HomePrivacy Policy

Privacy Policy

Privacy Policy

IROSSENDALE PRIVATE LIMITED (“Irossepay’s,” “we,” “us,” and “our”) respects each person’s right to privacy and works to safeguard their private information, including sensitive personal data (described below).

Scope

All visitors (i.e., those without an account with Irossepay) and users (i.e., those who do) who provide us with their personal and sensitive personal information while visiting, accessing, browsing, and using our website and mobile application (collectively referred to as the “Website”) are covered by this privacy policy (“Policy”). Informing users about the gathering, use, storage, transfer, and disclosure of their data is the aim of this policy. Please carefully read this policy to understand how we will handle your information before sending it to us.

Consent

All terms defined in Irossepay’s Terms & Conditions have the same meaning in this Policy, and the User understands that this Policy is a part of those terms. The User agrees unconditionally to this Policy and the Terms of Use by accessing, perusing, and using the Website continuously. Please do not visit and use our website if you disagree with the terms of this policy. This Policy is readily available on our website in a number of locations, including but not restricted to when users register for an account.

Modifications

This Policy may be updated, changed, and modified at any time by Irossepay’s, with or without prior notice. Although users will be informed of significant changes via their registered email address or any other channel of communication with us, it is recommended that users frequently review this policy to stay informed of any updates. Regardless of whether notice was sent to the user or posted on the website, if a user continues to use or access the services of the website after this policy has been modified, amended, altered, or changed, the user is considered to have consented to this policy as well as any other policies and practices that were in effect at the time of visiting, accessing, and/or using the website.

Compliance

This Policy is published in compliance of:

Section 43A of the Information Technology Act, 2000 (“Act”)

Regulation 4 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011 (“SPI Rules”)

Definitions
Personal Information

According to the SPI Rules, “Personal Information” is any information pertaining to a natural person that can be used to identify that person, either directly or indirectly, in conjunction with other information that is or will likely be available with a body corporate. Name, address, phone number, and so forth are examples of this type of information.

Sensitive Personal Data or Information

SPI Rules define “Sensitive personal data or information” of a person as personal information which consists of information relating to:

  • passwords;
  • financial information such as bank accounts or credit card or debit card or other payment instrument details;
  • physical, physiological and mental health condition;
  • sexual orientation;
  • medical records and history;
  • biometric information;
  • any of the information received under above clauses by body corporate for processing or storage under lawful contract or otherwise.

Information which is freely available in the public domain or furnished under the Right to Information Act, 2005 or any other law shall not be regarded as sensitive personal data or information.

Payment Data

End-to-end transaction details and information about a payment or settlement transaction that is collected, sent, or processed as part of a payment message or instruction are referred to as “payment data.” Payment information consists of:

  • Payment credentials (OTP, PIN, passwords, etc.);
  • Transaction data (originating and destination system information, transaction reference, timestamp, amount, etc.);
  • Payment sensitive data (customer and beneficiary account details);
  • Customer data (name, mobile number, email, Aadhaar number, PAN number, etc. as applicable).

Consent for Collection of Personal Information

By accessing, browsing, or using the Website, users give their consent for the use, disclosure, storage, possession, handling, or dealing of their personal information.

In compliance with Rule 5 of the SPI Rules, users must tick the box confirming their explicit consent to the use, disclosure, storage, possession, receipt, dealing, or handling of their sensitive personal data or information for the legitimate purposes listed in this policy at the time of account creation on the website.

In the event that a user under the age of 18 shares personal information or sensitive personal data, Irossepay assumes that the user’s parents have given their consent.

Types of Information We Collect

The Users who access and use our Website are required to submit certain Personal Information and Sensitive personal data or information for creating an Account, entering into transactions with us and obtaining customer support services. Personal Information and Sensitive personal data or information which may be collected by us includes:

  • Full name and age;
  • Username and password;
  • PAN;
  • Password of User’s account registered with us;
  • Postal address;
  • E-mail address;
  • Mobile number;
  • Internet protocol (IP) addresses (through cookies);
  • URL of website accessed prior to and post Users’ accessing our Website;
  • Credit/debit card number, credit/debit card expiration date and/or other payment instrument details;
  • User’s feedback, queries, e-mails, letters, suggestions provided to us;
  • Third party information about concerned User’s activities or postings on the Website;
  • Information about the mobile/tab device the App is installed on or mobile device identifier.
  • Any other information relevant for accessing and using our Website as maybe required by us.
Get Appointment