Global Security Standards

Your Privacy,
Our Protocol.

At BachatPay, transparency isn't a feature—it's our DNA. Explore how we architect, manage, and protect your digital identity.

Last Revised: 01 Apr, 2026 • Effective Immediately

01. Legal Definitions

To ensure total clarity, we define "Personal Data" as any information that identifies you as an individual. This includes Personally Identifiable Information (PII) and Sensitive Personal Data (SPD) as per Indian IT Act 2000 and GDPR frameworks.

Processing

Any operation performed on personal data, such as collection, recording, or storage.

Encryption

The conversion of data into a code to prevent unauthorized access.

02. Data Inventory

Data Category Retention Period Purpose
KYC & Identity 7 Years post-closure Regulatory & AML Compliance
Biometric Hashes Duration of Consent Face ID / Fingerprint Auth
Geolocation Session-based Fraud Detection & Localized Offers

The Zero-Sales Policy.

We believe your financial habits are your business. Unlike traditional platforms, BachatPay DOES NOT sell, trade, or rent your personal data to any marketing agencies or data brokers. Ever.

  • No Advertisers
  • No Brokers
  • No Third-Party Cookies

User Sovereignty & Rights

Right to Erasure (RTBF) +

You have the absolute right to request the deletion of your account and associated data. Once requested, your non-regulatory data is purged from our production servers within 48 hours.

Right to Portability +

Want to move your data? You can request a machine-readable (JSON/CSV) export of all your transaction history and profile data via the BachatPay dashboard.

Protecting your digital assets.

Still have concerns about how we handle your data? Our Data Protection Officer (DPO) is here to help.

privacy@bachatpay.com Support Desk