Last updated: April 2026. This policy describes how CascadX handles your data.
CascadX is committed to protecting your privacy. This policy explains how we collect, use, and safeguard personal data when you use our payment cascading platform.
We collect transaction data (amounts, currencies, card BIN ranges), account information (name, email, company), and usage analytics. We never store full card numbers — these are handled by PCI-compliant PSP partners.
Transaction data is used to train our AI routing models and improve approval rates. Account data is used for service delivery and communication. Analytics data helps us improve the platform.
Transaction data is retained for 24 months for model training, then anonymized. Account data is retained for the duration of your service agreement plus 12 months.
You have the right to access, rectify, erase, and port your personal data. You may object to processing or request restriction. Contact privacy@cascadx.com to exercise any right.
We employ encryption at rest and in transit, SOC 2 Type II controls, regular penetration testing, and access controls based on the principle of least privilege.
For privacy inquiries: privacy@cascadx.com. Data Protection Officer: dpo@cascadx.com.