Data Protection Charter

Privacy Policy

Last Updated: May 17, 2026 • Fully Compliant with DPDP Act, 2023 & Information Technology (SPDI) Rules, 2011

1. Platform-Wide Data We Collect

AssetPay collects and processes specific data across all platform modules (Subscription Sharing, Notes Marketplace, and Wallets) to deliver secure peer-to-peer services.

  • Account & Registration Details: Email address (Gmail, Yahoo, personal, or institutional domains), first name, last name, phone number, and password.
  • P2P Subscription sharing data: Subscription credentials, invite keys, and temporary shared logins uploaded by Hosts, alongside in-app buyer-host chat history.
  • Academic Exchange verification: Uploaded notes files (PDF, DOC, ZIP) and the **compulsory College Student ID Card (I-Card)** scan/photo uploaded by note creators during listing submission.
  • Wallet & Financial logs: Wallet balances, transaction histories, and UPI IDs for host/uploader payout settlements.

2. Zero Government ID Policy (Aadhaar / PAN Exemption)

Under our privacy-first design principles, **AssetPay has a strict zero-KYC policy for government documents**.

We **never** collect, store, request, or process Aadhaar Cards, PAN Cards, passport scans, driver's licenses, or national identity card details. We verify host credibility purely through UPI account binding and institutional email matches, and note creator credentials strictly through the compulsory **College ID card scan** uploaded at the moment of note listing.

3. Reasonable Security Practices & Encrypted Storage

In strict compliance with the **Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011**, we maintain rigorous security practices:

  • Data Encryption: All uploaded files, subscription credentials, chat histories, wallet ledger records, and College Student ID card images are encrypted at rest using AES-256 protocols and in transit using SSL/TLS.
  • Student ID Protection: Uploaded College ID Card scans are stored within partitioned, highly secure database containers. They are restricted to uploader credibility audits, are never shared with other users, and are never indexed by search engines.

4. Limited Data Disclosure Policy

We do not share, sell, lease, or distribute your personal details to advertising agencies or commercial third-parties. Data disclosure is limited strictly to:

  • Integrated payment processing partners to handle deposits and withdraw requests.
  • Judicial, regulatory, or law enforcement bodies in cases of active criminal fraud, financial disputes, or formal subpoenas.
  • University academic integrity boards or copyright representatives during formal, certified audits of severe plagiarism or illegal materials sharing.

5. User Data Rights & Account Deletion

You maintain complete ownership of your personal data. You have the right to inspect, edit, or update your account information, withdraw your consent to data processing, or request the deletion of your account. Account deletion requests can be submitted to privacy@assetpay.com.

6. Referral & Chain Network Data Transparency & Privacy

In compliance with the **Digital Personal Data Protection (DPDP) Act, 2023** of India, we practice strict data minimization and transparency within our affiliate program:

  • Downline Member Visibility: When a user registers using your invite code or link, they join your referral chain. Your ancestors in the chain (upline referrers) will be able to see your email address, joining date, and your relative level (Level 1, Level 2, etc.) inside their referrals dashboard to audit commission payouts.
  • Consent & Opt-Out: By signing up using a referral link, you explicitly consent to sharing your registration date, account status, and referral connection with your upline chain. If you wish to opt-out or disconnect your account from a referral chain, you can request manual dissociation by emailing us at privacy@assetpay.com.