Data Processing Agreement

This Data Processing Agreement (DPA) is a clear and legally binding document between us, Superpace Fintech, as the "Data Processor," and you, our user, as the "Data Controller." Its purpose is to explain how we handle and protect your personal data when you use our payment services.

When we say "we," "our," or "us," we're talking about Superpace Fintech. When we say "you" or "your," we're referring to you. By using our services, you're agreeing to the terms outlined here, ensuring that your data is handled with care and responsibility.

Our Respective Roles

In this partnership, you, the Controller, decide why and how data is processed, and you are responsible for following all data protection laws. We, the Processor, will handle your personal data strictly according to your instructions and only for the purpose of providing our payment services. This clear division of roles ensures accountability and trust.

What We Process Your Data For

We only process your information for purposes that keep your transactions secure, compliant, and seamless. Your data is used for:

Processing Payments: To initiate, approve, and settle transactions.

KYC & Fraud Prevention: To verify your identity and protect against fraud.

User Authentication: To apply security measures like two-factor authentication.

Reporting & Reconciliation: To provide accurate transaction history and reports.

Our Security Measures

We take the security of your data seriously. We have strong technical and organizational safeguards in place, including:

Encryption: We use robust encryption to protect data both in transit and at rest.

Authentication Controls: We use multi-factor authentication to secure system access.

Regular Audits: We conduct vulnerability scans and penetration tests to find and fix weaknesses.

All our staff are trained in data protection and uphold strict confidentiality.

Your Data Rights

We are committed to helping you maintain control over your personal information. We will assist you in responding to requests from individuals regarding their data rights, which include:

Access: The right to access the personal data we hold about you.

Correction: The ability to correct inaccurate or incomplete information.

Erasure: The right to request the deletion of your personal data when appropriate.

Portability: The choice to obtain your information in a portable format.

Restriction: The right to limit or object to how your data is processed.

Our Use of Subprocessors

We will never use a third party to process your data without your prior written approval. When we do use Subprocessors, they are bound by written contracts that require them to follow data protection standards equal to or greater than our own. This ensures your information is always protected, no matter who is involved.

Data Breach Notification

In the unlikely event of a data breach, we will notify you immediately, and always within 24 hours. The notice will include details about the breach, the number of people affected, and the steps we are taking to contain the incident and prevent future breaches. This commitment to swift and transparent communication ensures you're always informed.

Audit & Compliance

To build your trust, you have the right to audit our compliance with this agreement. We will provide access to all necessary documents to confirm that we are meeting our obligations.

Data Retention & Deletion

We only keep your personal data for as long as needed to process payments and meet legal requirements, such as those from the RBI. Once services end, we will securely erase or return all personal data, unless a law requires us to keep it for a longer period.

Legal & Regulatory Changes

Laws are always changing. If any new legal or regulatory changes impact our ability to handle personal data, we will notify you without delay. This ensures we both remain aware of any developments that could affect compliance.

Liability & Indemnification

If either of us fails to meet our responsibilities under this agreement, we will be liable for any resulting damages. We will also indemnify you for any fines or losses that arise from our failure to meet our data protection obligations.

Governing Law & Dispute Resolution

This agreement will be interpreted and enforced under the laws of India. Any disputes will be handled exclusively in the courts located in India. This ensures a consistent and predictable legal process for both of us.

Amendments

Any changes to this agreement must be in writing and signed by both parties to be valid. This ensures that no changes are overlooked and that we both have a clear understanding of our commitments.

Acknowledgment and Acceptance

By entering into this agreement, both parties confirm that we have read, understood, and accepted all the terms. This represents a shared commitment to transparency, accountability, and protecting the data entrusted to us.

Simplifying commerce with unified payment experiences for modern businesses.
Policy Pages
X Privacy Policy X Terms & Conditions X Cookies Policy X Refund Policy X Data Processing Agreement X Disclaimer
Main Page
Home Payouts Onboarding Solutions FAQ Contact Us
Banking
Current Account API Banking Tax Payments Escrow
Payments
Smart Collect Instant Settlement QR Codes Invoice
Address

SUPERPACE ASSOCIATE PRIVATE LIMITED

Floor No: 6th, Office No: 602, New Tropical Era, Road No. 33, Wagle IE Sub Post Office, Thane West, Thane, Maharashtra, 400604.

Email: superspaceassociatepvtltd@gmail.com
Phone: 8766832863

Copyright © SUPERPACE ASSOCIATE PRIVATE LIMITED. All Rights Reserved