Policies

PRIVACY POLICY

“AuroPay” is the trademark of Aurionpro Payment Solutions Private Limited, a private limited company incorporated in India under the provisions of the Companies Act, 2013, having its registered office at Plot No. R-203, Unit No. 601, Sigma IT Park, R-204, TTC Industrial Area, Estate, Rabale, Navi Mumbai, Maharashtra 400701 with CIN No. U72900MH2021PTC364601 (“APSL”, “the Company”, “AuroPay Payments”, “we”, “us”, “our”). The Company is engaged in the business of, inter alia, providing payment aggregation services to various merchants, marketplaces, banks, business units, financial institutions and entities in India (“User(s)”, “your”) by offering various payment methods to the Merchant(s)/User(s) for accepting push payments through third party UPI apps / net-banking. APSL holds an in-principle authorization from RBI to operate as a Payment Aggregator. APSL belongs to the Aurionpro Group of companies i.e., Aurionpro Solutions Limited, a company registered with the CIN number L99999MH1997PLC111637 (https://www.aurionpro.com) and its affiliates.

The purpose of this privacy statement ("AuroPay Payments Privacy Policy") is to give you information on how AuroPay Payments collects, stores, uses, discloses, transfers and processes your Personal Information (defined below) including Sensitive Personal Information (defined below) when you use our websites ("Website(s)"), software applications or mobile applications for availing our services ("Apps"), any payment processing platforms including the platforms hosted by us, one or more of the payment mechanisms provided through our platforms/ websites or our checkout pages ("Platforms"), including the steps we take to protect your Personal Information (including Sensitive Personal Information).

Please note that by visiting www.auropay.net you are accepting the practices described in this Privacy Policy. All users of the website (“Website”) are advised to read and understand our Privacy Policy carefully, as by using AuroPay services you agree to be bound by the terms and conditions of the Privacy Policy and consent to the collection, storage and use of information relating to you as provided herein. By using the services provided by AuroPay, you expressly consent to our use and disclosure of your personal information in accordance with this Privacy Policy. This Privacy Policy is incorporated into and subject to the Terms of Services.

It is strongly recommended for you to return to this page periodically to review the most current version of this AuroPay Payments Privacy Policy which is amended by us from time to time. In case you need any clarifications regarding this Privacy Policy, please do not hesitate to contact us at privacy@aurionpro.com.

COLLECTION, STORAGE, PROCESSING AND USE OF INFORMATION RELATED TO YOU

Information

We collect, use and/or share “Personal Information”, “Sensitive Personal Information” and “Non-Personal Information”.

“Personal Information”, means and include any information which directly or indirectly, in combination with other information available or likely to be available with us, is capable of identifying you (e.g., your name, email address, telephone number, postal address amongst others).

“Sensitive Personal Information” means any Personal Information of an individual, which consists of information relating to financial information such as bank account, credit card, debit card or other payment instrument details; passwords; biometric information; sexual orientation and medical records and history. Information freely available or accessible in public domain is not treated as Sensitive Personal Information.

Depending on who you are (e.g., a merchant, customer, cardholder, consumer, supplier or business partner) and how you interact with us (e.g., telephone, IVR, API, online or offline), we may collect, use, receive, store, analyze, combine, transfer or otherwise process different categories of your Personal Information (including Sensitive Personal Information).

Non-Personal Information, means information that does not exclusively identify you but is related to you nonetheless such as, information about your interests, statistical or demographic data and use of the sites.

As a matter of principle, we do not collect certain special categories of Personal Information about you (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health or any genetic and biometric information).

To the extent the Websites, Apps or Platforms include links to third-party websites, plug-ins and applications (including cookies, tracking technologies and widgets by third party advertisers), it is important that you understand that by clicking on those links or enabling those connections, you may allow third parties to collect or share data about you. The Company does not have oversight of these third-party websites, plug-ins and applications and we are not responsible for their processing or using of your Personal Information or Sensitive Personal Information. Any information collected by a third party in this manner is subject to that third party's own data collection, use and disclosure policies and you must make yourselves conversant with those.

We may automatically track certain information about you based upon your behaviour on the Website such as the URL clicked, your IP address etc. We use this information to do internal research on our user's demographics, interests, and behaviour to better understand, protect and serve our users.

Collection of Personal Information

We, collect and store Personal Information (including Sensitive Personal Information) directly from you in different ways on the Websites, Apps, Platforms or product or service offerings such as your:

When you engage in certain activities on the Application/ Website, such as registration, creating an account, ordering a product or service, posting a review, requesting information about our services, entering completion, scanning QR code, we may ask you to provide certain information about yourself.

The Personal Information collected will be used only for the purpose of enabling you to use the services provided by us, to help promote a safe service, calibrate consumer interest in our products and services, inform you about online offers and updates, troubleshoot problems, customize User experience, detect and protect us against error, fraud and other criminal activity, collect money, enforce our terms and conditions, and as otherwise described to you at the time of collection of such information.

Where possible, we indicate the mandatory and the optional fields. You always have the option to not provide your personal information by choosing not to use a particular service or feature on the Website(s) and/or Apps.

Lawful Processing of Personal Information

For collecting, processing (including using and storing), disclosing or sharing your Sensitive Personal Information as described in this AuroPay Payments Privacy Policy, we hereby through this AuroPay Payments Privacy Policy, seek your consent and give you a notice regarding collecting, processing (including using and storing), and sharing your Sensitive Personal Information for one or more of the purposes detailed herein. For any purposes where, as per applicable laws of India, a specific consent is required, we will seek such specific consent from you from time to time.

You may, of course, decline to share certain information with us, in which case we may not be able to provide to you some or all of the features and functionalities of the Websites, Apps and the Platforms. This may also affect our ability to process your Personal Information (including Sensitive Personal Information) and may therefore lead to the non-availability or discontinuation of the services for which such Personal Information (including Sensitive Personal Information) are to be used or was being used, at our sole discretion.

Purposes for Processing Personal Information

We process your Personal Information (including Sensitive Personal Information) for the purposes mentioned below:

• To verify, authenticate and authorize your use of our products or services, we process your Personal Information (including Sensitive Personal Information) for creating login credentials or establishing an account based relationship, doing KYC evaluation and risk assessments etc.;

• To process payment transactions subject to product specific service terms (contracts) and legal obligations;

• To provide you products or services being offered by us, our group companies or our business partners with the intent of improving and expediting your transaction processing journey on the Platforms, Websites, Apps, merchant platforms, etc.;

• To do internal risk assessments and analysis for improve our services, reduce fraud rates, build risk models, etc.;

• To generate variables, affluence and reliability scores and use the same internally;

• To meet the requirements of applicable laws, regulations, standards, rules, and codes with which AuroPay Payments must comply;

• To manage our relationship with you;

• To market our products and services including products and services of our business partners and /or our group entities and to notify you about events, offers, sponsorships, marketing programmes and similar marketing campaigns;

• To conduct research and to develop and improve our products and services.

DISCLOSURE TO THIRD PARTIES

We may share your Personal Information (including Sensitive Personal Information) with our affiliates, being from the group of companies to which AuroPay Payments belongs; our business partners such as merchants, authorised financial institutions and banking partners; with service providers or vendors under contract who assist us with our business operations; with the companies that we plan to merge with or the entities acquired by us subject to condition that the new combined entity or the acquiring entity or the acquired entity follows this privacy Policy with respect to your Personal Information (including Sensitive Personal Information); with government officials, regulatory bodies, courts/tribunals, law enforcement agencies, fraud detection agencies or other such agencies or authorities when we are compelled to do so by law (such as via a subpoena, court order or similar legal procedure); with the international entities that we partner with for the offer and/or development of products and services.

APSL ensures that every business partner or affiliate involved in the processing including using and storing of your Sensitive Personal Information has the required organizational and technical protections in place as required under applicable laws of India.

MARKETING

In relation to the products and services provided by us or our business partners or affiliates with whom we share your Personal Information (including Sensitive Personal Information) as per this Privacy Policy, you may receive marketing communications by messages, SMS email, or through other digital modes, on the Platforms, Websites and Apps or other platforms including social media platforms.

The provision of such marketing activities shall be in accordance with the applicable laws of India. For marketing activities done by us, we keep a record of marketing and communication information. You are entitled to opt out from receiving such marketing communications by writing to us at privacy@auropay.com

APSL may also use Marketing and Communications Information in order to improve and customize the content of any ads, promotions and advertising that may be of interest to you.

DATA RETENTION

AuroPay Payments may store your Personal Information (including Sensitive Personal Information) for as long as the same is required for the fulfilment of purposes for which we collected it. The retention of Personal Information (including Sensitive Personal Information) by AuroPay Payments is determined by considering compliance with legal (that is, contractual or statutory or regulatory requirements), accounting and compliance reporting requirements.

LINK TO THIRD-PARTY SDK

Our application has a link to a registered third party SDK which collects data on our behalf and data is stored to a secured server to perform a credit risk assessment. We ensure that our third party service provider takes extensive security measures in order to protect your personal information against loss, misuse or alteration of the data.

Our third-party service provider employs separation of environments and segregation of duties and have strict role-based access control on a documented, authorized, need-to-use basis. The stored data is protected and stored by application-level encryption. They enforce key management services to limit access to data.

Furthermore, our registered third party service provider provides hosting security – they use industry-leading anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, and application control solutions.

SECURITY OF INFORMATION

The security of your Personal Information (including Sensitive Personal Information) is important to us. To protect against the loss, misuse and alteration of the information under our control, the Company has in place appropriate physical, technical, operational and managerial procedures. In addition, AuroPay Payments follows the payments industry standards regarding the protection of payment card information. We conduct regular audits to maintain the appropriate level of security certification with the Payments Card Information Security Standard Council (PCI) in respect of protecting card data. For example, the Company servers are accessible only to authorized personnel and your information is shared with employees and authorized personnel on a need to know basis to complete the transaction and to provide the services requested by you.

The Company also regularly reviews its policies regarding the collection, storage, using and processing of your Personal Information (including Sensitive Personal Information), including physical security measures, preventing alteration, loss, query, use or fraudulent or unauthorized access of your Personal Information (including Sensitive Personal Information).

Although the Company endeavours to safeguard the confidentiality of your personally identifiable information, transmissions made by means of the Internet cannot be made absolutely secure. You hereby acknowledge that the Company is not responsible for any intercepted information sent via the internet, and you hereby release us from any and all claims arising out of or related to the use of intercepted information in any unauthorized manner.

MINORS

AuroPay Payments does not voluntarily or actively collect, use or disclose Personal Information (including Sensitive Personal Information) of minors without the prior consent of the parents or guardians of the minor.

The services of AuroPay Payments are not intended or designed to attract minors.

APPLICABLE LAWS

Your use of the Websites/Apps will be governed by and construed in accordance with the laws of India. The Users agree that any legal action or proceedings arising out of your use may be brought exclusively in the competent courts/ tribunals having jurisdiction at Mumbai in India and irrevocably submit themselves to the jurisdiction of such courts/ tribunals.

COMMUNICATION WITH THE COMPANY

If you wish to correct or update any information you have provided, you may do so online, on the Website itself. Alternatively, you may contact the Company to correct or update such information by sending an e-mail to : privacy@aurionpro.com

In the event of loss of access to the Website, you may contact the Company by sending an e-mail to : info@aurionpro.com

In the event you wish to report a breach of the Privacy Policy, you may contact the designated Grievance Officer of the Company at:

Name : Nodal Officer

Address : Synergia IT Park, Plot No-R-270, T.T.C. Industrial Estate, Navi Mumbai, Thane 400701, Maharashtra, India

Email : privacy@aurionpro.com

Timings to contact : [9:30 AM to 6:30 PM, Monday to Friday except Public Holidays]