India: Google- Pay revises its privacy policy

October 26, 2018


With the increasing digitalization, technology has assisted in making available numerous services on the electronic platform. Using simplified features on the cyberspace, has facilitated the carrying out of routine commercial activities using the podium offered by the virtual world. Most of the business operations no longer require physical media for their fulfilment.

Payments online

Online payments in India are regulated by the National Payments Corporation of India (hereinafter referred to as “NPCI”) which is the organisation for operating retail payments and settlement systems in India. A number of e-payments platforms have come up in the Indian market such as Mobikwik, OlaMoney, Jiomoney, PayZapp, SBI Buddy, etc.

Google- Pay

Entering into the domain of payment services is Google, which has developed a digital wallet platform and online payment system- Google- Pay to power in-app and tap-to-pay purchases on mobile devices, enabling users to make payments with Android phones, tablets or watches. While Google has requested to comply with the data localization norms set forth but has asked for the extension of the deadline in said regards by a period of 2 months (till December, 2018)[1] . It is confronted with another challenge posed by the one of the renowned e-wallet service provider – Paytm.

Paytm had filed a complaint with the NPCI alleging that Google’s privacy policy allowed it to utilise a user’s personal data for advertising and promotional purposes, without any additional consent from the user. [2] It was further stated that the said polices of Google permitted it to access user’s navigation, logs and correspondence data while also reserving the right to collect, store, use and read user’s communication. Paytm also contended that critical payments data collected by Google is being processed and stored outside of India which can have severe security implications in case of a data breach.

Being faced by serious accusations made against it, the tech giant updated its privacy policies by elaborating on the procedure it uses or can use payments data of its Indian users. [3] The users have been informed that Unified Payments Interface Transaction Data will not be used for any monetisation purpose such as for advertisements purpose by any entity other than Google. However, such data shall be shared with banks, merchants and third-party service providers only to aid in the seamless flow of the transaction.

In the modern tech-driven world, where almost all services are available online the payments for the same are also being made via the same media. In order to ensure that the process is carried out smoothly the platforms often require the submission of personal and sensitive information of a person means such exclusive information which consists of passwords; financial information such as Bank account, credit card, debit card or other payment instrument details; physical, and mental health condition; medical records and history; Biometric information; any such related detail as provided to body corporate for providing service and any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise. Considering the vitality and importance of the information shared and rising number of criminal activities over the cyber-space, a duty is cast over the service provider to ensure the confidentiality of the same. Formulating the privacy policy lays down the guidelines for management of the confidential information so received serves as an effective mode for the protection of the sensitive information received from the users. The modification of the Google- Pay’s privacy policy is indicative of its intent to protect the personal and sensitive data of its users.




For more information please contact us at :