We collect such information about you which is essential to operate our business and to enable us to deliver and improve our Services. We may obtain the following information about you and your device from which you avail Services
(i) Profiling Information : For providing Services we require certain information for registration such as such as your name, physical addresses, postal addresses, telephone and fax numbers; and certain information about your personal identity such as gender, marital status, age, etc. Further, we also collect and store your usernames, passwords, email addresses and other security-related information that you use for our Sites in relation to our Services.
(ii) Service Usage and Transactional Information : For enabling you to make payments using our Services, we may, upon your consent, store your financial information such as your bank account or details mentioned on your credit cards or debit cards, or other payment instrument details etc. that are required for a successful transaction. Further, for certain Services, including our bill payment service, we require your bill payment account information such as your account number, payment history, your account history with us etc. We also store transaction details such as amount spent, merchant name, transaction ID, date and time of transaction, of your e-commerce transactions. Further, we may also store information relating to your income and lifestyle levels We should clarify that all information stored by us is in accordance with our PCI DSS Certification.
(iii) Navigational and Log Information: We collect information about your navigation using our Services, for example the URLs of websites from which you reach our Site, and from which you request downloads, pages visited/ downloaded on our Site, websites or pages of merchants you visit using our Services. We may also collect information such as your domain name, web request, IP address, mobile application version, type of operating system that your computer uses, browser type, browser language, location, date and time of request, the products you buy, the referring site, and the time that you spend on the site.
(iv) Correspondence Information : We collect the content, information about your correspondence, the destination/origin of communications between you and any other person using our Services, which include email communications, blog, chat room and discussion board communications, instant message communications, experts forum communications, facsimile mail communications, membership of mailing lists etc.
(v) Cookies : A cookie is an insignificant portion of data that is sent to the web browser of your device from which Site is accessed. If your web browser settings permit, cookies can be sent to your web browser for recording information about your online preferences and allowing us to cater to your interests in a better manner. You can set your browser to notify you when you are sent a cookie, giving you the chance to decide whether or not to accept it. If you do accept a cookie, you thereby agree to our use of information collected by us using that cookie.
(vi) Stored Information : We may collect any data or information either created by you or by a third party and which you wish to store on our servers such as usernames, image files, documents, etc. or which may be required to display information to you through our Service.
(vii) One Time Password (“OTP”) : OTP is a one-time password which is provided by your issuing bank in order to carry out the second factor authentication of your debit/credit card. If you opt for our ‘one tap’ feature, you understand that we will be able to retrieve your OTP from the message received on your mobile and populate and submit the OTP on the issuer’s page for second factor authentication of your debit/credit card.
(i) We require the profiling information which includes details such as identity details, contact details, usernames and passwords in order to manage our relationship with you and provide Services to you.
(ii) We collect and store your service usage and transactional information in order to enable you to view certain details of all your transactions which have been made using our Services, to provide you uninterrupted and satisfactory Services, to administer our relationship with you, to comply with any statutory or regulatory requirement, to monitor your use of our Services for the purposes of ensuring compliance with our user rules.
(iii) To improve our Services, we need to constantly update and alter our business and marketing strategies for which we require the navigational and log information to determine and analyse the merchants, markets, technology, operating systems, browsers, devices, locations from which our Services are used most or used least. For example, such information and its analysis will help us focus more on your needs by providing you a wider range of Services, or developing updates for particular operating systems and mobile application versions, etc. Further, the information collected helps us offer you other products, programs, or services that we believe may be of interest to you. In addition, such information collected will help us alert you in case of software compatibility issues.
(iv) We want to serve you better and therefore we require your correspondence information in order to enable us to learn about the information and content of communications by you such that we can deduce your feedback from such communications, analyse, endeavour to improve, ask you for further feedbacks, reply.
(v) The data collected by cookies helps us track, analyse and understand User trends so as to enable us to understand lacunas (such as slow response time on our website page) and improve your interactive experience of using our Services, our web design, features and functionalities.
(vi) We access data or information stored by third party in case required for providing you uninterrupted and satisfactory Services or in case consented by you.
(vii) For enabling you to make quicker transactions and relieving you from the hassle of copying/ keying in the 6 digit OTP, we have developed advance technologies which would automatically retrieve the OTP and the mention the same in the relevant column of the transaction page.
We collect and use some of your information in an aggregated form to compile statistical and demographical profiles for our business and marketing activities and to customise our Services to you. We may disclose such information about you, provided that the information is in an aggregated form that is not capable of being used or interpreted in such a manner as to identify you. It is clarified that the consolidated Personal Information of all Users which has been collected by us, is the property of PayU and we may use it, in whole or in part, in our sole discretion and without any compensation to you, for any legitimate purpose and you hereby confirm that you have no objection to the aforesaid use of your Personal Information.
(i) Information security is critical to us and we will not share your Personal Information with any other third parties except, and only to the extent necessary, with parties such as our merchants, acquiring banks, credit card processors, etc. for us to deliver payment processing services to you.
(ii) We may disclose or distribute any of your Personal Information to a third party or use such Personal Information for commercial or marketing purposes unless explicitly restricted by you. Also, PayU may, itself or through third parties, send you e-mails, SMS, such other means to communicate, send reminders for payment, advertise its services, promote new products and activities or for your invaluable feedback.
(iv) If, by usage of some functionalities of our Service, you receive Personal Information about other user(s), you agree to keep the same confidential and only use it in connection with the Services, without disclosing the same to another user or third party.
(v) In order to ensure that all our users comply with the user rules, we may monitor your Personal Information to the extent that this may be required to determine compliance and/or to identify instances of non-compliance.
(vi) We may disclose the Personal Information pursuant to applicable laws, a directive or order of a government entity or statutory authority or any judicial or regulatory authority or to law enforcement agencies in any official investigation including but not limited to cyber incidents, prosecution and punishment of offences. You agree that PayU has the right to monitor and to disclose Personal Information as may be necessary to satisfy any law, regulation or other governmental request. We may transfer Your Personal Information or other information collected, stored, processed by PayU to any other entity or organization located in India or outside India only in case it is necessary for providing Services to You in connection with Application. We will cooperate with the appropriate law enforcement authorities in investigating claims of illegal activity.
(viii) If you decline to submit Personal Information to us, then we will unfortunately not be in a position to provide the Services to you.
(x) PayU does not control the acts of its Users. All Users should be aware that, when they disclose Personal Information such as their name, e-mail address, etc. to third parties, the Personal Information may be collected and used by others to send unsolicited e-mail from other parties, who may or may not be Users. In the event that you encounter any person is improperly collecting or using information about Users, please contact us by emailing at email@example.com.
i) We work to protect the security of your Personal information during transmission by using appropriate software, which encrypts information you input. This encrypted information is stored on secure systems/computers. Further, we ensure that the number of employees involved in the management of the data centre who have physical access to these computers is limited. Also, we use advanced security technology to prevent our computers from being accessed by unauthorized persons.
(ii) We have also implemented information security practices and standards and have in place comprehensively documented information security programmes and policies containing managerial, technical, operational and physical security measures that are in compliance with the Indian laws including, so as to protect the Personal Information provided to us from unauthorized access, use, modification, damage, disclosure or impairment. In fact we have received ISO 27001 certification. Further, we may from time to time use reasonable additional or alternative procedures to ensure the security and confidentiality of your Personal Information through our Sites.
(iii) No data transmission over the internet is fully secure, so we cannot ensure or warrant the security of any information you submit to us. Further, we do not guarantee in any way, the security of any Personal Information that you transmit or share on the Site; and you do so at your own risk.
(iv) If any security breach comes to our knowledge, then we may take all steps required to protect misuse of such Personal Information and may attempt to notify you electronically so that you can take appropriate protective steps.
(i) If you are a User, and would like to view the information we have collected from you or you want to correct your information or details, please send us your request by email on firstname.lastname@example.org.
(ii) The User can at any time while availing the services or otherwise, withdraw his/her consent given previously to PayU for collecting, receiving, possessing, storing, dealing or handling Personal Information of the User, by sending us your request by email on email@example.com. In such case, PayU will unfortunately not be in a position to provide the Services to you. However, PayU will be able to retain such Personal Information for the time period in accordance with the applicable laws.
In case you have any grievance relating to the collecting, receiving, possessing, storing, dealing or handling of Personal Information provided by you, you may contact our Grievance Officer at the following address:
Name: Mikita Goel
Designation: Regional Privacy Officer & Senior Legal Counsel
Address: 9th Floor, Bestech Business Tower, Sohna Road, Sector-48,
Gurgaon-122002, Haryana, India
Phone: +91 124 6624800-900, +91 124 6786200