Privacy Policy

Last Updated: May 19, 2025

Xelf Solutions ("us", "we", or "our") operates the xelfsolutions.com website and provides payment orchestration services (collectively, the "Service"). This Privacy Policy outlines our practices regarding the collection, use, processing, and disclosure of your information when you use our Service. We are committed to protecting your privacy and handling your data in an open and transparent manner.

1. Scope of this Policy

This Privacy Policy applies to information we collect through our website (xelfsolutions.com), and in connection with the services we provide to our business customers ("Clients"). It does not apply to the privacy practices of our Clients who use our services to process payments for their end-users; in such cases, the Client's privacy policy governs.

2. Information We Collect

We collect information to provide and improve our Service. The types of information we may collect include:

a. Information You Provide to Us:

  • Contact and Business Information: When you inquire about our Services, request a demo, or sign up as a Client, we may collect your name, email address, phone number, company name, job title, and other business contact details.
  • Account Information: If you are a Client, we collect information necessary to set up and manage your account, including login credentials and billing information.
  • Communications: If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

b. Information We Collect Automatically:

  • Log Data and Usage Information: When you visit our website or use our Services, our servers automatically record information ("Log Data"), including your Internet Protocol (IP) address, browser type and settings, the date and time of your request, how you interacted with our website, and cookie data.
  • Device Information: We may collect information about the device you are using to access our website, including what type of device it is, what operating system you are using, device settings, application IDs, unique device identifiers, and crash data.
  • Cookies and Similar Tracking Technologies: We use cookies and similar technologies (e.g., web beacons, pixels, ad tags and device identifiers) to recognize you and/or your device(s) on, off and across different Services and devices. You can control cookies through your browser settings and other tools. For more information about the cookies we use, please see our (forthcoming) Cookie Policy.

c. Information We Receive from Third Parties:

We may receive information about you from third-party sources, such as public databases, social media platforms, third-party data providers, and our joint marketing partners. We take steps to ensure that such third parties are legally permitted or required to disclose such information to us.

3. How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide, operate, maintain, and improve our Service.
  • Process transactions and send you related information, including confirmations and invoices (if you are a Client).
  • Send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages.
  • Communicate with you about products, services, offers, promotions, rewards, and events offered by Xelf Solutions and others, and provide news and information we think will be of interest to you (with your consent, where required by applicable law).
  • Monitor and analyze trends, usage, and activities in connection with our Service to improve and personalize the Service.
  • Detect, investigate and prevent fraudulent transactions and other illegal activities and protect the rights and property of Xelf Solutions and others.
  • Comply with legal and regulatory requirements.
  • For other purposes about which we notify you and, where relevant, obtain your consent.

4. How We Share Your Information

We may share your information in the following situations:

  • With Service Providers: We may share your information with third-party vendors, consultants, and other service providers who perform services on our behalf, such as hosting, email services, customer relationship management, analytics, and marketing. These service providers are authorized to use your personal information only as necessary to provide these services to us.
  • With Our Clients (If you are an end-user of a Client): If you are an end-user making a payment to one of our Clients, we share transaction information with that Client as necessary to provide our Services.
  • For Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • For Legal Reasons: We may disclose your information if we believe it's necessary to comply with a legal obligation, protect and defend our rights or property, prevent fraud, act in urgent circumstances to protect the personal safety of users of the Service or the public, or protect against legal liability.
  • With Your Consent: We may share your information with other third parties with your consent.

We do not sell your personal information to third parties.

5. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

6. Data Security

We implement reasonable administrative, technical, and physical security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Service is at your own risk.

7. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. (Specific mechanisms like Standard Contractual Clauses for GDPR compliance should be mentioned if applicable).

8. Your Data Protection Rights

Depending on your location and applicable law, you may have the following rights with regard to your personal data:

  • The right to access – You have the right to request copies of your personal data.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • The right to withdraw consent – If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time.

If you wish to exercise any of these rights, please contact us using the contact details provided below. We will respond to your request in accordance with applicable data protection laws.

If you are a resident of the European Economic Area (EEA) or the UK, you have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA). Please see our (forthcoming) California Resident Privacy Notice for more details.

9. Children's Privacy

Our Service is not intended for use by children under the age of 16 (or the relevant age of digital consent in your jurisdiction), and we do not knowingly collect personally identifiable information from children. If you are a parent or guardian and you believe that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

10. Links to Other Websites

Our Service may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. For material changes, we may also provide a more prominent notice (such as by adding a statement to our homepage or sending you a notification).

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

Email: privacy@xelfsolutions.com

Xelf Solutions
Attn: Privacy Officer
Austin, TX, USA