Privacy Policy

Last updated: April 19, 2026

Nexra Corppe Private Limited ("NexraPay", "we", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in compliance with the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures) Rules, 2011, and the Digital Personal Data Protection Act (DPDP), 2023.

1. Information We Collect

a) Personal Information

  • Full name, email address, phone number
  • PAN card number, Aadhaar number (for KYC verification)
  • Bank account details, UPI IDs
  • Business registration documents (GST Certificate, CIN, etc.)
  • Address and identity proof

b) Transaction Information

  • Payment amounts, dates, and methods
  • Settlement details and payout history
  • Invoice and billing records

c) Technical Information

  • IP address, browser type, device information
  • Cookies and session data
  • API access logs and usage metrics

2. How We Use Your Information

  • Processing payments and settlements
  • KYC verification and fraud prevention
  • Providing customer support
  • Sending transaction alerts and notifications
  • Compliance with RBI and other regulatory requirements
  • Improving our Services and user experience
  • Analytics and business intelligence (aggregated, anonymized data)

3. Data Sharing & Disclosure

We may share your data with:

  • Banking Partners: For payment processing and settlements
  • KYC Verification Agencies: UIDAI, NSDL, and authorized agencies
  • Regulatory Authorities: RBI, NPCI, FIU-IND as required by law
  • Law Enforcement: When required by court order or legal process
  • Service Providers: Cloud hosting, analytics, and communication partners (under strict data processing agreements)

We do not sell your personal data to third parties for marketing purposes.

4. Data Storage & Localization

  • All payment data is stored on servers located within India, in compliance with RBI's data localization mandate (RBI/2017-18/153).
  • Data is encrypted at rest using AES-256 and in transit using TLS 1.2+.
  • We retain transaction data for a minimum of 10 years as per RBI and income tax requirements.

5. Data Security

  • PCI DSS Level 1 certified infrastructure
  • Multi-factor authentication for dashboard access
  • Regular security audits and penetration testing
  • Access controls and role-based permissions
  • Incident response procedures for data breaches

6. Your Rights (Under DPDP Act, 2023)

  • Right to Access: Request a summary of your personal data
  • Right to Correction: Update or correct inaccurate data
  • Right to Erasure: Request deletion of data (subject to legal retention requirements)
  • Right to Grievance Redressal: File complaints with our Data Protection Officer
  • Right to Nominate: Nominate a person to exercise rights in case of death or incapacity

7. Cookies

We use essential cookies for session management and language preferences. Analytics cookies may be used to understand site usage. You can manage cookie preferences through your browser settings.

8. Children's Privacy

Our Services are not intended for individuals below 18 years of age. We do not knowingly collect data from minors. If we discover such data, it will be promptly deleted.

9. Changes to This Policy

We may update this Privacy Policy periodically. The updated version will be posted on this page with a revised "Last updated" date. Continued use of our Services constitutes acceptance of the revised policy.

10. Grievance Officer

In accordance with Section 5(2) of the Information Technology (Intermediaries Guidelines) Rules, 2011 and the DPDP Act, 2023:

  • Name: Grievance Officer, Nexra Corppe Pvt. Ltd.
  • Email: grievance@nexrapay.nexralink.com
  • Phone: +91 62011 47648
  • Address: Nexra Corppe Private Limited, Office No. 11, Siddharth Street, Siddarth Vihar, Ghaziabad, UP – 201009

Grievances will be acknowledged within 24 hours and resolved within 30 days.