For OrganizersFor Buyers
LAYUP

[DOC] Privacy Policy

Last updated: 2026-05-18

NOTICE: This policy is an interim summary. Before any production rollout, replace it with a version reviewed by counsel for the jurisdictions you operate in (POPIA, GDPR, CCPA where applicable).

1. What we collect

  • Account data: email, name, organisation name, hashed password.
  • Plan data: order amount, payment schedule, due dates, paid/failed status.
  • Payment metadata: card brand, last 4 digits, expiry, processor reference. Full PAN/CVV never touches our systems — cards are tokenised by Stripe in the buyer's browser.
  • Operational telemetry: request IDs, IP address, user-agent, audit log of administrative actions.

2. How we use it

  • To run payment plans you sign up for (charge instalments, send reminders, retry failures).
  • To comply with anti-fraud, anti-money-laundering, and tax obligations.
  • To debug and improve the service. We do not sell personal data.

3. Third parties

We share data with the following sub-processors, each under a written data-processing agreement:

  • Stripe — card tokenisation, charges, refunds.
  • Vercel — hosting and serverless compute.
  • An email/SMS provider (to be confirmed) — transactional comms.

Vercel Analytics is enabled on public pages; it collects aggregate page-view counts only and does not use cookies or fingerprinting.

4. Retention

Account and plan data is retained for as long as the account is active and for up to 7 years afterwards to satisfy financial record-keeping requirements. Operational logs are retained for 90 days. You may request earlier deletion of data not subject to a legal hold.

5. Your rights

Depending on where you live you may have the right to access, correct, delete, restrict, or export your personal information, or to object to certain processing. Email privacy@layup.local with your request and we will respond within statutory timelines.

6. Security

Passwords are hashed with PBKDF2-HMAC-SHA256 at 600,000 iterations. All traffic is HTTPS. Sensitive credentials live only in environment variables, never in source. Webhook payloads are HMAC-signed and replay-protected with an idempotency table.

7. International transfers

Layup data may be processed in jurisdictions other than yours (notably the United States, where Vercel and Stripe operate). Where required we rely on standard contractual clauses or equivalent transfer mechanisms.

8. Children

Layup is not intended for users under 18. We do not knowingly collect personal data from children.

9. Changes

Material changes will be announced by email. The current version is always available at this URL with the last-updated date in the header.

10. Contact

Privacy questions or requests: privacy@layup.local.