance with the DPF Principles, PlanPay commits to resolve DPF Principles-related complaints about your privacy and our collection or use of your personal information. EU, UK, or Swiss individuals with inquiries or complaints regarding our handling of personal data in reliance on the DPF should first contact PlanPay at: privacy@planpay.com.

PlanPay has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by us, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you. 

 

13. Binding Arbitration

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See  https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction for more information on this process. 

 

14. Regulatory Oversight

PlanPay is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

 

15. Contact Information

PlanPay LLC

Email: privacy@planpay.com

Address: 8600 Sam Furr Road, Suite 250, Huntersville, North Carolina 28078, USA

bottom of page