Privacy Policy

1. Introduction

Felloh Ltd (trading as AcquirerFlow) ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our payment orchestration platform and services.

2. Information We Collect

2.1 Information You Provide

• Account registration information (name, email, company details)
• Payment processing data required to fulfill transactions
• API credentials and integration configurations
• Support and communication records

2.2 Information Collected Automatically

• Transaction data and payment routing information
• Log data (IP addresses, browser type, access times)
• Usage analytics and performance metrics
• Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our payment orchestration services
• Process transactions and route payments to appropriate acquirers
• Detect and prevent fraud, security incidents, and abuse
• Comply with legal obligations and regulatory requirements
• Communicate with you about services, updates, and support
• Analyze usage patterns to optimize platform performance

4. Data Sharing and Disclosure

We may share your information with:

• Payment Acquirers: Transaction data necessary to process payments through connected acquirers
• Service Providers: Third-party vendors who assist in operating our platform (hosting, analytics, support)
• Legal Requirements: When required by law, regulation, or legal process
• Business Transfers: In connection with mergers, acquisitions, or asset sales

We do not sell your personal information to third parties.

5. Data Security

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit and at rest (TLS 1.3, AES-256)
• PCI DSS Level 1 compliance for payment data
• Regular security audits and penetration testing
• Access controls and authentication mechanisms
• 24/7 security monitoring and incident response

6. Data Retention

We retain your information for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements. Transaction data is typically retained for 7 years in accordance with financial regulations.

7. Your Rights

Depending on your location, you may have the following rights:

• Access, update, or delete your personal information
• Object to or restrict processing of your data
• Data portability (receive your data in a structured format)
• Withdraw consent for data processing
• Lodge a complaint with a supervisory authority

To exercise these rights, contact us at privacy@acquirerflow.com

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

9. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or through our platform. Continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices: