PayFile Pro

Privacy Policy

Last updated: April 22, 2026

Who we are

PayFile Pro is operated by 1001188544 Ontario Inc., a Canadian corporation based in Ontario. This policy explains what information we collect when you use PayFile Pro, how we use it, and who we share it with.

Questions about this policy or your data: hello@payfilepro.com.

What PayFile Pro does (and why this matters for your privacy)

PayFile Pro helps you generate bank-ready payment files — ACH (NACHA) files for US banks and EFT files for Canadian banks including TD, RBC, BMO, Scotiabank, CIBC, ATB, and Central 1. You upload a CSV or enter payments in the browser, and PayFile Pro produces the file for you to upload to your bank.

File generation happens entirely inside your browser. Your payment data — bank account numbers, routing numbers, payee names, amounts — never leaves your device and is never transmitted to our servers. We could not access it even if we wanted to.

This is a core design decision and shapes everything below.

Information we collect

We collect the minimum needed to run your account and process credit pack purchases.

  • Email address. For login and transactional email (account confirmation, receipts, low-balance alerts).
  • Company name. Shown in your dashboard and on receipts.
  • Primary bank. The bank you selected during signup (a dropdown value and, for US users, an optional free-text bank or credit union name).
  • Credit balance. How many file generations you have remaining.
  • Credit transactions. A record of each purchase and each file generation. For purchases we store the Stripe session ID; for generations we store which bank format was used. We do not store the contents of the file or the payment data that went into it.
  • Referral code. If you signed up through an affiliate link, we store the code so the correct partner gets credited.
  • Affiliate program data. If you're an affiliate partner, we store your name, email, the referral code assigned to you, and the payout method you've given us (for example, a PayPal email or a Stripe Connect account). We also keep a record of referrals made and commissions earned. If we're required to collect tax information for payouts, we'll tell you at the point we ask for it.

Information we do not collect

Because file generation happens in your browser, we never receive or store:

  • Bank account numbers or routing numbers
  • Payee names, addresses, or contact details
  • Payment amounts
  • Uploaded CSV files
  • Generated NACHA or EFT files

The file generation logic runs on your device and can be inspected in your browser's developer tools if you want to verify this.

How we use your information

We use the information we collect to:

  • Create and authenticate your account.
  • Process credit pack purchases and issue receipts.
  • Track your credit balance and record each file generation against it.
  • Send transactional emails (account confirmation, receipts, low-balance alerts).
  • Credit affiliate partners for referrals and calculate commissions.
  • Detect and prevent fraud or abuse of the service.
  • Comply with legal obligations and respond to lawful requests.
  • Provide customer support when you contact us.

We don't use your information for behavioral advertising, profiling, or any purpose not listed above.

Who we share data with

We use a small number of third-party services to run PayFile Pro, and we share only what each one needs to do its job.

  • Supabase — hosts our database and handles authentication. Your account record (email, company name, credit balance, transaction log) lives here.
  • Stripe — processes credit pack purchases. Stripe collects your payment details directly during checkout; we receive a confirmation and a session ID but never see your card number.
  • Resend — sends transactional email on our behalf (account confirmation, receipts, low-balance alerts).
  • Vercel — hosts the PayFile Pro web application.
  • Cloudflare — our DNS provider.
  • Google Search Console — helps us understand how PayFile Pro appears in Google search results. It doesn't receive your account data.

We do not sell your data. We do not share it with advertisers. We disclose it only if compelled by law.

Cookies

PayFile Pro uses two cookies:

  • A session cookie to keep you signed in.
  • A referral cookie (payfilepro_ref), set for 30 days when you visit through an affiliate link, so the correct partner is credited if you sign up.

We do not use advertising cookies, cross-site tracking cookies, or third-party analytics cookies.

Where your data is stored

Our database is hosted by Supabase in the United States (US East region). If you're a Canadian customer, your account information is stored in the US. By using PayFile Pro, you consent to this transfer.

How long we keep your data

We keep your account information for as long as your account is active. If you ask us to delete your account, we'll remove your account record and personal information within 30 days.

Some records may be retained longer where required by law or by our payment processor. In particular, Stripe retains transaction records for tax and anti-fraud purposes regardless of what we do on our end.

Your choices

You can:

  • Access your information by logging into your dashboard.
  • Update your company name or primary bank from your account settings.
  • Delete your account by emailing hello@payfilepro.com. We'll confirm and process the deletion.

If you're in a region with specific data rights — for example under Canadian PIPEDA or California's CCPA — you can exercise those rights by contacting us. We're a small company and handle these requests manually, but we take them seriously.

Security

  • All traffic to PayFile Pro is encrypted in transit (HTTPS/TLS).
  • Database access is protected by row-level security, so your account can only read and write its own records.
  • Authentication is handled by Supabase Auth.

No system is perfectly secure, but we've designed PayFile Pro so that the most sensitive data — your payment file contents — never leaves your device in the first place.

If a security incident affects your personal information in a way that creates a real risk of significant harm, we will notify you and any applicable regulator (for example, the Office of the Privacy Commissioner of Canada) as required by law.

Children

PayFile Pro is a business tool. It's not intended for anyone under 18, and we don't knowingly collect information from minors.

Changes to this policy

If we make material changes, we'll update the "Last updated" date and, where appropriate, notify you by email. Minor wording changes may be made without notice.

Contact

Questions, concerns, or data requests:

hello@payfilepro.com
1001188544 Ontario Inc.
Ontario, Canada

← Back to PayFile Pro