J-Pay Privacy Policy

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Services

1. Introduction

J-Pay (the operating entities include Jpayment Limited (Hong Kong), the Fuzhou Branch at ICC Shenglong Global Center (China), and JPAYMENT INC. (U.S.), collectively referred to as "we") recognizes the importance of personal information security. This Privacy Policy explains how we collect, use, store, and protect personal information generated when you use J-Pay's global digital payment solutions (including websites, apps, payment gateway services, collectively referred to as "Services"), as well as the rights you enjoy.

By using or continuing to use our Services, you fully understand and agree to all provisions of this Privacy Policy.

2. Information We Collect

We only collect information necessary to provide payment services and ensure transaction security, including but not limited to:

  • 2.1 Identification Information: When you register a J-Pay merchant account or personal payment account, you may need to provide information such as name, email address, mobile phone number, business license (for merchant users), and identification documents (e.g., passport/ID card for identity verification) to comply with cross-border payment regulatory requirements.
  • 2.2 Payment-Related Information: To complete transactions, we collect information about your payment instruments (e.g., last 4 digits of credit card number, bank name of debit card, payment account ID; full sensitive payment data such as complete card numbers is processed through PCI DSS-certified encrypted channels and not stored by us), and transaction records (e.g., transaction amount, currency, transaction time, payee/payer information, order number).
  • 2.3 Device and Log Information: When you use our Services, we automatically collect device model, operating system version, IP address, browser type, access time, page browsing records, and operation logs. This information is used for risk control analysis, service fault troubleshooting, and user experience optimization.
  • 2.4 Other Information: Consultation content, feedback you proactively provide to us, or information we are authorized to obtain from partners (e.g., e-commerce platforms, payment institutions) such as store operation information and order information (subject to your prior authorization).

3. Purpose of Information Use

The information we collect is only used for the following legitimate purposes, in line with the "minimum necessary" principle:

  • Provide, maintain, and optimize payment services (e.g., cross-border acquiring, currency exchange, fund collection);
  • Conduct risk control and anti-fraud work (e.g., identifying abnormal transactions through AI risk control models, connecting to chargeback warning systems to ensure transaction security);
  • Comply with laws, regulations, and regulatory requirements (e.g., anti-money laundering (AML) obligations, know-your-customer (KYC) requirements, and providing necessary information to regulatory authorities);
  • Provide customer service (e.g., responding to your inquiries, handling complaints and disputes);
  • Improve products and services (e.g., optimizing payment processes based on user behavior data, developing new payment scenarios);
  • Send service-related notifications (e.g., transaction status changes, account security alerts; no irrelevant marketing information).

4. Storage and Protection of Information

  • 4.1 Storage Method and Duration: Your personal information will be stored on servers that meet security standards (including our cooperative cloud service providers). The storage location will be selected based on your business region and compliance requirements (e.g., information of users in Mainland China is prioritized for storage on domestic servers). We only store your information for the necessary period to achieve the purposes stated in this Policy; after the period expires, we will delete or anonymize the information in accordance with the law (e.g., transaction records must be retained for at least 5 years in accordance with regulatory requirements).
  • 4.2 Security Protection Measures: We adopt industry-leading security technologies and management measures to protect your information, including but not limited to:
    • Complying with the PCI DSS Payment Card Industry Data Security Standard, encrypting the transmission and storage of sensitive payment information;
    • Deploying firewalls and intrusion detection systems (IDS) to prevent cyberattacks;
    • Establishing a strict permission management system, only authorizing necessary personnel to access personal information;
    • Conducting regular security audits and employee security training to reduce internal risks.

5. Sharing and Disclosure of Information

We will not sell or rent your personal information to third parties without your authorization. We only share information in the following cases:

  • 5.1 Cooperative Service Providers: To provide payment services, we may share necessary information with partners (e.g., payment card organizations (VISA, MasterCard), third-party payment institutions (Alipay, WeChat Pay), banks, risk control service providers). However, we will require partners to comply with this Privacy Policy and relevant confidentiality agreements, and not use the information for other purposes.
  • 5.2 Legal and Regulatory Requirements: When we receive legal requests from laws, regulations, judicial authorities, or regulatory agencies (e.g., court subpoenas, regulatory investigation notices), we will disclose necessary information in accordance with the law.
  • 5.3 Business Mergers or Transfers: In the event of corporate mergers, acquisitions, asset transfers, etc., your personal information may be transferred as part of the assets. We will notify you in advance and ensure the transferee continues to comply with this Privacy Policy.

6. Your Rights

In accordance with relevant laws and regulations, you have the following rights regarding your personal information, and we will provide convenient channels for you to exercise these rights:

  • Access and Inquiry: You can log in to your J-Pay account to view your personal information (e.g., basic account information, transaction records);
  • Correction and Supplementation: If your information is incorrect or incomplete, you can apply for correction through customer service or the account backend;
  • Deletion and Account Cancellation: Subject to compliance with laws, regulations, and service agreements, you can apply to delete part of your information or cancel your account (note: information that still needs to be retained after cancellation will be processed in accordance with regulatory requirements);
  • Withdrawal of Authorization: You can withdraw authorization for the collection of non-essential information (e.g., refusing to provide device log information, which may affect some service functions);
  • Objection and Complaint: If you have objections to information processing, you can file a complaint through the contact information in Section 8 of this Policy, and we will reply with the handling result within 15 working days.

7. Update of Policy

We may update this Privacy Policy based on changes in laws and regulations, business adjustments, or technological developments. After the update, we will notify you through the J-Pay official website (j-pay.net), APP pop-ups, or emails. The new policy will take effect from the date of publication. We recommend you review this Policy regularly to understand the latest content.

8. Contact Information

If you have any questions about this Privacy Policy or need to exercise your personal information rights, you can contact us through the following methods:

Global Office Addresses:
  • Hong Kong: ROOM 65, 2/F, ETON TOWER, 8 HYSAN AVENUE, CAUSEWAY BAY, HONG KONG
  • Fuzhou, China: Unit 3111, 31st Floor, ICC Shenglong Global Center, Taijiang District, Fuzhou City
  • New York, U.S.: 418 CENTRAL PARK W, NEW YORK, NY 10025, US