Privacy Policy
Last updated: 8 May 2026 · Effective for the pre-launch website at paybees.money
PayBees is operated by DevServe HK Limited, a company incorporated in Hong Kong with its registered office at Unit 1411, 14/F, COSCO Tower, 183 Queen's Road Central, Sheung Wan, Hong Kong (in this Policy, "DevServe", "we", "us", "our"). We are the data user / data controller for personal data collected through this website.
We are committed to protecting your privacy and complying with the Personal Data (Privacy) Ordinance, Cap. 486 of Hong Kong (PDPO) and, where applicable to visitors from those regions, the EU General Data Protection Regulation (GDPR), the CCPA / CPRA, and the UAE Personal Data Protection Law.
1. Scope of this Policy
This Policy applies to personal data we collect from visitors and prospective customers through the PayBees website at paybees.money while the service is in pre-launch. It does not yet cover production payment-orchestration services — a separate, more detailed Privacy Policy will be issued before any production transactions are processed and will supersede this Policy in respect of those services.
2. Personal data we collect
During the pre-launch period we collect a deliberately minimal set of personal data:
| Category | Examples | Source |
|---|---|---|
| Contact data | Email address you submit via our early-access form | Provided by you |
| Communications | Emails you send to hello@, privacy@, or security@paybees.money and our replies | Provided by you |
| Technical data | IP address, browser user-agent, request timestamps, referring URL — logged by our hosting provider for security and abuse prevention | Automatic |
We do not collect names, phone numbers, addresses, financial account information, identity-document data, or biometric data through this website. We do not run third-party advertising trackers and we do not build behavioural profiles.
3. How we collect it
- Directly from you — when you submit the early-access form or send us an email.
- Automatically — server logs at our hosting provider record technical data on each request as part of standard web operations.
4. Purposes & legal bases
We use your personal data only for these purposes:
- To notify you when early access opens and to provide product updates you have asked for. Legal basis: your consent (PDPO DPP1; GDPR Art. 6(1)(a)).
- To respond to your enquiries. Legal basis: steps taken at your request prior to entering into a contract (GDPR Art. 6(1)(b)) and legitimate interest in operating our business (GDPR Art. 6(1)(f)).
- To secure the website, prevent abuse, and meet legal obligations. Legal basis: legitimate interest (GDPR Art. 6(1)(f)) and legal obligation (GDPR Art. 6(1)(c)).
We will not use your personal data for any other purpose without your prior consent or a separate lawful basis.
5. Disclosure to third parties & subprocessors
We do not sell personal data. We do not share personal data with third parties for their own marketing. We share personal data only with the following categories of trusted service providers acting on our instructions:
| Subprocessor | Purpose | Location |
|---|---|---|
| Netlify, Inc. | Website hosting, content delivery, request logging | USA / global edge |
| Google LLC (Google Workspace) | Email infrastructure for paybees.money domain | USA / global |
We may also disclose personal data when required by law, court order, or a valid request from a competent authority, or where necessary to protect our rights, property, or safety, or that of our users or the public.
6. International transfers
Because our subprocessors operate global infrastructure, your personal data may be processed outside Hong Kong, including in the United States and the European Union. Where required, we rely on contractual safeguards equivalent to the European Commission's Standard Contractual Clauses and on the recipient's own certifications. We take reasonable steps to ensure that personal data transferred outside Hong Kong receives a level of protection comparable to that required under the PDPO.
7. Retention
- Early-access email addresses — kept until launch + 12 months, or until you ask us to delete them, whichever is earlier.
- Email correspondence — kept for up to 24 months unless a longer retention is required for legal or accounting purposes.
- Server logs — kept for up to 90 days for security and abuse prevention, then automatically deleted or anonymised.
8. Your rights
Depending on which law applies to you, you have the following rights regarding your personal data:
- Access — request a copy of the personal data we hold about you.
- Correction — ask us to correct inaccurate or incomplete data.
- Erasure — ask us to delete your data (subject to legal retention requirements).
- Restriction or objection — ask us to stop or restrict certain processing.
- Portability — receive your data in a structured, commonly used format.
- Withdraw consent — at any time, without affecting the lawfulness of prior processing.
- Lodge a complaint — with the Office of the Privacy Commissioner for Personal Data, Hong Kong (pcpd.org.hk) or your local supervisory authority.
To exercise any of these rights, email privacy@paybees.money. We will respond within 40 days as required by PDPO §19, or within one calendar month for GDPR-based requests, and may need to verify your identity before acting on a request.
9. Security measures
We follow OWASP best practices and apply technical and organisational measures appropriate to the risk, including: HSTS-enforced HTTPS across the entire site, a strict Content Security Policy, X-Frame-Options: DENY against clickjacking, MIME-sniff blocking, no third-party tracking, principle-of-least-privilege access to data, and incident-response procedures. See our Security Policy for more.
10. Cookies & tracking
The PayBees website does not set tracking cookies. We use localStorage only to remember two of your preferences — your chosen theme (light/dark) and your chosen language — both of which stay on your device and are not sent to us. We do not use Google Analytics or any third-party advertising network.
11. Children
The PayBees website and service are intended for businesses and adults. We do not knowingly collect personal data from children under 18. If you believe we have inadvertently collected such data, please contact us at privacy@paybees.money and we will delete it.
12. Changes to this Policy
We may update this Policy from time to time to reflect changes in law or our practices. We will revise the "Last updated" date and, for material changes, notify early-access subscribers by email. The current version is always available at paybees.money/privacy.html.
13. Contact & complaints
For any privacy question, request, or complaint, please contact:
DevServe HK Limited — Privacy
Unit 1411, 14/F, COSCO Tower, 183 Queen's Road Central, Sheung Wan, Hong Kong
Email: privacy@paybees.money
If you are not satisfied with our response, you have the right to complain to the Office of the Privacy Commissioner for Personal Data, Hong Kong, or to your local supervisory authority.