Privacy Policy - Ezidcode Pay

At Ezidcode Pay, protecting your data and payment privacy is our core operational focus. This Privacy Policy details the strict guidelines we follow regarding the gathering, secure processing, and tokenization of transaction parameters within our gateway software.

1. Information We Collect

As a backend infrastructure software solution, we process information necessary to validate secure invoice routing:

Merchant Account Details: Registered email address, system currency preferences, operational public keys, and internal ledger balance figures.
Transaction Parameters: Order identifiers (e.g., WordPress/WHMCS order IDs), gross fiat amounts, currency codes, timestamp metadata, and invoice status tokens.
Technical Log Data: Network IP addresses making API requests, server callback responses, and secure webhook execution signatures.

2. Payment Processing and Financial Data Protection

To maximize financial asset protection and eliminate risk vectors, Ezidcode Pay does not collect or store raw consumer credit card numbers, CVVs, or full banking login credentials on its servers.

When a customer executes a checkout request choosing a fiat interface channel, the payment data flow is safely wrapped using secure cryptographic hashing algorithms (SHA-256) and handed off via HTTPS directly to accredited processing clearing networks, such as Volet, and Oxapay, for final bank card authorization. The only data written back to our systems is an anonymized transaction confirmation string (e.g., ac_transfer_id).

3. Purpose of Processing Data

We process the minimal data fragments collected exclusively to:

Safely generate checkout pages and maintain secure database connection sessions.
Verify structural transaction authenticity and match signature hashes to prevent double-spending or malicious payment injections.
Provide automated post-back webhook reports to target merchant plugins to flag orders as completed.

4. Third-Party Data Sharing

Data parameters are shared with external operational entities solely when required to process an active transaction initiated by the consumer (e.g., transmitting payment currency types and total amounts to the Volet interface or target blockchain ledger blocks). We never market, sell, or rent merchant database records to marketing aggregators or outside parties.

5. Storage and Security Standards

Our backend systems leverage secure database queries utilizing Prepared Statements to protect against SQL injections, combined with automatic runtime transaction commits. Security keys are encrypted at rest in server configurations.