Privacy Policy

PRIVACY POLICY
PAYFX GLOBAL
A Brand of PayFX Fintech Solutions Private Limited

1. INTRODUCTION

This Privacy Policy (“Policy”) describes how PayFX Fintech Solutions Private Limited, operating under the brand name PayFX Global (“PayFX Global”, “Company”, “we”, “our”, or “us”), collects, receives, stores, processes, transfers, uses, discloses, protects, and manages personal information of users accessing or using our websites, applications, APIs, payment gateways, communication systems, and related services (“Services”).

PayFX Global is committed to protecting the privacy and confidentiality of customer information and ensuring that personal data is processed responsibly and securely in accordance with:

• Information Technology Act, 2000;
• Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011;
• Digital Personal Data Protection Act, 2023 (“DPDP Act”);
• Reserve Bank of India (“RBI”) regulations and circulars;
• Foreign Exchange Management Act (“FEMA”);
• Prevention of Money Laundering Act (“PMLA”);
• KYC/AML compliance obligations;
• Applicable financial, regulatory, and data protection laws.

This Policy applies to all individuals, businesses, institutions, merchants, partners, and customers who interact with PayFX Global.

By accessing or using our Services, you acknowledge and agree to the practices described in this Privacy Policy.

2. ABOUT PAYFX GLOBAL

PayFX Global is a brand of PayFX Fintech Solutions Private Limited engaged in providing:

• International payment facilitation;
• Cross-border remittance support;
• Institutional payment processing;
• Foreign exchange assistance;
• Global collection and settlement solutions;
• Merchant payment services;
• Educational and healthcare payment solutions;
• API and payment gateway infrastructure;
• Financial technology services.

Services may be provided directly or through regulated banking, payment processing, and financial institution partners across multiple jurisdictions.

3. SCOPE OF THIS PRIVACY POLICY

This Policy applies to:

• Website visitors;
• Registered customers;
• Payment senders and beneficiaries;
• Institutional and merchant clients;
• Students and educational partners;
• API and platform users;
• Customer support interactions;
• Business partners and vendors where applicable.

This Policy applies whether you access our Services through:

• Websites;
• Mobile applications;
• APIs;
• Payment links;
• Payment gateways;
• Customer support channels;
• Email or communication systems;
• Third-party integrated platforms.

4. TYPES OF INFORMATION WE COLLECT

We may collect the following categories of information.

4.1 PERSONAL IDENTIFICATION INFORMATION

This may include:

• Full legal name;
• Gender;
• Date of birth;
• Nationality;
• Residential address;
• Business address;
• Mobile number;
• Email address;
• Photograph;
• Signature;
• Emergency contact details;
• Marital status where required for compliance;
• Occupation and employment details.

4.2 GOVERNMENT IDENTIFICATION DOCUMENTS

For KYC and compliance purposes, we may collect:

• PAN Card;
• Passport;
• Aadhaar information where voluntarily provided;
• Driving License;
• Voter ID;
• National identification documents;
• Visa and immigration documents;
• Tax identification numbers.

Where Aadhaar information is collected, it shall be obtained only with voluntary consent and processed in accordance with applicable Indian laws and regulations.

4.3 FINANCIAL AND BANKING INFORMATION

We may collect:

• Bank account details;
• IFSC/SWIFT codes;
• Debit/Credit card information;
• UPI details;
• Payment history;
• Transaction details;
• Source of funds information;
• Foreign exchange transaction data;
• Financial statements;
• Payment receipts and invoices;
• Merchant settlement information.

4.4 BUSINESS AND INSTITUTIONAL INFORMATION

For merchants, institutions, consultants, or business entities, we may collect:

• Company incorporation documents;
• GST registration details;
• IEC code;
• Business licenses;
• Partnership documents;
• Board resolutions;
• Shareholder and director details;
• Tax registrations;
• Institutional agreements.

4.5 TECHNICAL AND DEVICE INFORMATION

When you access our Services, we may automatically collect:

• IP address;
• Device identifiers;
• Browser type and version;
• Operating system;
• Login timestamps;
• Geolocation information where permitted;
• App usage analytics;
• Device activity logs;
• Security and audit logs;
• Network information;
• Cookies and tracking data.

4.6 COMMUNICATION AND SUPPORT INFORMATION

We may collect:

• Customer support interactions;
• Email correspondence;
• Chat messages;
• Complaint submissions;
• Feedback forms;
• Recorded customer service calls;
• Survey responses.

Communications may be monitored or recorded for training, security, quality assurance, fraud prevention, and compliance purposes.

4.7 INFORMATION FROM THIRD PARTIES

We may receive information from:

• Banks and financial institutions;
• Payment gateways and processors;
• KYC and verification providers;
• Fraud prevention agencies;
• Regulatory authorities;
• Public databases;
• Analytics providers;
• Social media or advertising platforms;
• Business and compliance partners.

5. HOW WE COLLECT INFORMATION

Information may be collected through:

• Customer onboarding;
• Registration forms;
• Payment transactions;
• Website and app usage;
• API integrations;
• KYC verification processes;
• Customer support interactions;
• Surveys and promotional activities;
• Third-party service providers;
• Cookies and analytics technologies.

6. PURPOSES FOR WHICH INFORMATION IS USED

We may use your information for the following lawful purposes.

6.1 PROVIDING SERVICES

• Processing payments and remittances;
• Facilitating currency conversion;
• Settling transactions;
• Managing accounts and payment instructions;
• Providing customer support;
• Processing refunds and reversals.

6.2 COMPLIANCE AND REGULATORY PURPOSES

• KYC verification;
• AML and sanctions screening;
• Fraud monitoring and prevention;
• FEMA and RBI compliance;
• Tax and audit obligations;
• Responding to legal or regulatory requests;
• Record keeping and reporting obligations.

6.3 SECURITY AND RISK MANAGEMENT

• Detecting suspicious activities;
• Preventing unauthorized access;
• Monitoring transaction risks;
• Protecting platform integrity;
• Cybersecurity monitoring;
• Incident investigation and management.

6.4 BUSINESS OPERATIONS

• Service improvement;
• Internal analytics;
• Product development;
• Customer experience optimization;
• Operational planning;
• Technical troubleshooting;
• Research and testing activities.

6.5 MARKETING AND COMMUNICATIONS

We may send:

• Service notifications;
• Transaction alerts;
• Product updates;
• Promotional offers;
• Educational communications;
• Business announcements.

Users may opt out of promotional communications at any time.

7. LEGAL BASIS FOR PROCESSING

We process personal information based on:

• Consent;
• Contractual necessity;
• Compliance with legal obligations;
• Legitimate business interests;
• Fraud prevention requirements;
• Public interest obligations.

Where consent is required, users may withdraw consent subject to applicable legal and regulatory obligations.

8. SENSITIVE PERSONAL DATA OR INFORMATION (SPDI)

Under Indian IT Rules, certain information may qualify as Sensitive Personal Data or Information (“SPDI”), including:

• Financial information;
• Bank account details;
• Payment credentials;
• Passwords;
• Government identification numbers;
• Biometric information where applicable;
• Health-related information where required.

PayFX Global implements reasonable security practices and procedures for protecting SPDI.

9. SHARING AND DISCLOSURE OF INFORMATION

We may share your information with:

9.1 FINANCIAL INSTITUTIONS

• Banks;
• Authorized Dealers;
• Payment processors;
• Foreign exchange partners;
• Settlement institutions;
• Payment gateways.

9.2 SERVICE PROVIDERS

• Cloud hosting providers;
• Verification and KYC vendors;
• Analytics providers;
• Fraud prevention agencies;
• Customer support partners;
• IT and cybersecurity vendors.

9.3 REGULATORY AUTHORITIES

We may disclose information to:

• RBI;
• FIU-IND;
• Law enforcement agencies;
• Courts and tribunals;
• Tax authorities;
• Government bodies;
• Regulatory institutions.

9.4 CORPORATE TRANSACTIONS

Information may be transferred during:

• Mergers;
• Acquisitions;
• Business restructuring;
• Asset transfers.

Such transfers shall remain subject to confidentiality obligations.

10. INTERNATIONAL DATA TRANSFERS

As an international payments platform, PayFX Global may transfer or process information outside India.

Where cross-border data transfers occur, we shall implement commercially reasonable safeguards and contractual protections to ensure compliance with applicable laws and protection of customer information.

11. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to:

• Improve platform functionality;
• Analyze website usage;
• Personalize user experience;
• Enhance security;
• Detect suspicious activity.

Users may control cookies through browser settings; however, disabling cookies may impact platform functionality.

12. DATA RETENTION

We retain information only for as long as necessary for:

• Service delivery;
• Regulatory compliance;
• Legal obligations;
• Audit requirements;
• Fraud prevention;
• Dispute resolution.

Certain records may be retained beyond account closure as required under RBI, FEMA, AML, taxation, and financial regulations.

13. INFORMATION SECURITY

PayFX Global adopts commercially reasonable technical, administrative, and organizational safeguards including:

• Encryption protocols;
• Access restrictions;
• Firewalls and monitoring systems;
• Multi-factor authentication;
• Security audits and vulnerability testing;
• Incident response procedures;
• Secure hosting environments;
• Employee confidentiality obligations.

Despite such safeguards, no internet-based transmission or storage system is completely secure.

14. CUSTOMER RIGHTS

Subject to applicable laws, users may have rights to:

• Access personal information;
• Correct inaccurate data;
• Withdraw consent;
• Request deletion where legally permissible;
• Restrict processing;
• Object to certain processing activities;
• Request grievance redressal.

Certain rights may be restricted where retention is required under law or regulatory obligations.

15. CHILDREN’S PRIVACY

Our Services are not intended for individuals under the age of 18 unless permitted under applicable law and supervised by a parent or guardian.

We do not knowingly collect personal information from minors unlawfully.

16. THIRD-PARTY LINKS

Our Services may contain links to third-party websites or platforms.

PayFX Global is not responsible for the privacy practices or content of external websites or services.

17. AUTOMATED MONITORING AND FRAUD PREVENTION

We may use automated systems, artificial intelligence, machine learning tools, and analytics systems for:

• Fraud detection;
• Risk analysis;
• Suspicious activity monitoring;
• Transaction screening;
• Security monitoring.

Certain transactions may be automatically flagged or restricted pending manual review.

18. GRIEVANCE OFFICER

In accordance with applicable Indian laws and regulations, the Grievance Officer details are:

Grievance Officer
PayFX Global
A Brand of PayFX Fintech Solutions Private Limited

Email: grievance@payfxglobal.com
Support Email: care@payfxglobal.com

We shall endeavor to address grievances within the timelines prescribed under applicable laws.

19. CHANGES TO THIS PRIVACY POLICY

PayFX Global reserves the right to modify, amend, or update this Privacy Policy at any time.

Updated versions shall become effective immediately upon publication on our website or applications.

Continued use of our Services after updates constitutes acceptance of the revised Policy.

20. CONTACT INFORMATION

PayFX Global
A Brand of PayFX Fintech Solutions Private Limited

Privacy Email: privacy@payfxglobal.com
Support Email: care@payfxglobal.com