Legal

Effective date: April 15, 2026  ·  Last updated: April 15, 2026

Contents

  1. Acceptance of Terms
  2. Description of Service
  3. Account Responsibilities
  4. Acceptable Use
  5. Subscription & Billing
  6. Cancellation & Refunds
  7. Service Availability & Limitations
  8. Intellectual Property
  9. Limitation of Liability
  10. Indemnification
  11. Governing Law & Disputes
  12. Changes to These Terms
  13. Contact

01 Acceptance of Terms

By accessing or using Paylon ("Service," "we," "us," "our") — including the web application at paylon.polsia.app — you ("Customer," "you") agree to be bound by these Terms of Service ("Terms"). If you are using Paylon on behalf of an organization, you represent that you have authority to bind that organization, and these Terms apply to it.

If you do not agree to these Terms, do not use the Service.

02 Description of Service

Paylon is a cloud-based payroll and workforce management platform. Core capabilities include:

  • Gross-to-net payroll calculation for salaried and hourly employees
  • Federal, state, and local tax withholding calculations (currently CA, NY, TX, FL)
  • Employee records management (PII, compensation, job classification, cost centers)
  • Time tracking (clock-in/out, shift management, approval workflows)
  • Pay stub generation and payroll history
  • AI-powered workforce analytics and business intelligence (Platinum tier)

Important: Paylon provides payroll calculation tools and record-keeping software. We are not a registered payroll service provider, tax advisor, or licensed accountant. You are responsible for verifying all calculations and ensuring compliance with applicable tax laws before disbursing funds or filing returns.

03 Account Responsibilities

Account Creation

You must provide accurate, current, and complete information when creating your account and keep it updated. You are responsible for all activity under your account credentials.

Credentials Security

You are responsible for maintaining the confidentiality of your login credentials. Notify us immediately at support@paylon.app if you suspect unauthorized access to your account.

Employee Data Accuracy

You are solely responsible for the accuracy of all employee data entered into the Service, including names, Social Security Numbers, addresses, compensation figures, filing statuses, and deduction elections. Paylon processes the data you provide; we do not independently verify it.

Authorized Users

You may grant access to employees or contractors within your organization. You are responsible for ensuring that all authorized users comply with these Terms.

04 Acceptable Use

You agree not to use the Service to:

  • Process payroll for fictitious employees or engage in wage fraud
  • Submit false tax withholding information with intent to evade tax obligations
  • Store or process employee PII for purposes other than payroll and HR administration
  • Reverse-engineer, scrape, or attempt to extract the underlying software or algorithms
  • Share account access with unauthorized third parties outside your organization
  • Use the Service in any way that violates applicable law, including federal and state employment and tax laws
  • Introduce malware, conduct denial-of-service attacks, or attempt to gain unauthorized access to our systems

We reserve the right to suspend or terminate accounts that violate this policy without prior notice.

05 Subscription & Billing

Plans

Paylon offers the following subscription tiers:

Plan Employee Limit Monthly Price Annual Price
BronzeUp to 10FreeFree
SilverUp to 100$29.99/mo$19.99/mo ($239.88/yr)
GoldUp to 1,000$49.99/mo$39.99/mo ($479.88/yr)
PlatinumUp to 5,000$79.99/mo$69.99/mo ($839.88/yr)
Enterprise5,000+Platinum + $0.49/employee/moContact us

Free Trial

All paid tiers include a 30-day free trial. Your payment method will not be charged until the trial period ends. You may cancel before the trial ends to avoid any charge.

Price Lock

Customers who subscribe during the early-adopter period are locked into their current tier pricing for 5 full calendar years from their subscription start date, provided the subscription remains active and in good standing. Future price increases apply only to new customers or to reactivating accounts after a lapse.

Billing

Payments are processed by Stripe, Inc. Monthly subscriptions renew automatically each month; annual subscriptions renew each year. You authorize us to charge your payment method on file for each renewal period. All prices are in USD and exclusive of applicable taxes.

Failed Payments

If a payment fails, we will retry up to three times over seven days. If the balance remains unpaid, your account will be downgraded to Bronze (free) until the balance is resolved. No payroll data will be deleted during this period.

06 Cancellation & Refunds

Cancellation

You may cancel your subscription at any time through your account settings or by contacting support@paylon.app. Cancellation takes effect at the end of the current billing period. You retain access to paid features through the end of the period you have paid for.

Refunds

If you are charged and notify us within 7 days that Paylon is not the right fit, we will issue a full refund — no questions asked. After 7 days, refund requests are evaluated case-by-case. We do not issue partial refunds for unused portions of annual subscriptions except where required by applicable law.

Data After Cancellation

After cancellation, your account is downgraded to Bronze. Payroll history, employee records, and pay stubs remain accessible in read-only mode for 90 days. After 90 days, data may be deleted in accordance with our data retention policy (see Privacy Policy, Section 9).

07 Service Availability & Limitations

Availability

We target 99.5% uptime measured monthly, excluding scheduled maintenance. We will provide reasonable advance notice of planned maintenance windows. In the event of unplanned outages, we will communicate status updates promptly.

Limitations

The Service currently supports payroll calculations for employees in California, New York, Texas, and Florida. Support for additional states is in development. You are responsible for verifying that the Service's calculations are appropriate for any jurisdiction not listed above.

No Tax Filing: Paylon does not currently file tax returns, make tax deposits, or remit payroll taxes on your behalf. You remain responsible for all tax filings and payments to federal and state agencies.

Modifications

We reserve the right to modify, suspend, or discontinue features of the Service at any time. We will provide reasonable notice of material changes that affect your use of the Service.

08 Intellectual Property

Paylon and its software, design, algorithms, and documentation are owned by us or our licensors and protected by intellectual property law. These Terms do not grant you any ownership rights.

You retain ownership of all data you upload or create within the Service (employee records, payroll runs, reports). You grant us a limited license to process and store that data solely to provide the Service to you.

09 Limitation of Liability

To the maximum extent permitted by applicable law:

  • The Service is provided "as is" without warranties of any kind, express or implied, including warranties of merchantability, fitness for a particular purpose, or accuracy of tax calculations.
  • We are not liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of the Service, including but not limited to: tax penalties, interest charges, employee payment errors, or data loss caused by your own actions.
  • Our total cumulative liability to you for any claims arising from your use of the Service is limited to the greater of (a) the fees you paid to us in the 3 months preceding the claim, or (b) $100 USD.

Some jurisdictions do not allow the exclusion of certain warranties or limitation of liability. In such jurisdictions, our liability is limited to the fullest extent permitted by law.

10 Indemnification

You agree to indemnify, defend, and hold harmless Paylon and its officers, directors, employees, and contractors from any claims, damages, losses, liabilities, and expenses (including legal fees) arising from: (a) your use of the Service; (b) your violation of these Terms; (c) your violation of any applicable law; or (d) the data you submit to the Service, including any errors in employee PII or compensation data.

11 Governing Law & Disputes

These Terms are governed by the laws of the State of Delaware, without regard to conflict-of-law principles. Any dispute that cannot be resolved informally shall be submitted to binding arbitration under the rules of the American Arbitration Association, conducted in English. You waive the right to participate in class-action litigation or class-wide arbitration.

Nothing in this section prevents either party from seeking injunctive or other equitable relief in any court of competent jurisdiction to prevent irreparable harm.

12 Changes to These Terms

We may update these Terms from time to time. We will notify you of material changes by email or via an in-app notice at least 14 days before the changes take effect. Continued use of the Service after the effective date constitutes your acceptance of the updated Terms.

13 Contact

Questions about these Terms? Contact us at:

Contents

  1. Overview
  2. Data We Collect
  3. How We Use Your Data
  4. Legal Basis for Processing
  5. Data Sharing & Third Parties
  6. Data Storage & Security
  7. Cookies & Analytics
  8. Your Rights
  9. Data Retention & Deletion
  10. Children's Privacy
  11. Changes to This Policy
  12. Contact & Data Requests

01 Overview

Paylon is a payroll and workforce management platform. Processing payroll requires handling sensitive personal information — employee names, compensation, tax identifiers, and more. We take that responsibility seriously.

This Privacy Policy explains what data we collect, why we collect it, how it is stored and protected, and what rights you and your employees have over that data.

Employer vs. Employee: As a Paylon customer (the employer), you are the data controller for your employees' personal data. Paylon acts as a data processor — we process that data only on your instructions and as described in this policy.

02 Data We Collect

A. Employer Account Data

When you sign up and manage your Paylon account:

  • Name, email address, company name
  • Billing information (processed and stored by Stripe; we do not store full card numbers)
  • Account preferences, subscription tier, and activity logs
  • IP address and browser/device type (for security and fraud prevention)

B. Employee Personal Information (PII)

Entered by you (the employer) on behalf of your employees:

Data Type Examples Purpose
Identity Legal name, date of birth Payroll records, pay stubs, tax forms
Tax identifiers Social Security Number (SSN) / ITIN Tax withholding calculations; W-2/1099 preparation (future)
Compensation Annual salary, hourly rate, pay frequency Gross-to-net payroll calculation
Tax elections Filing status, federal/state allowances, additional withholding Tax withholding calculation per W-4 / state equivalent
Deductions 401(k) %, health/dental/vision premiums, HSA contributions, Roth contributions Pre- and post-tax deduction processing
Job classification Department, job title, cost center, hire date, work state Payroll processing, BI analytics, reporting
Contact Work email address Pay stub delivery (when enabled), system notifications

SSN handling: Social Security Numbers are encrypted at rest using AES-256-GCM. They are never displayed in full after initial entry — only used in calculation and (future) tax form generation workflows.

C. Time Tracking Data

  • Clock-in and clock-out timestamps
  • Shift assignments and duration
  • Approval status (approved / pending / rejected by manager)
  • Device type used to clock in (web browser)
  • Location data: We do not currently collect GPS or device location. If location-based time tracking is introduced in future, we will update this policy and obtain appropriate consent.

D. Usage Data

  • Pages visited, features used, payroll runs initiated
  • Error logs (anonymized) for debugging
  • Session duration and interaction patterns

03 How We Use Your Data

Purpose Data Used
Payroll processing Employee PII, compensation, tax elections, deductions, work state
Tax calculations SSN (for W-4 matching), filing status, allowances, state of employment
Time tracking & shift management Clock events, shift data, approval records
Pay stub generation All payroll calculation inputs and outputs for a given run
Business intelligence (Platinum) Aggregated compensation, department, cost center, headcount data. Individual SSNs are never surfaced in BI views.
Billing & subscription management Employer account info; payment data processed by Stripe
Security & fraud prevention Login events, IP addresses, session data
Product improvement Anonymized usage patterns, error logs (no PII)
Customer support Account info and relevant records you share with us when requesting help

We do not sell your data or your employees' data to third parties. We do not use employee PII for advertising or marketing purposes.

04 Legal Basis for Processing

We process personal data under the following legal bases:

  • Contract performance: Processing payroll and managing your subscription requires us to handle the data described above.
  • Legitimate interests: Security monitoring, fraud prevention, and anonymized product analytics.
  • Legal obligation: Retaining payroll records as required by federal and state employment law.
  • Consent: For any optional communications or data uses not covered above.

For EU/EEA users, this section constitutes our disclosure under GDPR Article 13/14. Contact us at privacy@paylon.app for a Data Processing Agreement (DPA).

05 Data Sharing & Third Parties

We do not sell your data. We share data only with the following categories of service providers, under contractual obligations to protect it:

Provider Purpose Data Shared
Stripe, Inc. Payment processing & subscription billing Billing name, email, payment method. No employee PII.
Neon (database hosting) PostgreSQL database hosting All encrypted application data at rest
Render (infrastructure) Application hosting and serving Application traffic; no direct data access

We may also disclose data: (a) if required by law, court order, or regulatory authority; (b) to protect the rights, safety, or property of Paylon, our users, or the public; or (c) in connection with a merger, acquisition, or sale of substantially all assets, with appropriate notice to you.

06 Data Storage & Security

Storage Location

Data is stored in the United States on Neon-hosted PostgreSQL instances (AWS us-east-1 region). If we expand to other regions, we will update this section.

Security Measures

  • Encryption at rest: All database data encrypted using AES-256. SSNs and other sensitive identifiers use field-level AES-256-GCM encryption with a separate application key.
  • Encryption in transit: All connections use TLS 1.2+. HTTPS enforced on all endpoints.
  • Access control: Database access requires authentication; production database credentials are rotated regularly and stored in environment variables — never in code.
  • Authentication: JWT-based session tokens with expiration. Passwords are not stored — authentication uses secure email-based login flows.
  • Monitoring: Application error monitoring and access logging to detect unauthorized access patterns.

Security incidents: In the event of a data breach that affects your employees' PII, we will notify you within 72 hours of becoming aware of the incident, as required by applicable law.

07 Cookies & Analytics

We use a minimal set of cookies and tracking:

  • Session cookies: Required for authentication. Expire when you close your browser (or after 7 days for remembered sessions).
  • localStorage: Used to store your authentication token and UI preferences locally in your browser.
  • First-party analytics: We use a lightweight beacon (pixel) to track page views. This data is anonymized and associated with a randomly generated visitor ID — it does not include your name or email address.

We do not use third-party advertising cookies, cross-site tracking pixels, or sell behavioral data to ad networks.

08 Your Rights

Depending on where you or your employees are located, the following rights may apply:

Right What It Means How to Exercise
Access Request a copy of the personal data we hold about you or an employee Email privacy@paylon.app
Correction Update inaccurate or incomplete personal data Directly via the app (Employees section) or email us
Deletion Request deletion of personal data (subject to legal retention requirements) Email privacy@paylon.app with subject "Data Deletion Request"
Portability Receive your data in a structured, machine-readable format (CSV / JSON) Email privacy@paylon.app with subject "Data Export Request"
Objection / Restriction Object to or restrict specific processing activities Email privacy@paylon.app

We will respond to verified requests within 30 days. Note that certain data (e.g., payroll records for terminated employees) may be subject to mandatory retention periods under federal and state law and cannot be deleted on demand during those periods.

California residents: You have additional rights under the CCPA, including the right to know, the right to delete, and the right to opt out of sale (we do not sell data). For CCPA requests, use the contact information in Section 12.

09 Data Retention & Deletion

Active Accounts

Data is retained for as long as your account is active and as needed to provide the Service.

After Cancellation

  • Account data and payroll records remain accessible in read-only mode for 90 days after cancellation.
  • After 90 days, we begin purging non-legally-required data from our production systems.
  • Backups are purged on a rolling 30-day retention cycle.

Legal Retention Requirements

Certain payroll records are subject to mandatory retention periods under federal and state law:

  • Federal (FLSA/IRS): Payroll records, employee compensation history — 3–4 years minimum.
  • California: Wage and hour records — 3 years.
  • New York: Payroll records — 6 years.

We will retain the minimum data required to comply with these obligations, even after account deletion. This retained data is isolated, access-controlled, and not used for any other purpose.

Employee Data Deletion

When you mark an employee as inactive or delete their record in the app, their data is soft-deleted (hidden from active views) but retained in our systems subject to the retention periods above. To request hard deletion of an employee's data, email privacy@paylon.app.

10 Children's Privacy

Paylon is a business-to-business payroll service intended for use by employers and their adult employees. We do not knowingly collect personal information from individuals under the age of 16. If you believe we have inadvertently collected such information, contact us at privacy@paylon.app and we will delete it promptly.

11 Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. When we make material changes, we will notify you by email or in-app notice at least 14 days before the changes take effect. The "Last updated" date at the top of this page will always reflect the most recent revision.

Your continued use of Paylon after the effective date of an updated policy constitutes your acceptance of the changes.

12 Contact & Data Requests

For privacy questions, data requests, or to exercise your rights:

We aim to respond to all privacy-related inquiries within 5 business days and to fulfill verified data requests within 30 days.