SeedhaPe — UPI Payment Middleware

This Privacy Policy explains how SeedhaPe ("we", "our", or "us") collects, uses, stores, and shares information when you use our website, API, and Android mobile application (the "Services").

1. Information We Collect

1.1 Account and business information

Business name, email address, UPI ID, webhook URL, and account identifiers.
API key metadata and device registration details.

1.2 Payment and transaction-related information

Order ID, amount, status, timestamps, and transaction reference fields (for example UTR).
Payer/sender name where available from supported payment notification sources.
Payment app package/source metadata used for payment verification.

1.3 Android app data and permissions

The SeedhaPe Android app may request and use the following permissions:

Notification access (Notification Listener Service): to detect incoming UPI payment notifications and verify orders.
SMS permissions (READ_SMS, RECEIVE_SMS): used as a fallback to read bank credit SMS messages when notification parsing is unavailable.
Foreground service/data sync: to keep verification sync running reliably.
Internet access: to securely send verification events to SeedhaPe servers.

We do not use these permissions for advertising or contact-list profiling. We use them only for payment verification, fraud prevention, and service reliability.

1.4 Technical and log information

IP address, device identifiers, app version, device model, request logs, and error logs.

2. How We Use Information

To provide payment order creation, verification, and webhook delivery.
To prevent fraud, abuse, duplicate matches, and unauthorized access.
To support dispute handling and merchant support workflows.
To improve performance, reliability, and security of the Services.
To comply with applicable legal obligations.

3. Legal Basis (where applicable)

Performance of a contract (providing the Services requested by you).
Legitimate interests (security, fraud prevention, reliability, support).
Compliance with legal obligations.
Consent, where required by law.

4. Sharing of Information

We do not sell personal information.

We may share information with:

Service providers that host infrastructure, process logs, or deliver files/webhooks on our behalf.
Your configured webhook endpoint(s), based on your account settings.
Authorities or regulators when legally required.
Successors in connection with a merger, acquisition, or asset sale (with appropriate safeguards).

5. Data Retention

We retain data for as long as needed to provide the Services, maintain security/fraud controls, resolve disputes, and satisfy legal/accounting obligations. Retention periods may vary by data type and use case.

6. Data Security

We use reasonable administrative, technical, and organizational safeguards to protect data. No method of transmission or storage is 100% secure, but we continuously improve controls to reduce risk.

7. Your Choices and Rights

You can update business profile information from the dashboard settings.
You can disconnect the mobile device and revoke API keys.
You can disable notification/SMS permissions from Android settings (core verification may stop).
You may request access, correction, or deletion of your data, subject to legal or security retention requirements.

8. Children's Privacy

The Services are not directed to children under 13 (or the equivalent age in your jurisdiction), and we do not knowingly collect personal information from children.

9. International Transfers

Your information may be processed in countries other than your own. Where required, we apply safeguards appropriate to such transfers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the effective date.

11. Contact Us

For privacy questions or requests, contact us at support@seedhape.com.