PayByMy.AI
Sign in
Legal

Privacy Policy

Last updated: April 18, 2026

1. Overview

PayByMy.AI ("we", "us") operates a non-custodial wallet that lets AI agents pay merchants on your behalf. This Privacy Policy explains what we collect, how we use it, and the choices you have. We designed the service so your full card number never touches our servers — payment credentials vault inside Stripe.

2. Information we collect

  • Account information. Email address and authentication details (managed by our identity provider, Clerk).
  • Payment method references. A Stripe PaymentMethod ID plus non-sensitive metadata (card brand, last four digits, expiration). We never receive, process, or store full card numbers.
  • Merchant information. Business name, Stripe Connect account ID, and onboarding status for merchants who register to receive payments.
  • Transaction data. Amount, currency, merchant, timestamp, the budget used (bearer token identifier), and any metadata you or the merchant attached to a payment request.
  • Agent activity. Records of MCP tool calls made with your budget codes — used for audit, abuse prevention, and to let you see what an agent did on your behalf.
  • Technical data. IP address, user agent, and timing of requests, used to operate and secure the service.

3. How we use your information

  • Provide, operate, and improve the service.
  • Authenticate you, authenticate budgets you create, and enforce the limits, allowed stores, and expiries you set.
  • Route payments through Stripe and settle funds to merchants.
  • Detect, prevent, and investigate fraud or abuse.
  • Comply with legal and regulatory obligations.

4. How we share your information

We share limited information with service providers who help run the service:

  • Stripe — card vaulting, PaymentIntents, Connect payouts to merchants. Stripe's handling of your data is governed by Stripe's Privacy Policy.
  • Clerk — user authentication.
  • Merchants — when you pay a merchant's token, the merchant receives the payment, your PayByMy.AI user ID, and any metadata attached to the payment request.
  • Hosting and observability providers that help us operate and monitor the service.
  • Law enforcement when required by valid legal process.

We do not sell your personal information.

5. What we never collect

  • Full credit or debit card numbers.
  • CVV or cardholder verification values.
  • Custodial balances — we do not hold your money. Funds route directly from your card to the merchant via Stripe.

6. Data retention

We retain account and transaction records for as long as your account is active and for a reasonable period afterward to comply with tax, audit, and legal obligations. Agent activity logs are retained for a rolling period for security purposes. You can request deletion of your account at any time subject to these legal retention requirements.

7. Your rights

Depending on your jurisdiction, you may have the right to access, correct, export, or delete your personal information; to object to or restrict certain processing; and to lodge a complaint with a supervisory authority. To exercise these rights, contact us at support@paybymy.ai.

8. International transfers

The service is operated from the United States. If you access PayByMy.AI from another region, your information will be transferred to, processed in, and stored in the United States and other countries where our service providers operate.

9. Children

The service is not directed to children under 18. We do not knowingly collect personal information from children under 18.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above. Material changes will be communicated by email or a prominent notice on the service.

11. Contact

Questions about this policy? support@paybymy.ai

← Back homeTerms of Service →
Privacy Policy — Pay By AI