Intrapay Privacy Policy: Comprehensive Data Protection and Security Commitment

Effective Date of Privacy Policy: October 22, 2025

Your Trust, Our Priority: Intrapay’s Commitment to Data Privacy and Security

Welcome to Intrapay, a leading provider of digital financial and payment services. We know privacy policies can feel like a chore to read, but they are absolutely essential for your peace of mind and are a non-negotiable part of our commitment to you. At Intrapay, we are dedicated to protecting your personal data and ensuring the highest standards of data protection and transparency.

This comprehensive Intrapay Privacy Policy explains, in detail, how Intrapay (“we,” “us,” or “our”) handles your information when you visit our official website at https://intrapay.in/, utilize any of our financial technology (FinTech) services, engage with our mobile applications, or make any purchase or transaction. Our commitment extends beyond mere compliance; it is about building and maintaining your trust.

This policy is designed to be a complete resource, meticulously covering every aspect of the data we collect, the precise legal and business reasons we require it, how we use it to provide and enhance your experience, our rigorous security protocols, and the very limited circumstances under which we might disclose it. Your data safety and usage details are our top priority. Everything you need to know about our approach to personal data security and online payment security is detailed in the sections below.

---

1. Information We Collect: The Foundation of Our Service

To provide and continuously improve the robust, secure, and personalized Intrapay Service, we collect several categories of information. This data collection is governed by principles of necessity and proportionality, ensuring we only collect what is strictly required.

A. Personal Data (Personally Identifiable Information)

Personal Data refers to any information that can be used to contact, identify, or locate a specific individual. While using our Service, we may ask you to provide us with such personally identifiable information.

i. Core Contact and Identity Information

• Name: Full legal name as registered in official documents.
• Email Address: Used for account verification, password resets, essential service communications, and sending important updates regarding our Privacy Policy or service changes.
• Mailing Address (Residential/Business): Required for KYC (Know Your Customer) compliance, billing purposes, and fraud prevention measures.
• Phone Number: Essential for multi-factor authentication, security alerts, transaction confirmations, and direct customer support.

ii. Account Credentials and Security Data

• Username and Password: Encrypted credentials used for authentication and secure account access. We employ industry-standard hashing techniques to ensure your password is never stored in a readable format, prioritizing personal data security.
• Security Information: Includes security questions and answers, biometric data (if you opt-in on your device, though we do not store the raw biometric data itself, only a secure token), and similar security details used for secondary authentication and recovery.

iii. Financial and Transaction Data

• Payment Data: If you process payments via Intrapay, we collect data necessary to facilitate the transaction, such as the billing address, the last four digits of the payment card, the card type, and the expiration date.
  • Crucial Note on Online Payment Security: We do not store or process full credit card numbers, CVV codes, or sensitive bank account credentials directly on our servers. All sensitive payment processing is securely handled by our PCI DSS compliant third-party payment processors (e.g., Razorpay, Stripe, etc.). You are strongly encouraged to review the respective privacy policies of these providers for detailed information on their data protection practices.
• Transaction Records: Detailed records of your financial activities, including transaction amounts, dates, recipients, and descriptions. This data is vital for providing you with the Service, ensuring regulatory compliance, and protecting against fraud.

iv. Know Your Customer (KYC) and Regulatory Compliance Data

In line with anti-money laundering (AML) and KYC regulations, particularly for a FinTech platform like Intrapay, we may collect and verify:

• Proof of Identity: Government-issued identification, such as Aadhar, PAN card, or Passport details.
• Proof of Address: Utility bills, rent agreements, or other documents confirming your physical location.
• Facial Image Data: Used for identity verification and anti-spoofing checks during the onboarding process. This data is processed under strict data protection protocols.

B. Usage Data and Technical Identifiers

Usage Data is information collected automatically, generated either by the use of the Service or from the Service infrastructure itself. This data helps us understand how our platform is used, allowing us to enhance functionality, security, and user experience.

• Internet Protocol (IP) Address: Your computer’s unique network address, used for identifying geographical location (country/city), detecting suspicious login attempts, and analyzing website traffic patterns.
• Browser and Device Details: Browser type and version, operating system, unique device identifiers, language settings, and other diagnostic data. This helps us optimize our Service for various technologies.
• Site Activity and Navigation:
  • The specific pages of our Site or App that you visit.
  • The time and date of your visit and access.
  • The duration of time spent on those pages or features.
  • The referral source (the website or link that brought you to Intrapay).
  • Click-stream data and interaction patterns within the Service (e.g., buttons clicked, forms submitted).

C. Tracking & Cookies Data: The Role of Digital Identifiers

We utilize cookies, web beacons, and similar tracking technologies to monitor activity on our Service and store certain non-essential but useful information. These technologies are foundational to modern digital services and play a key role in personalization and security.

• Cookies: Small data files placed on your device. We use them for several purposes:
  • Strictly Necessary Cookies: Essential for the Service to function (e.g., keeping you logged in, maintaining cart contents).
  • Preference/Functionality Cookies: Used to remember your selected settings, like language or region, enhancing the personalized Intrapay experience.
  • Analytics/Performance Cookies: Allow us to count visits and traffic sources, helping us measure and improve the performance of our Site.
  • Marketing/Targeting Cookies: Used to deliver relevant advertisements and track the effectiveness of our campaigns.
• Other Tracking Technologies: This includes technologies like Google Analytics (to analyze site traffic and user demographics), Web Beacons (small graphic images embedded in web pages or emails to track page views and email open rates), and Pixels (small code snippets used for conversion tracking and ad retargeting). You have control over most of these through your browser settings, as detailed in Section 5.

---

2. How We Use Your Information: The Legal Basis for Processing

Our use of your collected personal data is strictly limited to the purposes outlined below. For transparency, we also specify the legal basis for processing this data, which is a requirement under many modern data protection laws.

Purpose of Processing	Legal Basis for Processing	Intrapay SEO Keywords
To Provide and Maintain the Service: Account management, transaction processing, core operational functionality.	Contractual Necessity: Processing is necessary to fulfill the terms of service agreement with you.	Intrapay Service, online payment security
Customer Support and Communication: Responding to inquiries, resolving issues, communicating about your account.	Contractual Necessity and Legitimate Interest: Improving service delivery and managing customer relationships.	customer support, personal data security
Security and Fraud Prevention: Detecting, preventing, and addressing technical issues, unauthorized access, or fraudulent transactions.	Legal Obligation and Legitimate Interest: Protecting our users, system integrity, and financial compliance.	data protection, security threats, fraud prevention
Internal Analytics and Improvement: Gathering analysis to improve our offerings, user interface, and overall service performance.	Legitimate Interest: Continuously enhancing the Intrapay platform for all users.	Intrapay, service improvement
Marketing and Promotions: Providing you with news, special offers, and information about similar goods, services, and events.	Consent (where required by law) or Legitimate Interest (for existing customers under soft-opt-in rules).	special offers, marketing
Regulatory and Legal Compliance: Fulfilling KYC/AML requirements, responding to legal requests, or fulfilling tax obligations.	Legal Obligation: Required to comply with applicable laws and regulations.	regulatory compliance, legal obligations

---

3. Disclosure of Your Information: Sharing Data Securely

We are committed to minimizing the sharing of your personal data. Any disclosure is strictly controlled and occurs only under the following, necessary conditions, always prioritizing data protection and confidentiality.

A. Sharing with Service Providers (Third-Party Processors)

We employ trusted third-party companies and individuals to facilitate and perform services on our behalf (known as Data Processors). These entities are only given access to the information strictly necessary to perform their functions and are bound by stringent data confidentiality and security obligations in a signed agreement.

• Hosting Providers: For secure storage and availability of the Intrapay platform (e.g., cloud services).
• Payment Processors: To handle secure transaction routing and processing (as noted in Section 1.A.iii, crucial for online payment security).
• Analytics Providers: Such as Google Analytics, to help us understand site usage and improve performance.
• Professional Advisors: Including lawyers, auditors, and accountants, to help us comply with legal and financial obligations.

B. Legal Requirements and Public Authorities

Intrapay may disclose your Personal Data in the good faith belief that such action is necessary to:

• Comply with a legal obligation (e.g., court order, subpoena).
• Protect and defend the rights or property of Intrapay.
• Prevent or investigate possible wrongdoing in connection with the Service (essential for data protection).
• Protect the personal safety of users of the Service or the public.
• Protect against legal liability.

C. Business Transfers and Mergers

If Intrapay is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred as a business asset. We will provide prominent notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

D. Disclosure with Explicit Consent

We may disclose your personal information for any other purpose where we have obtained your explicit, informed, and unambiguous consent to do so.

---

4. Security of Data: Our Robust Data Protection Framework

The security of your data is paramount to us. Intrapay is deeply committed to personal data security and employs a multi-layered, state-of-the-art security framework to protect your information from unauthorized access, alteration, disclosure, or destruction.

A. Technical and Organizational Measures

While no method of transmission over the Internet or method of electronic storage is 100% secure, we strive to use commercially acceptable means and robust protocols to protect your Personal Data.

• Encryption in Transit and At Rest: We use SSL/TLS encryption (Secure Socket Layer/Transport Layer Security) to encrypt all data transmitted between your browser and our servers. Additionally, sensitive data is encrypted while “at rest” (stored in our databases).
• Access Controls: Access to your customer data is strictly restricted to authorized employees, contractors, and agents who need the information to perform their job duties, and they are subject to strict confidentiality obligations.
• Regular Audits and Monitoring: Our systems are subject to continuous security monitoring, vulnerability scans, and periodic penetration testing by independent security experts to identify and remediate potential security flaws.
• Incident Response Plan: We maintain a rigorous, documented Data Breach Response Plan to ensure we can promptly and effectively contain, assess, and notify affected parties and authorities in the event of a security incident, in line with data protection regulations.

B. Cross-Border Data Transfers

Given the global nature of the internet and the potential use of international cloud service providers, your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ.

• Intrapay takes all reasonable steps to ensure that your data is treated securely and in accordance with this Privacy Policy. Any transfer of your Personal Data outside the country of collection will only take place under appropriate safeguards, such as approved Standard Contractual Clauses (SCCs), or other legally recognized transfer mechanisms to ensure equivalent levels of personal data security.

---

5. Your Data Protection Rights: Exercising Control Over Your Personal Data

Depending on your location and the applicable data protection laws (such as GDPR, CCPA, or India’s forthcoming data protection legislation), you may have extensive rights regarding your Personal Data. Intrapay is committed to upholding your customer data rights.

A. Core Data Rights

• The Right to Access (Data Portability): You have the right to request copies of your Personal Data that we hold, and to receive this data in a structured, commonly used, and machine-readable format.
• The Right to Rectification (Correction): You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete, ensuring the integrity of your personal data.
• The Right to Erasure (The ‘Right to be Forgotten’): You have the right to request that we erase your Personal Data, under certain conditions, such as when the data is no longer necessary for the purpose for which it was collected or where you withdraw consent. This right is subject to necessary legal and regulatory retention periods (e.g., for financial records).
• The Right to Object to Processing: You have the right to object to our processing of your Personal Data, under certain conditions, particularly where the processing is based on our legitimate interest or for direct marketing purposes.
• The Right to Restriction of Processing: You have the right to request that we restrict the processing of your Personal Data, under certain conditions (e.g., if you contest the accuracy of the data).
• The Right to Withdraw Consent: Where the legal basis for processing your data is your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

B. Exercising Your Rights

To exercise any of these customer data rights, please contact us immediately using the contact information provided in Section 9. We are committed to responding to all legitimate requests without undue delay and, in any event, within the timeframes stipulated by applicable data protection law. We may need to verify your identity before fulfilling your request to ensure the personal data security of your account.

---

6. Data Retention: How Long We Keep Your Information

Intrapay retains Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, including for the purpose of satisfying any legal, accounting, or reporting requirements.

The retention periods for different types of data are determined based on:

1. Contractual Necessity: As long as your account is active and necessary to provide the Intrapay Service.
2. Legal and Regulatory Obligations: Financial transaction data, KYC documents, and anti-fraud records are often legally required to be kept for a period of 5 to 10 years after the termination of the business relationship.
3. Litigation and Dispute Resolution: Data may be retained if necessary for the establishment, exercise, or defense of legal claims.

Upon expiration of the applicable retention period, your Personal Data will be securely deleted, anonymized, or aggregated so that it can no longer be associated with you.

---

7. Children’s Privacy: A Policy Focused on Adults

The Intrapay Service is built explicitly for use by adults.

Our Service is not intended for anyone under the age of 18 (“Children”). We are highly vigilant and do not knowingly collect any personal information from individuals under 18 years old. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take immediate steps to remove that information from our servers and terminate the associated account.

If you are a parent or guardian and believe your child has provided us with their Personal Data, please contact us immediately using the details below so we can take the necessary steps to remove that information. Keeping all our users safe is a priority.

---

8. Links to Other Sites: Exploring External Websites

A Quick Heads-Up on Third-Party Sites

To give you the best experience and offer comprehensive services, our Service may contain links to other websites that we do not own or operate, such as banking partners, news services, or other relevant FinTech resources.

Think of them as digital detours. If you click on one of these third-party links, you will be taken directly to their site. Please note: Once you leave the Intrapay environment, we have no control over the content, data protection practices, or security of the external site. We strongly recommend that you take a moment to review the Privacy Policy of every new site you visit. Your online safety is important, so stay informed!

We cannot be responsible for the content, privacy practices, or security of any external sites or services.

---

9. Changes to This Privacy Policy: We Keep You in the Loop!

Our digital world, and the regulatory environment surrounding data protection, changes fast. Consequently, our Intrapay Privacy Policy will need to be updated from time to time to reflect these changes.

But don’t worry, we promise to keep you informed.

When we make any changes, major or minor, we will notify you in the clearest way possible:

• Website Posting: We’ll post the new Privacy Policy right here on this page (https://intrapay.in/privacy-policy).
• Effective Date Update: We will update the “Effective Date of Privacy Policy” clearly visible at the very top of the policy.
• Prominent Notice: For material changes, we may also notify you via a prominent notice on our Service or via email to ensure you are aware before the change becomes effective.

Your continued use of the Intrapay Service after the revised Privacy Policy has been posted constitutes your acknowledgment and acceptance of the changes. Your continued trust is our priority, and transparency is how we earn it.

---

10. Contact Information: Need to Connect? We’re Here to Help!

Have questions about this comprehensive Intrapay Privacy Policy, our data protection practices, or anything related to your customer data rights? We want to hear from you!

We’ve made it easy to reach our dedicated Data Protection and Customer Support team. Please don’t hesitate to contact us through any of the following channels:

✉️ Send Us an Email

For the fastest, most detailed response regarding your personal data security or Privacy Policy queries, drop us a line at:

• Official Support Email: support@intrapay.in
• Secondary Contact Email: intrapay2023@gmail.com

📞 Call Us

You can reach us directly for immediate inquiries:

• Mobile Support: +91 9694000940
• WhatsApp Support: https://wa.me/916377005455 (Ideal for quick questions and service updates)

💻 Visit Our Website

Find dedicated help and support resources, including FAQs and our contact forms, by visiting our website:

• Contact/Help Page: https://intrapay.in/contact-us-help-and-support/

📮 Write to Us (Physical Mail)

If you prefer traditional mail for formal notices or correspondence, you can reach our administrative office here:

Intrapay (Aaditya Traders)

Police Lines Bibnwa Road Choraha,

Ganesh Bagh Road,

[City/State/Pin Code – Bundi, Rajasthan, 323001]

Your peace of mind matters to us. Get in touch anytime regarding your Intrapay Privacy Policy or any concerns about your data.

---