A German Dropbox rival claims PayPal (PYPL) dropped it as a customer because it refused the payment company’s demands to spy on its users’ data.
Seafile GmbH informed its customers on Saturday that they would no longer be able to pay for the service using PayPal—the only payment method that the company had in place.
“We’re looking into alternative payment services, but currently we’re running a cloud service and not getting paid,” CEO Silja Jackson told Fortune.
Get Data Sheet, Fortune’s technology newsletter.
Seafile was founded in 2009 by students at Tsinghua University in Beijing, and has in the last couple years gained enough traction in Germany to form a subsidiary there.
The company claims a total of 250,000 users, many in universities. It offers an open-source file-synchronization system that organizations can install on their own servers—for a fee, if they want enterprise features—and last October the firm decided to also start offering a paid version that’s hosted on Seafile’s German servers, for individuals and small businesses.
According to Jackson, PayPal contacted Seafile in early June with a questionnaire about its service, and by posting a notice on Seafile’s PayPal account to say it was violating an unspecified part of PayPal’s terms of use.
Jackson said her team got the feeling that PayPal classified Seafile as a service for illegal file-sharing. She said the company explained to PayPal that it did not offer free accounts and that customers needed to disclose their address when signing up.
According to Seafile, PayPal then demanded that Seafile monitor its customers’ data traffic and files for illegal content, and send the payment firm detailed statistics about the types of files synchronized over the service.
“In our opinion and our lawyers’ opinion, that would violate privacy laws,” said Jackson. “We also think that giving PayPal [statistical] information would violate our customers’ privacy rights.”
According to a German lawyer interviewed by local tech publication Chip.de, Seafile made the right legal call here, according to privacy legislation in Germany and the wider EU.
Jackson said a PayPal sales representative told her over the phone that there must be some mistake with the demands, but the next day, on June 14, PayPal told Seafile it could only resolve the issue by no longer offering PayPal as a payment option. Essentially, it dropped Seafile as a customer.
For more on PayPal, watch our video.
What does this mean for Seafile? “For now, it means we shut down new registrations on Saturday to comply,” said Jackson. “But we decided this morning to offer the service for free until we find a solution…When we have a different payment solution, those who want can start paying us, and the rest can terminate their accounts.”
PayPal told Fortune that it did not comment on specific merchant accounts, “to respect the privacy of our customers and for confidentiality reasons.” However, the company said it takes its legal obligations seriously.
“To meet our compliance obligations, we periodically review the operations of our file sharing merchants,” PayPal said. “This process includes determining how these companies are addressing laws around content distribution and how they comply with our partners’ rules. Merchants who do not meet the requirements of our review may no longer be allowed to use PayPal’s services.”
UPDATE: PayPal then sent a follow-up statement noting that its “policies regarding file sharing services don’t focus on encryption alone.”
“In our role as a global payments provider we must look at the full details of a service’s operations and compliance, including how the company addresses the laws and regulations related to the sharing or dissemination of illegal content as well as the policies of PayPal’s processing banks and card networks,” it said. “We review these matters on a case-by-case basis.”
