Privacy Policy

At Ztake, privacy is not a legal requirement — it is a core engineering rule. We're committed to transparency, precision, and futuristic financial-data governance.

Last Updated: 21/11/2024

Who We Are

Ztake Fintech Private Limited ("Ztake", "Company", "We", "Us", "Our") operates as a Payment Aggregator and provides payouts, KYV/KYC verification, risk monitoring, identity validation, and settlement infrastructure to e-commerce platforms, educational institutions, financial service providers, digital marketplaces, and enterprise partners.

Our Registered Office: Business Hub, Technology Park, Sector 90, Noida, Uttar Pradesh, India.

By accessing or using any Ztake website, mobile app, API, dashboard, SDK, partner portal, web-hooks, or affiliated services ("Services"), You ("User", "You", "Your") acknowledge, understand, and agree to the practices described in this Policy.

1. Purpose & Vision

At Ztake, privacy is not a legal requirement — it is a core engineering rule. Every product, algorithm, interface, and workflow is built on the foundation of privacy-by-design and security-by-default. This Policy explains: • What data we collect • Why we collect it • How we secure it • When we share it • What control you have • What rights you can exercise • How we keep accountability inside Ztake • How to contact us anytime Ztake commits to minimum data, maximum protection, and absolute clarity.

2. Data We Collect

2.1 Contact Information

  • Full Name
  • Email Address
  • Mobile Number
  • Business Name
  • Billing & Registered Address

2.2 Financial Information

Required for payments, settlements, payouts, refunds, and identity mapping:

  • Bank Account Number
  • IFSC Code
  • UPI ID
  • Debit/Credit Card Tokenized Information
  • Virtual Payment Addresses
  • Settlement Profiles
  • Chargeback Records

We never store raw card numbers. All card information is tokenized as per RBI & PCI-DSS norms.

2.3 Identification Information

Collected solely for compliance:

  • PAN
  • Aadhaar (masked)
  • GST Details
  • Certificate of Incorporation
  • Business Proof
  • User Photograph
  • IP-Verified E-Sign Records
  • Device-Synced E-mandate Identity Data

2.4 Transaction Information

  • Payment ID
  • Merchant Name
  • Amount
  • Time & Date
  • Payment Method
  • Transaction Status
  • Location Derived From Transaction
  • Settlement Logs
  • Refund & Dispute Notes

2.5 Technical, Device & Log Data

  • IP Address
  • Browser & OS Details
  • Device Model & Type
  • Timezone & Language
  • Screen Resolution
  • App Crash Logs
  • API Usage Logs
  • Geolocation (only if required to comply with RBI risk monitoring)

2.6 Behavioral, Risk & Fraud Signals

To maintain platform safety and detect suspicious patterns:

  • Velocity Checks
  • Login Patterns
  • OTP Failure Rate
  • Multiple Device Sign-ins
  • High-risk Transaction Flags
  • AML/CTRM Indicators

3. Why We Collect Data

Every dataset serves a legally compliant and functional purpose: • To process payments, payouts, settlements, refunds, and verifications • To perform KYC / AML checks required by law • To prevent fraud, identity theft, or unauthorized access • To monitor system performance and improve reliability • To comply with RBI, NPCI, IT Act 2000, Aadhaar Act, and other regulations • To personalize dashboards and generate actionable insights • To provide customer support via phone, chat, or email Ztake never sells your data. We use it only to deliver secure and compliant financial infrastructure.

4. Legal Basis for Processing

We process your data based on: • Consent: When you sign up or complete verification • Contractual necessity: Critical for payments and settlements • Legal obligation: RBI, NPCI, tax, and compliance audits • Legitimate interest: Security, fraud prevention, and service improvement

5. How We Use Your Data

5.1 Operational Use

  • Payment processing
  • Automated settlements
  • Identity verification
  • Payout routing
  • Dashboard analytics
  • Ledger synchronization
  • Order-to-transaction mapping

5.2 Security & Protection

  • Fraud detection algorithms
  • Suspicious activity flags
  • Risk patterning
  • Enforcement of MFA & device locks
  • API abuse monitoring

5.3 Communication

  • Transactional alerts
  • Security notifications
  • Account verification
  • Important service updates
  • Customer service responses

We do not send marketing messages without your explicit opt-in.

6. Data Sharing & Disclosure

6.1 With Service Providers

  • Payment Networks (NPCI, Card Networks)
  • Banks & Financial Institutions
  • Verification Providers (PAN/Aadhaar validation)
  • Cloud Providers (ISO-certified & India-region servers)
  • SMS/Email Communication Partners

6.2 With Regulatory & Law-Enforcement Bodies

Only when legally required, including:

  • RBI
  • Enforcement Directorate (ED)
  • State Police Departments
  • Income Tax Authorities
  • Court Orders & Summons

6.3 Never Shared For

  • Advertising
  • Selling user profiles
  • Third-party marketing
  • Data monetization

Ztake strictly prohibits any unauthorized data resale or lateral sharing.

7. Data Retention

We retain data only for required durations: • Transaction Data → 8 years (RBI regulation) • KYC Documents → As per governing laws • Logs & Risk Signals → Minimum necessary for audits • Deleted Accounts → Permanently purged within 90 days When retention ends, data is irreversibly destroyed.

8. Data Storage & Security

Ztake follows international-grade security standards: • ISO/IEC 27001 • PCI DSS Level 1 • SOC 2 Type II • AES-256 Data Encryption • TLS 1.3 Network Encryption • HSM-Backed Tokenization Additional layers include: • Zero-Trust Infrastructure • Multi-Factor Authentication • Database Field-Level Encryption • Continuous Penetration Testing • AI-Driven Fraud Monitoring • 24/7 Security Operation Centre We treat your data with the highest possible security, at every level.

9. Your Rights

9.1 Right to Access

You may request a copy of your personal data.

9.2 Right to Correction

You may request corrections for inaccurate data.

9.3 Right to Withdraw Consent

Contact us at care@ztake.in to revoke or modify consent.

9.4 Right to Deletion

You may request deletion of your Ztake account and stored data (unless legally required to retain it).

9.5 Right to Processing Information

You may ask how, where, and why we process your data.

9.6 Right to Object & Restrict Processing

You may request limitations on specific data usage unless required legally.

10. Cookies & Tracking

Ztake uses: • Essential Cookies • Security Cookies • Session Tokens • API Authentication Cookies • Machine Learning-Based Fraud Markers No advertising cookies, no behavioral tracking for marketing, and no external trackers are used.

11. Children's Privacy

Ztake services are intended for individuals above 18 years. We do not knowingly collect data from minors.

12. International Data Transfers

If data is transferred internationally for processing or compliance, it is done under: • Binding Corporate Rules • Standard Contractual Clauses • RBI circulars & Indian data-localization mandates

13. Policy Changes

Ztake may update this Policy. Major updates will be communicated via email or dashboard notification.

Contact Us

For all privacy-related concerns, please reach out to us:

Email

care@ztake.in

Phone

+91 9220592512

Website

www.ztake.in

Ztake Fintech Private Limited
Business Hub, Technology Park, Sector 90, Noida, Uttar Pradesh, India.