We take privacy seriously and collect only what's necessary to run the service. Here's a summary of how we handle your data. For full details, see our Privacy Policy.
Your Stripe API key and webhook signing secret are encrypted using AES-256-GCM before being stored in our database. We never store them in plain text. The keys are only decrypted in memory at the moment they're needed to process a payment — and are never logged or transmitted elsewhere.
We don't use cookies, tracking pixels, or third-party analytics tools on the marketing site or in the application. We don't sell your data or share it with advertisers. The only client-side data we store is your session token in local storage, which is cleared when you sign out.
When a customer opens an invoice payment link, we record that the link was viewed (a view count and timestamp). We do not record IP addresses, device information, or any identifying information about who opened the link.
We use a small number of trusted third-party services to run Parsley Pay:
If you'd like your account and all associated data deleted, email us at support@parsleypay.com. We'll process the request promptly. If you cancel your subscription, your data is retained for 30 days and then permanently deleted.
Under UK data protection law, you have the right to access, correct, or delete the personal data we hold about you. To exercise any of these rights, contact us at support@parsleypay.com.