Legal

Privacy Policy

Last updated: June 12, 2026  ·  Effective: June 12, 2026

1. Overview

PayVora Technologies Ltd ("PayVora", "we", "our", or "us") operates the PayVora mobile application and related services (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Service.

By using PayVora, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this policy, please do not use our Service.

Summary: We collect only the information necessary to provide you with financial services. We do not sell your personal data. Your financial data is encrypted and stored securely.

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: Full name, email address, and password when you create an account.
  • Identity verification: Government-issued ID documents and selfie photographs required for KYC (Know Your Customer) compliance.
  • Financial information: Wallet balances, transaction history, recipient details for transfers.
  • Phone number: Required for airtime top-ups and account verification.
  • Communications: Messages or support requests you send to us.

2.2 Information Collected Automatically

  • Device information: Device model, operating system version, unique device identifiers, and mobile network information.
  • Usage data: Features accessed, screens viewed, tap interactions, and session duration.
  • Log data: IP address, browser type, referring pages, and timestamps of service access.
  • Push notification token: Used to send you transaction alerts and account notifications.

2.3 Information from Third-Party Services

  • Google Sign-In: If you choose to sign in with Google, we receive your name, email address, and Google account ID. See Section 4 for details.
  • Apple Sign-In: If you sign in with Apple, we receive your name and email address (or a private relay email if you choose to hide your email).

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your PayVora account
  • Process financial transactions, transfers, and top-ups
  • Verify your identity for regulatory compliance (KYC/AML)
  • Send transaction confirmations and account activity alerts
  • Detect and prevent fraud, unauthorized access, and illegal activities
  • Provide customer support and respond to your inquiries
  • Improve, personalise, and optimize our Service
  • Comply with legal obligations and regulatory requirements
  • Send product updates, security alerts, and administrative messages

We will never use your information to send unsolicited marketing communications without your explicit consent.

4. Google Sign-In

PayVora offers the option to sign in using your Google account through Google OAuth 2.0. When you choose to sign in with Google:

  • We request access only to your basic profile information: your name, email address, and Google account ID.
  • We do not request access to your Google Drive, Gmail, contacts, calendar, or any other Google services.
  • Google's authentication flow is handled entirely by Google's servers. Your Google password is never shared with or stored by PayVora.
  • The information received from Google is used exclusively to create or authenticate your PayVora account.
  • You may revoke PayVora's access to your Google account at any time via Google Account Permissions.

PayVora's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Third-Party Services

Our Service integrates with the following third-party providers. Each has its own privacy policy governing data use:

  • Google LLC — Authentication (Google Sign-In). Google Privacy Policy
  • Apple Inc. — Authentication (Sign in with Apple). Apple Privacy Policy
  • Reloadly — Airtime and data top-up processing. Your phone number and purchase amount are shared with Reloadly to fulfil top-up transactions.
  • Expo / React Native — Mobile application platform. Crash reports and performance metrics may be collected.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information only in the following circumstances:

  • Service providers: With trusted third-party vendors who help us operate our Service (e.g., cloud hosting, push notifications), bound by confidentiality agreements.
  • Legal requirements: If required by law, court order, or governmental authority.
  • Fraud prevention: To protect PayVora, our users, or the public from fraud, abuse, or illegal activity.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with prior notice to you.
  • With your consent: For any other purpose with your explicit prior consent.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide our services. We will also retain and use your information as necessary to:

  • Comply with legal obligations (financial records are typically retained for 7 years)
  • Resolve disputes and enforce our agreements
  • Prevent fraud and maintain security

When you delete your account, we will remove your personal data within 30 days, except where retention is required by law.

8. Security

We take the security of your financial data seriously and implement industry-standard safeguards including:

  • End-to-end encryption for all data in transit (TLS 1.3)
  • AES-256 encryption for sensitive data at rest
  • Biometric authentication (Face ID, fingerprint) support
  • Secure PIN protection
  • Regular security audits and penetration testing
  • Bcrypt password hashing with per-user salts

No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data ("right to be forgotten").
  • Portability: Request a machine-readable copy of your data.
  • Restriction: Request that we restrict processing of your data.
  • Objection: Object to processing of your data for certain purposes.
  • Withdrawal of consent: Withdraw consent where processing is based on consent.

To exercise any of these rights, please contact us at privacy@payvora.app.

10. Children's Privacy

Our Service is not directed to children under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately and we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we will provide in-app notification. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will respond to all legitimate privacy requests within 30 days.