Privacy Policy

Last updated: March 17, 2026  |  Effective immediately upon publication

1. Introduction

XenoraPay ("we", "our", or "us") operates xenorapay.in and is committed to protecting the personal information of all users who access our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital payment services.

By accessing or using XenoraPay, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our services immediately.

2. Information We Collect

We collect the following categories of personal information:

  • Identity Data: Full name, date of birth (where required for KYC purposes).
  • Contact Data: Email address, phone number, billing/postal address.
  • Financial Data: Payment card details (tokenized — we do not store raw card numbers), bank account information, UPI IDs where provided.
  • Transaction Data: Details of payments made through our platform, transaction IDs, timestamps, and amounts.
  • Technical Data: IP address, browser type and version, device identifiers, time zone, operating system.
  • Usage Data: Information about how you navigate and use our platform.

3. How We Use Your Information

We use collected information for the following lawful purposes:

  • To process and complete payment transactions requested by you.
  • To maintain and manage your platform account and digital wallet.
  • To send transaction confirmations, service updates, and security alerts.
  • To comply with legal and regulatory obligations including KYC/AML requirements.
  • To detect, prevent, and investigate fraudulent or unauthorized transactions.
  • To improve our services, fix technical issues, and enhance user experience.
  • To respond to your customer support queries.

We will never use your personal data for unsolicited marketing without your explicit consent.

4. Data Storage & Retention

Your data is stored on secure servers located in India. We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by applicable law.

Transaction records are retained for a minimum of 5 years to comply with financial record-keeping requirements under Indian law. After this period, data is securely deleted or anonymized.

5. Third-Party Data Sharing

We do not sell, rent, or trade your personal information to third parties. We may share data only in the following limited circumstances:

  • Payment Processors: We share necessary transaction data with licensed payment gateway providers (e.g., Paytm, PhonePe) solely to process payments. These providers are bound by their own privacy policies and applicable regulations.
  • Legal Compliance: We may disclose data if required by law, court order, or regulatory authority including RBI, SEBI, or law enforcement agencies with valid legal process.
  • Service Providers: Trusted third-party vendors who assist in operating our platform (hosting, email, analytics) under strict data processing agreements.

6. Cookies & Tracking Technologies

We use essential cookies to maintain user sessions and ensure the security of transactions. We also use analytics cookies (in anonymized form) to understand platform usage patterns. You may disable cookies via your browser settings; however, this may affect the functionality of certain features.

We do not use tracking cookies for advertising or share browsing data with advertising networks.

7. Your Rights

Under applicable Indian data protection law and general best practices, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your personal data (subject to legal retention requirements).
  • Withdraw consent for data processing where consent is the legal basis.
  • Lodge a complaint with a relevant supervisory authority.

To exercise these rights, contact us at support@xenorapay.in. We will respond within 30 days.

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:

  • 256-bit SSL/TLS encryption for all data in transit.
  • AES-256 encryption for sensitive data at rest.
  • Regular security audits and vulnerability assessments.
  • Strict access controls and employee data handling policies.
  • PCI-DSS aligned payment data handling procedures.

9. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal information, we will delete it promptly. If you believe a minor has submitted data to us, please contact support@xenorapay.in.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on this page with a revised effective date. Your continued use of the platform after such changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:

  • Email: support@xenorapay.in
  • Phone: +91 99999 99999
  • Address: XenoraPay Digital Services, India