Last Updated: June 30, 2026
OwnPay ("we", "us", "our") is dedicated to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you visit our website (ownpay.org) and how the OwnPay self-hosted software handles your personal data.
1. Data Sovereignty & Self-Hosted Infrastructure
OwnPay is a self-hosted, open-source payment gateway automation platform. The most important thing to understand is that we do not host, access, process, or store your customer transaction data, credit card numbers, or API credentials on centralized servers. All data relating to your storefronts, customers, gateways, and ledger balances resides entirely on your own private server infrastructure.
As the self-hosted merchant, you are the Data Controller of your customers' information and are solely responsible for compliance with applicable regional privacy regulations (such as GDPR, CCPA, and HIPAA) on your instance.
2. Information We Collect on Our Website
When you interact with our official marketing website, we may collect the following information:
- Newsletter Subscriptions: If you opt-in to our newsletter, we collect your email address. This is processed securely via MailerLite to send you project news and release notes. You can unsubscribe at any time.
- Contact Inquiries: When you submit a contact or support form, we collect your name, email address, subject, and message content to respond to your request.
- Server Logs: For security and performance monitoring, our servers automatically log standard network details, including your IP address, browser type, and request timestamps.
3. How We Use Your Information
We use the collected information to:
- Provide updates about OwnPay software developments and security announcements.
- Respond to support questions, sponsor applications, and general inquiries.
- Maintain, secure, and optimize our official website and prevent abusive behavior (using rate limiting).
4. Cookies and Tracking
We use essential session cookies for secure website functions, including CSRF token verification and maintaining admin panel sessions. We do not use third-party analytics or behavioral tracking cookies on this website.
5. Security of Your Data
We implement industry-standard security measures (such as HTTPS and input sanitation) to protect any information submitted on our forms. For self-hosted instances, we strongly advise configuring SSL/TLS certificates and implementing strong server security practices.
6. Contact Us
If you have any questions about this Privacy Policy, please contact us at [email protected].