Privacy Policy

Last updated: 3/3/2026

Payback Time Ltd (“Payback Time”, “we”, “us”, or “our”) provides performance-based user acquisition services for mobile applications and games. This Privacy Policy explains how we process personal data in connection with our services.

1. Our Role

 Payback Time acts as a data processor/service provider on behalf of its clients, who act as the data controllers.

We do not collect personal data directly from end users. All data processed by Payback Time is received via our clients or their designated partners (such as Mobile Measurement Partners – “MMPs”).

Payback Time does not independently determine the purposes or means of processing personal data.

2. Data We Process

In the course of providing our services, we may process limited pseudonymous data, including:

• Device identifiers (e.g., IDFA, GAID)
• IP addresses
• Event-level data (e.g., app installs, in-app events)
• Technical metadata (e.g., timestamps, device type, operating system)

We do not process directly identifiable personal data such as names, email addresses, phone numbers, or payment information.

3. Purpose of Processing

We process personal data strictly for the following purposes:

• Attribution of installs and user activity
• Campaign performance measurement and optimization
• Fraud detection and prevention

We do not use the data for independent purposes or marketing.

Processing is carried out on behalf of our clients and based on their legal basis for processing (such as user consent or legitimate interests, as applicable).

4. Data Sharing

We may share data with trusted third parties solely as necessary to provide our services, including:

• Mobile Measurement Partners (e.g., AppsFlyer, Adjust, Singular)
• Tracking and analytics platforms (e.g., Swaarm Tech GmbH)
• Advertising and rewarded traffic partners

All such third parties act as independent controllers or processors, as applicable, and are contractually required to comply with applicable data protection laws and implement appropriate safeguards.

5. Data Hosting and Transfers

Data processing is conducted via secure cloud-based infrastructure provided by third-party vendors, primarily Swaarm Tech GmbH, headquartered in Germany (EU). Payback Time does not operate its own hosting infrastructure.

Where personal data is transferred outside the European Economic Area (EEA), appropriate safeguards are implemented in accordance with applicable data protection laws, including the use of Standard Contractual Clauses where required.

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described above, or as required by contractual or legal obligations.

7. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

• Encryption in transit (HTTPS/TLS)
• Access controls and role-based permissions
• Monitoring and fraud detection systems

8. Data Subject Rights

As Payback Time acts as a data processor, requests related to personal data (such as access, deletion, or correction) should be directed to the relevant data controller (e.g., the app publisher).

We will assist our clients in fulfilling such requests where required.

9. Contact Information

For any questions regarding this Privacy Policy or our data processing practices, please contact:

Payback Time Ltd
Lehavot Haviva, Israel
Email: roee@paybacktime.com

10. Updates

We may update this Privacy Policy from time to time. Any changes will be published on this page with an updated revision date.