Privacy Policy

Effective Date: 8/7/2025
Last Updated: 8/7/2025

Thank you for choosing to use our Payment Gateway services (“we,” “our,” or “us”). We are committed to protecting your privacy and ensuring the security of your personal and financial information.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access or use our services, including through websites, mobile apps, APIs, and partner platforms.

1. 🔒 Information We Collect

We collect the following types of information:

a. Personal Information

• Full name
• Email address
• Phone number
• Billing and shipping addresses
• Government-issued ID (if required for KYC/AML)

b. Payment Information

• Cardholder name
• Card number (tokenized only)
• UPI ID / VPA
• Bank account details (for payouts)
• Transaction metadata

Note: We do not store full card numbers or CVV. All sensitive data is encrypted and handled by PCI-DSS-compliant payment processors.

c. Device and Usage Data

• IP address
• Browser type
• Operating system
• Device ID
• Pages visited
• Timestamp and logs of transactions

2. 🔒 How We Use Your Information

• Processing payments and refunds
• Fraud detection and risk monitoring
• Account verification (KYC/AML compliance)
• Customer support and dispute resolution
• Transaction receipts and communication
• Improving service performance and analytics
• Legal and regulatory compliance

3. 🔒 Data Sharing and Disclosure

We do not sell your personal information. However, we may share it with:

• Banking partners, card networks, and payment processors for transaction processing
• Regulatory authorities (e.g., RBI, tax authorities) when legally required
• Third-party service providers (e.g., SMS, email, KYC verification) under strict confidentiality
• Business partners (e.g., merchants or platforms you transact with) with limited, relevant data

4. 🔒 Data Security

• PCI-DSS v3.2.1 compliance
• Data encryption (AES-256, SSL/TLS)
• Tokenization of card data
• Regular vulnerability assessments
• Two-factor authentication and role-based access

5. 🔒 Cross-Border Data Transfer

In some cases, your data may be processed on servers located outside India. We ensure such transfers comply with applicable laws and data protection standards.

6. 🔒 Data Retention

We retain personal and transaction information for as long as necessary to:

• Comply with legal, regulatory, and tax obligations
• Resolve disputes
• Enforce our terms

Typically, financial data is retained for a minimum of 5–7 years per RBI and tax laws.

7. 🔒 Your Rights

You have the right to:

• Access, update, or correct your personal data
• Withdraw consent where processing is based on consent
• Request deletion of data (subject to legal exceptions)
• Lodge a complaint with a data protection authority

8. 🔒 Cookies and Tracking

We may use cookies and similar technologies to:

• Improve website performance
• Understand user preferences
• Enable secure sessions

You can manage cookie preferences through your browser settings.

9. 🔒 Children’s Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors.

10. 🔒 Policy Updates

We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date and notify users where legally required.