TLJ Apps
🇧🇷PT-BR🇺🇸EN
💳

TLJ Payment Hub

Payment links inside Bitrix24

Privacy Policy

Developer: TLJ AppsTLJ Tech Systems and Development, LLC·Last updated: May 2026
Summary: The application stores only the technical configuration required to operate (domain, tokens, and gateway API keys). No end-customer data, transaction amounts, or payment information is retained on our servers.

Introduction

This Privacy Policy describes how TLJ Apps (“Company”, “we”, “us”) collects, uses, and protects information when you use the TLJ Payment Hub application on the Bitrix24 platform.

Data We Store

The Application stores, via Cloudflare KV, only the technical data required for its operation:

DataPurpose
Bitrix24 portal domain and IDIdentify the portal and build REST API calls
Bitrix24 outbound webhook tokenAuthenticate server-side calls to move invoices and add timeline comments
MercadoPago API keyGenerate payment links and query charge status
Asaas API keyGenerate Pix, Boleto, and Credit Card charges
Stripe API keyCreate hosted checkout sessions
Subscription statusControl access to paid gateways (Stripe and Asaas)

Data We Do Not Collect

  • We do not store end-customer data (name, tax ID, email, address).
  • We do not retain transaction amounts, billing history, or your customers’ financial data.
  • We do not persist Bitrix24 Invoice content beyond the ID required for status updates.
  • We do not use cookies, tracking pixels, or any monitoring technologies.
  • We do not share information with third parties for advertising or marketing purposes.

Real-Time Processing

When a payment link is generated or a confirmation webhook is received, the Application processes data in real time — reading the Invoice ID, calling the relevant gateway, and updating Bitrix24 — without persisting any transaction information on our infrastructure.

Payment Gateways

The Application integrates the following external services for payment processing, each operating under its own privacy policy: MercadoPago, Stripe, and Asaas. TLJ Apps has no control over the data processed directly by these gateways in your customers’ transactions.

Data Security

All API keys and tokens stored in Cloudflare KV are protected by access controls restricted to the Application’s Worker. All communication with external services occurs exclusively over HTTPS/TLS. Keys are never exposed in the Application’s front end.

Data Retention and Deletion

Your configuration data is retained for as long as the Application is installed in your Bitrix24 portal. To request deletion of your data after uninstalling the Application, contact contato@tlj.net.br.

CCPA/CPRA Compliance

This Application complies with the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA). The only data stored consists of technical operating configuration (API keys and tokens); we do not collect, sell, or share end-customer personal information, and there is no personal information to access, delete, or opt out of selling.

Contact

TLJ Tech Systems and Development, LLC
contato@tlj.net.br · tlj.net.br

View License Agreement (EULA)Back to apps