Privacy Policy


[Last Updated: May 28, 2023]

This Privacy Policy (“Privacy Policy”) is an integral part of our Terms of Use and Redemption Terms (Collectively “Terms”) and governs the processing of information by Pen to Paper Co. (“Pen to Paper,” “we,” “us,” or “our”) when you use the payment services (“Services”) we offer on behalf of the merchants (“Merchant”) from whom you have purchased goods or services. Any terms used herein and not defined shall have the ascribed to them in the Terms. Pen to Paper may update or revise this Privacy Policy from time to time. Modifications to this Policy will be posted on our Website or addressed directly to you if technically possible.


The Privacy Policy applies to data collected through various means of technology (collectively the “Pen to Paper Technology”), which includes: (i) The Pen to Paper apps or plugins installed on the Merchant Site; and (ii) the Pen to Paper website: as well as, in which the individual may learn about our Services (“Website”). The data collected depends on your relationship with us.    


In the event you are a resident of California please also review our CCPA Notice


The “Pen to Paper” shall mean: 

Pen to Paper Co. at 115 Central Park West, Apt 12K New York, NY 10023 (“Controller”).


If you have any questions or comments about this Privacy Policy, or any concerns with respect to how your privacy any information are handled, please contact our privacy team at: or through the designated forms available on the Pen to Paper Website. 


Non-Personal Data”: means non-identifiable, aggregated data, that is mainly data which is transmitted to us when you access and interact with Pen to Paper Technology, such as the type of browser, type of operating system, type of device used, the time and date you access the Pen to Paper Technology, navigation, language preference, etc. 

Please see below the table which specifies the Personal Data we collect and how we use it:

Please note that the actual processing operation per each purpose of use detailed in the table above may differ. Such processing operation usually includes a set of operations made by automated means, such as collection, storage, use, disclosure by transmission, erasure, or destruction. 

In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts, and any other misuse of the Services and to enforce the Terms, as well as to protect the security or integrity of our databases and the Services, and to take precautions against legal liability.


According to the nature of your interaction with Pen to Paper Technology, we may collect information as follows:


We share your data with third parties, including with trusted partners or service providers that help us provide our Services: 

Where we share information with services providers and partners, we ensure they only have access to such information that is strictly necessary in order for us to provide the Services. These parties are required to secure the data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with all applicable data protection regulations (such service providers may use other non-personal data for their own benefit).

We use the following SDK (a Software development kit) which is a set of tools that provide us with the ability to build a plugin which can be connected to Shopify or other platforms. SDKs are used only in the Pen to Paper plugin on the Merchant’s store. SDK create the opportunity to enable the functionality of our Services, as well as include advertisement and push notifications, if applicable. 

The specific SDK we currently use, purpose of use, their privacy policy and opt-out controls are set forth in the table below:

SDK Purpose Privacy Policy
Shopify Developers Plugin Functionality


We use “cookies” (or similar tracking technologies) when you access the Website. The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies can be used for various purposes, including allowing you to navigate between pages efficiently, as well as for statistical purposes. You can find more information about cookies at: and .

There are several types of cookies, the three main and common ones are:

The specific cookies we currently use, the purpose of the cookies, their privacy policy and opt-out controls are set forth in the table below:



We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your information. Depending on your relationship with Pen to Paper (e.g., if you are a Visitor of our Website, Merchant, or an End-User), data protection and privacy laws provide you with various rights regarding your Personal Data. 

You may exercise any or all of your above rights in relation to your Personal Data by filling out the Data Subject Request (“DSR”) form available here, and send it to our email address at: 

Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisory authority. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law.


We retain Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws or until an individual requests to opt-out of such collection. We may at our sole discretion, delete or amend information from our systems, without providing any notice to you, once we deem it is no longer necessary for our purposes.


We implement extensive security measures to reduce the risks of damage, loss of information and unauthorized access or misuse of Personal Data. We implement appropriate data collection, storage and processing practices and security tools to protect personal data against unauthorized access, alteration, disclosure or destruction. You should be aware that no security measures are completely fail-proof, and it is impossible to prevent any and all threats to the security of data and systems. Therefore, you should be aware that any processing of digital Personal Data holds certain inherent risks, and we cannot guarantee that our Services and databases will be immune to any wrongdoings, malfunctions, unauthorized interceptions or access, malware attacks or other kinds of abuse and misuse.