AVPAY (“AVPAY”, “we”, “us”, “our”), respects every individual’s right to privacy and it is our endeavour to protect their personal and Sensitive personal data or information (defined below).
AVPAY reserves its right to modify, alter, and update this Policy at any time, with or without prior notice. Although, Users shall be notified of material changes through their registered email address or any other mode of communication available with us, it is advised that they consult this Policy regularly to be updated about the changes. If a User continues to use or avail the services of the Website after any modification, amendment, alteration or change of this Policy, irrespective of whether notice was sent to the User or published on the Website, such User is hereby deemed to provide consent to this Policy and AVPAY’s other Policies and practices existing at the time of visiting, accessing and/or using the Website.
“Payment Data” is defined as end-to-end transaction details and information pertaining to payment or settlement transaction that is gathered / transmitted / processed as part of a payment message / instruction. Payment Data includes - Customer data (Name, Mobile Number, email, Aadhaar Number, PAN number, etc. as applicable); Payment sensitive data (customer and beneficiary account details); Payment Credentials (OTP, PIN, Passwords, etc.); and, Transaction data (originating & destination system information, transaction reference, timestamp, amount, etc.).
Consent for collection of Personal Information
Users provide their consent to the use, disclosure, storage, possession, receiving, dealing or handling of their Personal Information by accessing, browsing, or availing services on the Website.
In accordance with Rule 5 of SPI Rules, Users provide their specific consent to the use, disclosure, storage, possession, receiving, dealing or handling of their Sensitive personal data or information for lawful purposes enumerated in this policy through checking the box affirming such consent appearing at the time of creation of their Account on the Website.
AVPAY presumes adequate and lawful parental consent in case the Personal Information or Sensitive personal data or information is shared by a User under the age of 18 years.
Types of information we collect
The Users who access and use our Website are required to submit certain Personal Information and Sensitive personal data or information for creating an Account, entering into transactions with us and obtaining customer support services. Personal Information and Sensitive personal data or information which may be collected by us includes:
full name and age;
username and password;
password of User’s account registered with us;
internet protocol (IP) addresses (through cookies);
URL of website accessed prior to and post Users’ accessing our Website;
User’s feedback, queries, e-mails, letters, suggestions provided to us;
third party information about concerned User’s activities or postings on the Website;
any other information relevant for accessing and using our Website as maybe required by us.
Purpose of collection
We shall collect your Personal Information or Sensitive personal data or information only for specific, clear and lawful purposes. These include:
to give the User a safe, efficient, smooth and personalised experience while using our Website;
to improve our services and products;
to respond to your queries or complaints generally related to our services, etc;
to send promotional emails containing information about our existing and new products/services, newsletters, notify changes in this Policy or other policies etc;
to analyse the traffic on our Website and conduct market research regarding users’ demographics, interests, and behaviour;
to create new products and services;
to provide customer support services;
to detect, prevent and address error, fraud, criminal activity, abuse of our services and technical issues;
to enforce Terms of Conditions;
to provide co-branded services in affiliation with more than one corporate entity;
other such lawful purposes as described at the time of collection of Personal Information or Sensitive personal data or information.
How information is collected
We collect information which the User voluntarily provides us at the time of visiting, accessing, browsing and using our Website, our social media profiles, and customer support service. We also collect data automatically by analysing your online behaviour (through cookies).
The User has an option to not provide us with certain information or withdraw consent to provide certain information at any time, in accordance with the terms of this Policy. In case consent is withdrawn, we shall retain your Personal Information or Sensitive personal data or information for a period deemed appropriate by us or as mandated by law. On revoking of your consent, we reserve the right to limit access to the various features and services provided on the Website.
Disclosure of information
Links to other websites
The Website provides links to other websites which may or may not collect information about the User. The User acknowledges that this Policy does not cover the collection and use of information by such sites and that we shall not be responsible for the privacy policies, practices or content of the linked websites.
Correction and updation of information
The User shall promptly notify us in case any Personal Information or Sensitive personal data or information supplied by such User as maintained in our records is inaccurate, misleading or incomplete. Further, the User may also review, update or modify the information by logging into their Account on the Website. We shall not be responsible for the authenticity of Personal Information or Sensitive personal data or information supplied by a User.
Retention of information
Your Personal Information and Sensitive personal data or information may be retained and used until: (i) the relevant purposes for the use of your information described in this Policy are no longer applicable; and (ii) we are no longer required by applicable law, regulations, contractual obligations or legitimate business purposes to retain your information; and (iii) the retention of your information is not required for the establishment, exercise or defense of any legal claim.
AVPAY may send direct mailers to the User at the email address given by the User. The User has the option to opt-out of this direct mailer by way of links provided at the bottom of each mailer or any other means as AVPAY deems appropriate. AVPAY respects every User’s privacy and in the event that User chooses to not receive such mailers, AVPAY will take all steps to remove the User from the list. If a User wants to remove his/her/it’s contact information from all mailing lists and newsletters, the same can be done through “Profile” page of his/her/it’s account with AVPAY.
We use third-party advertising companies to serve ads when you visit our Website. These companies may use your anonymized information (i.e. information which does not include your name, address, email address or mobile number) in order to provide advertisements about goods and services of interest to you. Such anonymized information is usually in the form of aggregated statistics on traffic to various pages within our Website.
In compliance with Reserve Bank of India’s circular RBI/2017-18/153 DPSS.CO.ODNo.2785/06.08.005/2017-2018 dated April 6, 2018, all Users, including system participants, service providers, intermediaries, payment gateways, third party vendors and other entities in the payments ecosystem, who are retained or engaged by AVPAY for providing payment services shall mandatorily store entire Payment Data in systems located only in India. Notwithstanding the above, for cross border transaction data, consisting of a foreign component and a domestic component, a copy of the domestic component may also be stored abroad, if required.
How we secure the information
The Website has put stringent security measures necessary to prevent misuse, unauthorized access, modification, disclosure or destruction of your Personal Information and Sensitive personal data or information in our control. All information collected by us is stored on servers secured behind a firewall; such servers are password-protected and access is strictly limited based on need-to-know basis.
We may undertake periodic review of our security safeguards and this Policy to incorporate such future changes as may be appropriate to ensure that integrity of your Personal Information and Sensitive personal data or information is intact. In case of any security breach which is likely to cause harm to the User, we shall notify the User of such breach as soon as practicable and take necessary measures to remedy the breach or mitigate any immediate harm.
If you seek any clarifications regarding this Policy or wish to raise any issue or grievance with respect to illegal access, use or disclosure of Personal Information, please e-mail at firstname.lastname@example.org
We shall attempt to resolve any issues within a period of thirty (30) days from the date of receipt of the question, concern, grievance or report.
To improve the effectiveness and usability of the Website for our Users, we use “cookies”, or similar technology to collect information and assign each visitor a unique random number called as a User Identification (User ID) in order to understand the User's individual interests. Our web servers automatically collect limited information about the User’s computer connection to the Internet, including User’s IP address, when the User visits the Website (User’s IP address is a number that lets computers connected to the internet know where to send data to the User such as the web pages viewed by the User).