Start typing to search…

Privacy Policy


Effective date: 12 January 2026

This Privacy Policy explains how Aigen LLC, operating under the brand ItisPay (“ItisPay”, “we”, “our”, “us”), collects, uses, stores, and discloses personal data in connection with the provision of its software platform, APIs, SDKs, documentation, and related services (collectively, the “Services”).

This Privacy Policy is designed to comply with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

1. Scope of This Policy

This Privacy Policy applies to:

  • visitors of the website https://itispay.com;
  • business customers and their authorised users;
  • developers and partners accessing the ItisPay platform, APIs, or SDKs.

It does not replace or override privacy policies of any third-party providers that may be integrated by our customers.

2. Role of ItisPay Under GDPR

Depending on the context, ItisPay acts as:

  • Independent Data Controller — for personal data related to:

    • website usage;
    • account administration;
    • customer communications;
    • platform security and analytics;
    • contractual and legal obligations.

  • Data Processor — where ItisPay processes personal data strictly on documented instructions of its business customers, for the purpose of providing technical infrastructure and software services.

ItisPay does not independently provide regulated financial services, nor does it determine the purposes or means of regulated processing activities carried out by licensed third-party providers.

3. Categories of Personal Data We Collect

3.1 Data Provided Directly to Us

  • Contact data: name, email address, phone number, company name, job title.
  • Account data: login credentials, API keys, security preferences.
  • Business data: contractual information, billing contact details.
  • Communications: support requests, feedback, correspondence.

3.2 Data Collected Automatically

  • Technical data: IP address, device type, browser type, operating system.
  • Usage data: log files, platform interaction, API usage metrics.
  • Cookies and similar technologies: see our Cookie Policy.

3.3 Data Processed on Behalf of Customers

Where applicable and solely as a data processor, ItisPay may process personal data uploaded or transmitted by its customers through the Services.

4. Regulated Services and Third-Party Providers

ItisPay provides technology and orchestration software only.

Any services involving:

  • payments,
  • electronic money,
  • virtual wallets,
  • custody of funds or crypto-assets,
  • identity verification (KYC/KYB),
  • transaction monitoring or AML compliance

are performed exclusively by licensed third-party providers engaged directly by our customers under their own regulatory frameworks and privacy policies.

ItisPay does not:

  • perform KYC/AML checks in its own name;
  • act as a financial institution;
  • store or control customer funds.

5. Purposes of Processing

We process personal data for the following purposes:

  • provision and maintenance of the Services;
  • account administration and authentication;
  • technical support and customer communications;
  • security monitoring, fraud prevention, and abuse detection;
  • compliance with legal obligations;
  • internal analytics and service improvement.

Processing is based on one or more lawful grounds under GDPR, including contractual necessity, legitimate interests, and legal obligations.

6. Data Sharing and Disclosure

We may share personal data with:

  • Service providers acting as processors (e.g. hosting, analytics, communication tools), under appropriate data processing agreements;
  • Business customers, where required to provide the Services;
  • Regulatory or public authorities, where required by law;
  • Professional advisors, including legal and compliance consultants;
  • Successor entities, in the event of a corporate transaction.

We do not sell personal data.

7. International Data Transfers

Personal data may be transferred outside the European Economic Area where necessary to provide the Services.

Where applicable, we rely on:

  • adequacy decisions;
  • standard contractual clauses (SCCs);
  • other lawful transfer mechanisms recognised under GDPR.

8. Data Retention

We retain personal data only for as long as necessary to:

  • fulfil contractual obligations;
  • comply with legal and regulatory requirements;
  • resolve disputes and enforce our agreements.

Data is deleted or anonymised once retention is no longer required.

9. Data Subject Rights

Depending on your jurisdiction, you may have the right to:

  • access your personal data;
  • rectify inaccurate data;
  • request erasure;
  • restrict or object to processing;
  • withdraw consent where applicable;
  • lodge a complaint with a supervisory authority.

Requests can be submitted to: [email protected].

10. Security Measures

We implement appropriate technical and organisational measures, including:

  • encryption in transit and at rest;
  • access controls and authentication mechanisms;
  • monitoring and logging;
  • regular security reviews.

11. Children’s Data

The Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be published with a revised effective date.

Material changes will be communicated where required by law.

13. Contact Information

Data Controller: Aigen LLC ul. Domaniewska 17/19/133 02-672 Warsaw, Poland

Email: [email protected] Website: https://itispay.com