Privacy Policy

1. Data Controller

ApapachoPay is a platform that facilitates directed payments exclusively to affiliated healthcare establishments. It is not a remittance service, financial institution, or medical provider.

Data processing follows applicable U.S. privacy standards and the Mexican Federal Law on Protection of Personal Data (LFPDPPP).

Contact: privacy@apapachopay.com

2. Information We Collect

Payers (United States)

• Name
• Phone number
• Email
• Tokenized payment information
• Directed payment history

Beneficiaries (Mexico)

• Name
• Phone number
• ID presented to the affiliated establishment
• Confirmation of receipt of the product or service

Technical Information

• IP address
• Cookies
• Device type
• Site and platform usage data

3. Purposes of Processing

Primary Purposes

• Facilitate directed payments
• Transaction confirmations and related notifications
• Compliance and fraud prevention
• Platform security
• Customer support

Secondary Purposes

• Service satisfaction surveys
• Informational or promotional communications
• Internal analytics and statistics

Secondary purposes may be limited at any time upon request.

4. Data Sharing and Transfers

Data may be shared with:

• Affiliated establishments
• Payment processors
• Technology and SMS providers
• Competent authorities
• Auditors and security vendors

We do not sell personal data.

5. ARCO Rights (Mexico)

Mexican users may request:

• Access
• Rectification
• Cancellation
• Objection

Request: privacy@apapachopay.com

6. U.S. Privacy Rights

Depending on state law, users may request details of collected data, deletion, limitation of processing, or opt-out from non-essential communications.

7. Data Retention

• Transaction records: at least five years
• Support records: two to three years
• Legal records: as required by applicable regulations

8. Security Measures

We implement administrative, technical, and physical security measures, including:

• Encryption
• Restricted access controls
• Multi-factor authentication
• Periodic audits
• Proactive monitoring

9. Cookies Policy

We use cookies for:

• Essential site functionality
• Security
• Analytics
• User preferences

Users may disable cookies through their browser settings, although some features may be limited.

10. A2P/SMS/Email Consent

By using the service, the user consents to receiving:

• Payment confirmations
• Delivery confirmations
• Security alerts
• Operational notifications

Supported commands:

• STOP to unsubscribe
• HELP to request assistance

We do not send marketing messages without explicit consent.

11. Medical Non-Liability

ApapachoPay does not provide medical care, diagnosis, or treatment. Affiliated establishments are solely responsible for product or service availability, medical quality, and beneficiary care.

12. Changes

Updates to this policy will be published on this page.

13. Contact

Email: privacy@apapachopay.com
Support: support@apapachopay.com