Introduction

This Data Retention Policy outlines the guidelines for collecting, storing, using, and securely disposing of user data on our platform. We adhere to all applicable legal, regulatory, and business requirements to protect user privacy and ensure data security.

1. Purpose of Data Retention

• Facilitate seamless service delivery.
• Comply with legal and regulatory obligations.
• Resolve disputes and enforce agreements.
• Improve platform functionality and user experience.

2. Types of Data Collected

• Personal Information: Name, phone number, email address, and government-issued IDs (e.g., PAN, Aadhaar).
• Transaction Data: Payment history, bank details, and transaction metadata.
• Behavioral Data: User activity logs, preferences, and app usage patterns.
• Compliance Data: KYC documents and other regulatory compliance records.

3. Retention Period

• User Profile Data: Retained for the duration of the account's active status and up to 5 years after account closure for regulatory compliance.
• Transaction Records: Retained for a minimum of 8 years as required by financial regulations.
• KYC and Compliance Documents: Retained for 10 years after account closure as mandated by anti-money laundering laws.
• Behavioral Data: Retained for up to 2 years for analytics and service improvement unless anonymized.
• Communication Logs: Retained for 2 years to address user inquiries and for audit purposes.

4. Data Storage and Security

All data is encrypted during transmission (SSL/TLS) and at rest. We implement strict access controls, audit trails, and regular security assessments to ensure data protection. Data backups are maintained securely and are subject to the same retention periods.

5. Data Deletion and Anonymization

Upon reaching the end of the retention period, data will be securely deleted or anonymized to prevent re-identification. Users may request data deletion, subject to regulatory and legal requirements.

6. User Rights

Users have the right to access, correct, or delete their personal data, subject to applicable laws. Requests can be made through our Data Protection Officer or via the user settings in the platform.

7. Legal and Regulatory Compliance

This policy complies with:

• The Information Technology Act, 2000 (India).
• The Payment and Settlement Systems Act, 2007.
• RBI and SEBI regulations.
• International data protection laws, including GDPR and CCPA, where applicable.

8. Policy Updates

We may revise this policy to reflect changes in legal requirements or business practices without any prior notice.

9. Contact Information

For queries related to this policy, please contact our Data Protection Officer at:

Email: indiasgodigital@gmail.com