Privacy Policy

Last updated: July 4, 2026

This Privacy Policy describes how NoRamp, Inc. (“NoRamp”, “we”, “us”, or “our”) collects, uses, retains, and discloses personal information in connection with our websites, including noramp.io, and our payments platform and related services (the “NoRamp Services”). Capitalized terms not defined here have the meanings given in the NoRamp Terms and Conditions.

A note on the summaries: some sections begin with a short summary labeled “Plain English.” The summaries are provided for convenience only and do not modify this Privacy Policy.

1. Scope and Our Roles

Plain English: This policy covers data we collect for our own purposes. When we handle your customers’ data on your behalf as a merchant, that is governed by our Data Processing Addendum, and your customers should contact you directly about their data.

This Privacy Policy applies to personal information we process as a controller, meaning information about visitors to our websites, prospective customers, and the individuals associated with our Merchants, such as owners, principals, and staff, that we collect and use for our own purposes.

When we process personal information about a Merchant’s customers (“Customer Data”) in order to provide the NoRamp Services to that Merchant, we act as a processor (or service provider) on the Merchant’s behalf. That processing is governed by our agreement with the Merchant, including our Data Processing Addendum, and by the Merchant’s own privacy policy. If you are a customer of a business that uses NoRamp and you have questions or requests about your personal information, please contact that business directly. We will refer any request we receive from you to the relevant Merchant where appropriate. Payment processing is performed by our payment processor, Stripe, Inc. (“Stripe”), whose handling of your information is described in Stripe’s own privacy policy.

2. Information We Collect

Information you provide to us. When a Merchant registers for a NoRamp Account, we collect information such as name, business or trade name, email address, phone number, mailing address, business identification or registration numbers, and information about the business, its beneficial owners, and its principals, including identity verification documents and licensure information, as needed for onboarding, underwriting, and compliance. If you contact us for support or sales, we collect the contents of those communications.

Transaction information. In providing the NoRamp Services, we receive information related to Transactions, which may include purchaser name, email address, payment method details (handled by Stripe), transaction amount, product or service description, and, where applicable, a digital wallet address.

Information collected automatically. When you visit our websites or use the NoRamp Services, we and our service providers automatically collect device and usage information, such as IP address, browser type, operating system, referring pages, pages viewed, and timestamps, using cookies and similar technologies as described in Section 6.

Information from third parties. We receive information about Merchants and their principals from third parties, including Stripe, identity verification providers, fraud prevention services, credit bureaus, sanctions and watchlist screening services, and publicly available sources, in each case for onboarding, underwriting, risk management, and compliance purposes.

3. How We Use Information

We use personal information to:

4. How We Share Information

Plain English: We share data with Stripe to run payments, with vendors who help us operate, and with authorities when the law requires. We do not sell your personal information.

We share personal information with:

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising as those terms are defined under applicable U.S. state privacy laws.

5. Data Retention

We retain personal information for as long as necessary to provide the NoRamp Services, comply with our legal and regulatory obligations, including recordkeeping obligations applicable to payments businesses, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of information and the purpose of processing. When personal information is no longer needed, we delete or de-identify it.

6. Cookies and Similar Technologies

We use cookies and similar technologies to operate our websites, keep you signed in, remember preferences, analyze usage, and measure the effectiveness of our communications. You can control cookies through your browser settings, and where required by law we will request your consent to non-essential cookies. Disabling certain cookies may affect the functionality of our websites and services.

7. Security

We maintain commercially reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, accidental loss, and modification. Card payment data is handled by Stripe, which is certified to PCI-DSS. No security program is perfect, and we cannot guarantee the security of personal information.

8. International Data Transfers

We are based in the United States, and personal information we collect is processed in the United States and other jurisdictions where we or our service providers operate. Where we transfer personal information from the European Economic Area, the United Kingdom, or Switzerland to a jurisdiction not recognized as providing an adequate level of protection, we implement appropriate safeguards, such as the European Commission’s Standard Contractual Clauses and the UK Addendum or International Data Transfer Agreement, as applicable.

9. Your Privacy Rights

Plain English: Depending on where you live, you can ask to access, correct, delete, or receive a copy of your data. Email privacy@noramp.io and we will handle it.

U.S. state privacy rights. Depending on your state of residence, you may have the right to know or access the personal information we hold about you, to correct inaccurate personal information, to delete personal information, to obtain a portable copy, and to opt out of the sale or sharing of personal information and certain profiling (noting that we do not sell or share personal information as described in Section 4). We will not discriminate against you for exercising your rights. You may exercise these rights by emailing privacy@noramp.io. We will verify your request using the information associated with your account or other reasonable means, and you may use an authorized agent where permitted by law. If we decline a request, you may appeal by replying to our decision, and we will inform you of the outcome.

EEA, UK, and Swiss rights. Where the GDPR or equivalent laws apply, you may have rights of access, rectification, erasure, restriction, portability, and objection, and the right to withdraw consent where processing is based on consent. Our legal bases for processing include performance of a contract, compliance with legal obligations, our legitimate interests (such as securing and improving the NoRamp Services and preventing fraud), and consent where required. You may lodge a complaint with your local supervisory authority, though we would appreciate the chance to address your concerns first.

Requests about Customer Data. If your personal information was provided to us by a business that uses NoRamp, we may refer your request to that business, which is the controller of that information, and we will assist that business in responding as required by our agreement with it.

10. Children

The NoRamp Services are intended for businesses and are not directed to children. We do not knowingly collect personal information from anyone under the age of eighteen (18). If you believe a child has provided us personal information, please contact us and we will delete it.

11. Third-Party Services

Our websites and services may link to or integrate with third-party services, including Stripe. This Privacy Policy does not apply to those services, and we encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through the NoRamp Platform and update the date at the top of this policy. Your continued use of the NoRamp Services after the effective date of an updated policy constitutes your acknowledgment of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us at privacy@noramp.io or by mail at NoRamp, Inc., Attn: Privacy.