How we protect your data

• Administrative tools require sign-in with email and password.
• Admin actions are gated by a server-enforced role check; non-admin accounts cannot access the admin area.
• Passwords are checked against known-breached password lists at sign-up and change.

• Application data is stored in a managed Postgres database with row-level security enabled on customer-facing tables.
• Public content (e.g. payment method logos shown on the site) is readable by anyone; writes are restricted to authenticated administrators.
• We collect only the data required to operate the site and administer payment-method content.

All traffic between your browser and PayEurasia is served over HTTPS. Server-side secrets are kept out of client bundles and accessed only from trusted server functions.

PayEurasia operates the application and its administrative controls. The underlying hosting and database platform provides infrastructure security features that PayEurasia configures and uses. Customers are responsible for protecting their own account credentials.

If you believe you have found a security vulnerability, please reach out via our contact page. We appreciate responsible disclosure and will respond as quickly as we can.