How application information is used.
Effective July 17, 2026
What we collect
We collect business, ownership, contact, processing, fulfillment, website-compliance, and supporting-document information that you choose to submit. We also record limited security metadata such as access events and privacy-preserving hashes of network identifiers.
Why we collect it
We use this information to assemble, assess, and route a merchant application to independent payment processors, acquiring banks, and related underwriting partners; to communicate about the application; to protect the service; and to meet recordkeeping obligations.
Who receives it
Authorized Payment Legend personnel and the prospective processors, banks, underwriters, or service providers evaluating the application may receive relevant information. We do not sell applicant information for advertising.
Retention
Drafts and submitted files are intended to be temporary. A submitted application is assigned a purge date, normally 30 days after submission unless an active underwriting process or legal requirement calls for a shorter or longer period. Minimal non-identifying purge receipts and security records may be retained.
Your choices
You may stop before submission, withdraw an eligible application, or ask the Payment Legend team to correct or delete information, subject to active underwriting and legal requirements.
Security
We use access controls, optional applicant multi-factor authentication, mandatory staff multi-factor authentication, private object storage, short-lived file links, audit events, and automatic cleanup. No internet service is risk-free, and you should submit only from a trusted device and network.
Contact
Use the business contact channel provided by your Payment Legend representative for privacy or deletion requests. Do not send sensitive documents by email.