Payout
PAYOUT
Legal

Privacy Policy

PAYOUT LLC

Privacy Policy of Payout

Privacy Policy

Effective date: May 2, 2026

PAYOUT LLC ("us", "we", or "our") operates the Payout mobile application and the website at trypayout.app, including the authenticated web app at trypayout.app/app (collectively, the "Service").

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Use.

Information Collection And Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data

While using our Service, we may collect or process certain information that can be used to identify you or your device ("Personal Data"). This may include, but is not limited to:

  • Account information when you sign in — your email address, sign-in provider (Apple or Google), and, where the provider supplies them, your display name and avatar image. See "Accounts and Sign-In" below.
  • Settlement preferences (which settlements you've claimed, saved, or asked to be notified about). When you are signed in, these are stored on our backend so they sync across your devices; they are also kept locally on your device for offline use. See "Accounts and Sign-In" below for details, including how anonymous sessions work if you tap "Skip for now."
  • Push notification device tokens (the APNs or FCM token issued by your operating system) along with the platform (iOS or Android) and app version, so we can send you the push notifications you've requested. See "Push Notifications" below.
  • Subscription status (whether you have an active Payout Premium subscription, managed via the Apple App Store or Google Play through our subscription provider RevenueCat)
  • Mobile device identifiers, including the Apple Identifier for Advertisers (IDFA) and Google Advertising ID (when you grant tracking permission)
  • Information you provide when you complete a claim form (e.g., name, address, signature) — see "Claim Form Information" below
  • Information you provide when you contact us (such as your email address when emailing support)
  • Usage Data (see below)

Claim Form Information

For settlements that require a mailed claim form, you may enter information into a form within the app (e.g., your name, address, last four digits of payment cards used at the time of purchase, or a signature). This information is used to fill the PDF claim form on your device. The completed PDF is stored locally on your device for you to print and mail. We do not transmit your claim form information to our servers.

Accounts and Sign-In

Payout offers an optional account so your settlement preferences sync across devices and so we can send push notifications when settlements you've saved go live. Account authentication is provided by Supabase (our backend platform — see "Third-Party Service Providers" below). We support the following sign-in methods:

  • Sign in with Apple. When you sign in with Apple, Apple shares with us a unique user identifier and, on first sign-in, your name and the email address you choose to share (which may be a private relay address generated by Apple). On iOS we use Apple's native Sign in with Apple sheet; on other platforms we use a browser-based Apple OAuth flow. If you delete your account, we ask Apple to revoke the access and refresh tokens that were issued for Payout, in compliance with Apple's account-deletion guideline.
  • Sign in with Google. When you sign in with Google, Google shares with us your email address and may also share your display name and profile picture URL. We do not receive your Google password.
  • Anonymous sessions. If you tap "Skip for now" instead of signing in, we create an anonymous session in our backend so your settlement preferences can still be synced under a randomly generated, app-scoped identifier. This anonymous identifier is not linked to your name, email, or any social account. On iOS the session token is persisted in the iOS Keychain (which can survive reinstalls); you can clear it from the device by signing out, deleting the app's data, or resetting the device.

Your sign-in session is stored securely on your device using the iOS Keychain or Android Keystore (via Expo SecureStore on mobile, or HTTP-only cookies on the trypayout.app website). When you are signed in, the following data is stored on our backend on your behalf:

  • A user record containing your unique account ID, email, sign-in provider, display name and avatar URL (if provided by the provider), the timestamp at which you completed onboarding, and — if you have ever subscribed via web — a pointer to your billing record;
  • Your saved settlement preferences (the IDs of settlements you've claimed and the IDs of settlements you've asked to be notified about);
  • One row per device that has registered for push notifications, containing the APNs/FCM token, platform, app version, and last-seen timestamp.

Backend access is gated by row-level security: each user can only read or write their own rows. You can delete your account and all associated server-side data at any time — see "Your Data Protection Rights" below.

Usage Data

When you access the Service by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data ("Usage Data").

We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device including, but not limited to, your IP address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Location Data

We may use and store information about your location if you give us permission to do so ("Location Data"). We use this data to provide features of our Service, to improve and customize our Service.

You can enable or disable location services when you use our Service at any time through your device settings.

Mobile Identifiers and Tracking

Because Payout is primarily a mobile application, we do not use traditional web cookies inside the app. We do use the following identifiers and similar technologies to operate, secure, and measure the Service:

  • App Tracking Transparency / IDFA (Apple). On iOS, we will prompt you with Apple's App Tracking Transparency dialog. If you grant permission, we use your Identifier for Advertisers (IDFA) to attribute install campaigns and measure subscription conversions through our partners (AppsFlyer, Adjust, Meta). If you decline, we do not access your IDFA and the partners listed above operate in a non-personalized "limited data" mode.
  • Google Advertising ID (Android). Used for the same install attribution and conversion measurement purposes. You can reset or limit your advertising ID through your device's Google settings.
  • Anonymous account identifiers. If you tap "Skip for now" instead of signing in, a randomly generated account identifier is created on our backend so your settlement preferences can sync across reinstalls. This identifier is not linked to your name, email, or any social account.

On the trypayout.app website we use HTTP-only cookies to keep you signed in (the Supabase authentication cookie) and minimal cookies for security and to remember your preferences. We do not use the website to track or profile users for advertising.

Use of Data

PAYOUT LLC uses the collected data for the following purposes:

  • To provide and maintain the Service, including syncing settlement data to your device
  • To create, authenticate, and maintain your Payout account, and to keep your saved settlements in sync across the devices and platforms (mobile and web) that you use to sign in
  • To help you discover, save, and prepare class action settlement claims
  • To send you push notifications about settlement deadlines and saved claims (only if you grant notification permission), and to keep an internal audit log of which notifications were sent to which user so we don't send the same notification twice and can debug delivery problems
  • To validate and grant access to a Payout Premium subscription if you purchase one
  • To measure marketing campaign performance and attribute installs to the channel they came from (only when tracking permission is granted on iOS or your Google Advertising ID has not been reset on Android)
  • To analyze how the Service is used so we can improve it
  • To detect, prevent, and address fraud, abuse, or technical issues
  • To respond to your support requests
  • To comply with legal obligations and protect our legal rights

Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

PAYOUT LLC will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Disclosure Of Data

Business Transfers

If PAYOUT LLC is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

Disclosure for Law Enforcement

Under certain circumstances, PAYOUT LLC may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal Requirements

PAYOUT LLC may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of PAYOUT LLC
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

Security Of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Where your Personal Data is stored on our backend, we rely on industry-standard safeguards: traffic between your device and our backend is encrypted in transit using TLS; backend data is encrypted at rest by our infrastructure provider (Supabase); access to user-owned database rows is restricted by row-level security so that each authenticated user can read and write only their own data; and your sign-in session is stored on your device using the platform-native secure storage (iOS Keychain or Android Keystore on mobile, HTTP-only cookies on the website).

Service Providers

We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Data Retention

We retain Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. Specifically:

  • Account information (email, sign-in provider, display name, avatar URL) — retained for the life of your account. When you delete your account, this data is permanently removed from our backend, typically within 30 days. See "Your Data Protection Rights" for the in-app deletion flow.
  • Settlement preferences and claim status — stored locally on your device, and, when you are signed in (including under an anonymous session), also stored on our backend so they can sync across your devices. The server-side copy is deleted when you delete your account; the local copy remains until you uninstall the app or clear app data.
  • Completed PDF claim forms — stored locally on your device only, until you delete them from the Forms tab.
  • Push notification device tokens — retained while the token is valid. We automatically purge tokens that the operating system reports as expired or unregistered, and we delete all of your tokens when you delete your account or sign out from a device.
  • Notification audit log (which settlement-live or deadline notifications were delivered to which user) — retained for up to 24 months for debugging and dedupe purposes, and deleted when you delete your account.
  • Subscription status — retained for the life of your subscription, plus up to 7 years after your last subscription period ends, for tax, audit, and dispute-resolution purposes.
  • Usage and analytics data — retained by our analytics providers (Mixpanel, AppsFlyer, Adjust, Meta) according to their own retention policies, generally between 12 and 24 months.
  • Support correspondence — retained for up to 3 years from the date of last contact.

We will retain and use Personal Data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and policies.

Third-Party Service Providers

We use the following third-party services to operate, measure, and improve Payout. Each is a separate company subject to its own privacy policy. We do not sell your data to any of them; the data they receive is limited to what is necessary to perform their service for us.

  • Supabase — backend platform that provides our authentication (Sign in with Apple, Sign in with Google, anonymous sessions), Postgres database (your account record, saved settlements, push device tokens, and notification audit log), and edge-function runtime (account deletion, push notification fan-out). Supabase processes this data on our behalf and stores it in the United States. Privacy: supabase.com/privacy
  • Apple Push Notification service (APNs) and Firebase Cloud Messaging (FCM) — used to deliver iOS and Android push notifications to your device. We send the notification title, body, and a small payload identifying the settlement; APNs and FCM relay it to the device token registered for your install.
  • Mixpanel — product analytics (which screens you view, which features you tap). Privacy: mixpanel.com/legal/privacy-policy
  • AppsFlyer — install attribution and post-install measurement. Privacy: appsflyer.com/legal/services-privacy-policy
  • Adjust — install attribution. Privacy: adjust.com/terms/privacy-policy
  • Meta (Facebook SDK) — app event tracking and ad attribution. Privacy: facebook.com/about/privacy
  • RevenueCat — subscription entitlement management on top of Apple In-App Purchases and Google Play Billing. Privacy: revenuecat.com/privacy
  • Apple App Store and Google Play — handle in-app subscription purchases, including payment processing, billing, and refunds, in accordance with their own terms and privacy policies.
  • Vercel — hosting provider for our backend API and website.

Where required by Apple's App Tracking Transparency framework, the partners above operate in a non-personalized mode unless you explicitly grant tracking permission.

In-App Subscriptions

Payout offers an optional Premium subscription that unlocks unlimited claim assistance. Subscription billing, renewal, cancellation, and refunds are handled by the Apple App Store or Google Play (depending on your device), through our subscription management partner RevenueCat. We receive subscription status and limited transaction metadata necessary to grant or revoke access to Premium features. We do not directly process or store your payment card details.

You can manage or cancel your subscription at any time from the Settings screen in the app, or directly through your Apple ID subscription settings or Google Play account.

Push Notifications

With your permission, we send push notifications about settlement deadlines, new claim opportunities relevant to your saved settlements, and account-related updates. You can disable notifications at any time from your device's Settings app, or by tapping the bell icon for any individual settlement inside Payout. Disabling notifications will not prevent you from using the rest of the Service.

To deliver notifications, we register the APNs (iOS) or FCM (Android) device token issued by your operating system with our backend, alongside the platform and the version of the Payout app you have installed. Notifications are sent through Apple's APNs and Google's FCM services, which are responsible for relaying the message to your device. We keep a per-user audit log of which settlement-related notifications were sent so that we don't deliver the same notification twice and so we can debug delivery failures; that log contains your account ID, the settlement ID, the event name, and a timestamp. We automatically remove device tokens that APNs or FCM tells us are invalid, and all of your tokens and notification history are removed when you delete your account.

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Your Data Protection Rights

PAYOUT LLC aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the right to:

  • The right to access – You have the right to request copies of your personal data.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

Account Deletion

You can permanently delete your Payout account at any time, directly from the app:

  • In the mobile app: Settings → Delete Account.
  • By email: if you cannot access the in-app flow, email support@trypayout.app with the subject line "Data Deletion Request" from the email address associated with your account.

When you delete your account, we permanently remove your account record, your saved settlement preferences, your registered push notification device tokens, and your notification audit log from our backend. If you signed in with Apple, we additionally call Apple's token revocation endpoint to invalidate the Sign in with Apple tokens that were issued to Payout, in accordance with Apple's account-deletion guideline. Local data on your device (such as completed PDF claim forms saved to the Forms tab) is also cleared during the in-app deletion flow.

Account deletion is irreversible. Some information may be retained where required by law or for legitimate business purposes (e.g., subscription transaction records held by Apple or Google for tax, audit, and dispute resolution) and is not within our control to delete.

California Privacy Rights (CCPA)

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information is collected, used, shared or sold
  • The right to delete personal information held by businesses
  • The right to opt-out of the sale of personal information
  • The right to non-discrimination for exercising CCPA rights

To exercise these rights, please contact us at support@trypayout.app

European Economic Area, United Kingdom, and Switzerland Privacy Rights (GDPR)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR) or local equivalents, including the right of access, rectification, erasure, restriction of processing, objection to processing, and data portability described in the section above.

Our legal bases for processing your Personal Data are: (i) your consent, which you may withdraw at any time; (ii) the performance of our contract with you (these Terms of Use and your purchase of any optional subscription); and (iii) our legitimate interests in operating, securing, and improving the Service.

You have the right to lodge a complaint with your local data protection authority. To exercise any of these rights, contact us at support@trypayout.app.

Children's Privacy

Our Service does not address anyone under the age of 18 ("Children").

By using our app and making in-app purchases, you consent to our sharing of data regarding your usage and consumption of purchased content with Apple, as part of our efforts to resolve refund requests. This information may include details about how you have accessed and interacted with the purchased content. The purpose of sharing this data is to help Apple make an informed decision regarding refund requests. We ensure that such data sharing is done in compliance with Apple's policies and only as necessary to process your requests.

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Changes To This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us at support@trypayout.app

Last updated: 5/6/2026