Your Privacy Matters to Us

01 Information We Collect

Personal Information

When you register for our services, request API access, or contact us, we may collect:

• Identity Information: Full name, date of birth, PAN number, Aadhaar number (as required for KYC compliance)
• Contact Information: Email address, phone number, postal address
• Business Information: Company name, GST number, business type, registration documents
• Financial Information: Bank account details, transaction records, wallet balance
• Authentication Data: Login credentials, API keys, security questions

Automatically Collected Information

• IP address, browser type, operating system, device information
• Pages visited, time spent, referral URLs, click patterns
• API usage logs, request/response metadata, error logs
• Geographic location data (based on IP address)

Transaction Information

For every transaction processed through our platform, we collect transaction ID, amount, beneficiary details, status, timestamps, and related metadata as required by RBI and other regulatory guidelines.

02 How We Use Your Information

We use the collected information for the following purposes:

03 Information Sharing & Disclosure

We do not sell, rent, or trade your personal information to third parties. We may share your data only in the following circumstances:

• Banking Partners: Transaction data shared with banks and payment processors to complete your requested transactions (NPCI, partner banks for AEPS/DMT).
• Regulatory Authorities: As required by law — RBI, NPCI, Income Tax Department, law enforcement agencies — upon valid legal requests.
• Service Providers: Trusted third-party vendors who assist in operating our platform (cloud hosting, SMS gateways, email services) under strict confidentiality agreements.
• Legal Requirements: When disclosure is necessary to comply with a legal obligation, court order, or government request.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction with prior notice.

04 Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data in transit is encrypted using TLS 1.3 / 256-bit SSL encryption. Sensitive data at rest is encrypted using AES-256.
• Access Controls: Role-based access, multi-factor authentication, and IP whitelisting for API access.
• Infrastructure: PCI-DSS compliant hosting environment with regular security audits, penetration testing, and vulnerability assessments.
• Monitoring: 24/7 security monitoring, intrusion detection systems, and automated threat response.
• Data Backup: Regular encrypted backups with secure offsite storage and disaster recovery protocols.

05 Cookies & Tracking Technologies

Our website uses cookies and similar technologies to:

• Essential Cookies: Required for site functionality — login sessions, security tokens, theme preferences.
• Analytics Cookies: Help us understand how visitors interact with our website to improve user experience.
• Preference Cookies: Remember your settings like language, theme (day/night mode), and display preferences.

You can control cookie settings through your browser preferences. Disabling essential cookies may affect site functionality.

06 Third-Party Services

Our platform integrates with third-party services that have their own privacy policies:

• NPCI (National Payments Corporation of India) — for AEPS and UPI transactions
• Partner Banks — for DMT, NEFT, and IMPS transfers
• Biller Systems — for BBPS bill payments
• Government Portals — for PAN and Aadhaar verification services

We encourage you to review the privacy policies of these third-party services. We are not responsible for their data practices.

07 Data Retention

We retain your information for as long as necessary to:

• Fulfill the purposes outlined in this policy
• Comply with legal and regulatory requirements (minimum 10 years for financial records as per RBI guidelines)
• Resolve disputes and enforce our agreements

Upon account closure, we will retain essential records as required by law and delete remaining personal data within 180 days, unless a longer retention period is required by applicable regulations.

08 Your Rights

Subject to applicable Indian laws, you have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete personal data.
• Deletion: Request deletion of your personal data where no legal obligation requires us to retain it.
• Portability: Request your data in a structured, machine-readable format.
• Objection: Object to processing of your data for marketing purposes.
• Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise these rights, email us at support@payonclickindia.com with your registered details. We will respond within 30 business days.

09 Children's Privacy

Our services are intended for individuals aged 18 and above. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected data from someone under 18, please contact us immediately and we will take steps to delete such information.

10 Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by:

• Posting the updated policy on this page with a revised "Last Updated" date
• Sending an email notification to registered users for significant changes
• Displaying a prominent notice on our platform

Your continued use of our services after the updated policy is posted constitutes acceptance of the changes.

11 Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us: