Effective 01/01/2021
At PayMystic we are committed to protecting your personal and business information. Our Privacy Policy covers PayMystic’s treatment of personally identifiable information collected from merchants (hereafter “merchant” or “you”) who use the PayMystic payment gateway services, as well as consumer information that we acquire in the course of our business. This Policy also covers the treatment of personally identifiable information that PayMystic’s business partners may share with it and this website:, owned and operated by PayMystic.
This Policy does not apply to the practices of companies that PayMystic does not own or control, or to people that PayMystic does not employ or manage.


With our business partners, PayMystic gathers and collects levels of personal and business information. This information may include names, emails, phone numbers, business addresses, IP addresses, devise used, banking account information, driver license numbers, dates of birth, biometrics (including photos), business relationships, networks, personal preferences, and credit references. This information could be categorized at different levels of sensitivities. PayMystic relies on encrypted data for the highest level of security for our business partners.
PayMystic collects personally identifiable information when you register for a PayMystic merchant account, and when you use certain PayMystic products and services. PayMystic may also receive personally identifiable information from its resellers and other business partners.
When you register with PayMystic, we ask for your contact information (such as your name, street address and email address), as well as certain information pertaining to your business, along with billing information such as a bank account and/or credit card number.
In the course of processing a payment transaction, we typically receive information related to the transaction from the merchant or a financial institution. This normally includes information about the payment that a consumer has furnished to the merchant or financial institution in the course of placing the order. We do not acquire any information directly from consumers through the Web site. We do not sell your personally identifiable information to third parties.
The personally identifiable information we acquire in processing payment transactions varies according to the nature of the transaction and the way in which merchants or financial institutions are using our payment services. It may include, for example, the amount of the transaction, the consumer’s name, credit card number and expiration date or checking account number, billing address, phone number, and shipping address.
PayMystic uses the information collected to fulfill your requests for products and/or services, to process payment transactions, to facilitate billing, and otherwise deliver  payment gateway and merchant processing services. Personally identifiable consumer information is only used to process payment transactions and is never used for any other purpose. PayMystic does not offer services or sell products to children. PayMystic does not request or knowingly collect personally identifiable contact information from anyone under the age of 13.


As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.


Protecting personally identifiable information about merchants and consumers is an important part of our business. We share and disclose such information only as described below.
PayMystic will only send personally identifiable information about you to other companies or people when: 1) we have your consent to share the information; 2) we need to share your information to provide the product or service you have requested; 3) we need to send the information to companies who work on behalf of PayMystic to provide a product or service to you (unless we tell you differently these companies do not have any right to use the personally identifiable information we provide them beyond what is necessary to assist us).
Data is never distributed for research purposes or sold to marketing firms. No data is shared without permission, nor is it used for external commercial purposes. PayMystic does not share any data or information without the expressed written consent of our business partners.
Personally identifiable consumer information is shared with third parties (such as banks and credit card processors) to the extent necessary for PayMystic to deliver payment-processing services and prevent fraud.
We also may release personally identifiable information when we believe release is appropriate to comply with law, such as a subpoena, or similar legal process; enforce or apply our Merchant Agreement and other agreements; or protect the rights, property, or safety of PayMystic, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and risk reduction.
In certain situations, PayMystic may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In the unlikely event that PayMystic is acquired, merchant account information may be one of the transferred assets. We will notify our merchants via email and/or via a prominent notice on our Web site of any change in ownership or uses of your personally identifiable information, as well as any choices you may have regarding your personally identifiable information

How Data is protected

  • PayMystic uses company owned, private server systems to secure any/all data stored, as well as on servers with our banking affiliate providers servers at multiple locations.
  • Additional encrypted data is stored by our CRM service provider & payment gateway partners.
  • All data is encrypted and shared only with our banking affiliates and merchants.
  • The collected data is kept for 2 years or permanently through our secure server network.
  • Data security is monitored regularly and controlled within the organization. PayMystic administers the highest possible data protection, both internally and with banking affiliates.
  • Our goal is to protect all personal and business related information against potentially malicious software threats as well as secure data against breaches or theft.

PayMystic is in compliance with GDPR terms and conditions.