INOVITY INDIA

Paytech Private Limited
DPDPA 2026 Compliant Framework

Privacy & Data Protection Charter

As India's leading B2B digital onboarding infrastructure provider, Inovity India Paytech is committed to secure, lawful, and highly transparent cryptographic processing of verification data.

Last Updated: July 2026 | Effective Immediately

2. Endpoint Specific Data Handling

Our Unified APIs transmit data solely to generate real-time results from designated central registries. Here is how our individual API endpoints manage information:

PAN Verification API

Transmits PAN IDs directly to verified databases to return official name and seed status. No permanent local storage occurs post-validation.

RC Verification API

Connects to VAHAN central registry using registration numbers to return engine and vehicle insurance validity metrics.

E-Challan Fetch API

Pulls active challan counts, traffic violation details, and state penalties to assist commercial fleet mitigations.

CIBIL & Experian APIs

Pulls credit metrics, active loan balances, and payment profiles. Requires iron-clad client end-user consent verification prior to any query.

3. DPDPA Pillars of Fair Processing

Inovity India enforces compliance across all data principal rights defined by India's Digital Personal Data Protection standards:

I

Right to Access and Correction

Clients can retrieve real-time logs of their processing histories. Any structural inaccuracies reported to the partner (Fiduciary) will be reflected downstream in our system.

II

Consent Erasure & Right to Be Forgotten

Upon explicit withdrawal of consent from the user to our B2B partners, we trigger immediate, permanent erasure of processed cache payloads.

III

Purpose-Bound Processing

We do not combine, share, or sell user identity vectors. Every transactional request is strictly mapped to an active B2B contract and onboarding purpose.

4. Military-Grade Security Protocols

Because we support critical core banking and microfinance verification pipelines, we deploy end-to-end security layers:

  • AES-256 Bit Encryption at Rest
  • TLS 1.3 Encryption in Transit
  • Automated IP Whitelisting Controls
  • 24/7 Security Operations Monitoring

5. Structured Retention Schedules

We minimize processing liabilities by deleting verification parameters as soon as transactions conclude:

API Category Data Type Retention Timeline
Government Verification PAN, DL, Passport Details Instant purge upon verification delivery
Credit Bureaus Bureau Reports (CIBIL/Experian) Immediate purge upon response render
Access Logs Transaction Identifiers 7 Years (Compliance requirement under PMLA)

6. Grievance Redressal & Contacts

For questions regarding personal dataset access, consent revocations, or system processing protocols, please direct communications to our dedicated DPDPA Grievance Officer:

Grievance Desk Inovity Legal Compliance Team

Inovity India Paytech Private Limited
Mithanpura, Muzaffarpur Bihar, India - 842002

Digital Correspondence inovity.s@inovitypaytech.com

Expected resolution: Within 15 business days under DPDP guidelines.