Privacy Assurance
At dPaisa, we are committed to protecting the privacy of our customers. We have implemented clear policies regarding the collection, use, and disclosure of customer information. dPaisa and all of its staff members are dedicated to respecting and safeguarding the privacy of our customers. All personal information provided by customers through transaction forms, application forms, annual reports, or any other medium shall be treated as confidential. Any such information collected from the customer shall be in possession of the company and be kept confidential. It will only be disclosed to statutory authorities in accordance with applicable laws. Furthermore, staff members, officials, and members of the management team are strictly prohibited from disclosing any information submitted to the Financial Information Unit (FIU), Nepal Rastra Bank (NRB), or from revealing the contents of documents accessed during investigations, inquiries, or in the course of their official duties. Disclosure of such information to any person, including the concerned customer, is only permissible under the conditions outlined by prevailing legal provisions. Personally identifiable information includes any data that can be used to identify an individual user and shall be treated with the highest level of confidentiality and care.
Information You Share with Us- All information is collected in compliance with the directives and regulations set forth by Nepal Rastra Bank.
- When registering a wallet as an Unverified User and/or to access basic services, users are only required to provide their mobile number and full name.
- If any agency, firm, or company is being registered as an Agent, Distributor, Sub-Agent, or Merchant, a physical or digital form must be completed, the agreement duly signed, and submitted to Goldmine Business Group Pvt. Ltd.
- Mobile Number
- Name of the Agent Business (only registered business name will be valid not individual person)
- Personal details of the directors
- Business Type
- Registration Certificate
- Address (State, District, Municipality/Village Municipality, Ward Number, City, Street/Tole)
- Secondary person’s contact details
- Bank Details
- Business Document PAN,
- NID
- Minuting
- Police Report
- Self-declaration
- Photo of the concerned office
To register as a Verified User, a physical or digital registration form must be completed and submitted at an authorized agent location. The completed form is then forwarded to us either digitally or in physical form.
Personal Information We Collect The personal data we collect and maintain may include, but is not limited to, the following:- Mobile Number
- Full Name (First, Middle, and Last Name)
- Gender
- Date of Birth
- Nationality
- Father’s or Husband’s Name
- Grandfather’s Name
- Mother’s Name
- Marital Status
- Occupation
- Email Address
- Province/State
- District
- Municipality/Rural Municipality
- Ward Number
Camera / Gallery Photo
This functionality allows users to capture and upload images required for completing KYC documentation and updating their profile photo within the app.Access to Contacts
Contact information is not stored on dPaisa’s servers and is never transmitted over the internet. This access is used solely to enhance user experience within the app and is managed in full compliance with applicable privacy and data protection regulations.Network Connectivity and Internet Usage
No personal data is collected through this access; it is used solely to ensure proper app functionality and a smooth user experience.SMS Communication
The application may access SMS messages to facilitate secure communication, such as automatically detecting one-time passwords (OTPs) for verification purposes. This access helps streamline processes like login and transaction authentication. Access to SMS messages is strictly limited to verification functions and does not involve reading or storing personal message content beyond what is necessary for these purposes.Confidentiality and Disclosure
Disclosure of personal data will occur solely in accordance with applicable laws and regulations, or when required by authorized government bodies. Under no circumstances will information be shared with third parties for purposes unrelated to the services provided or without explicit user consent.Data Retention:
dPaisa retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including providing services, complying with legal obligations, resolving disputes, and enforcing agreements. Once the data is no longer needed, it is securely deleted or anonymized to protect user privacy. Retention periods are determined by the category of data and the applicable legal and regulatory obligations. As per the NRB Unified Directives, all relevant data must be securely retained for a minimum period of five years to ensure compliance with regulatory requirements. dPaisa maintains a secure record of users' transaction history to ensure transparency, provide customer support, and meet regulatory compliance requirements. Users can access their transaction history through the IME Pay application, where details of past payments, transfers, and receipts are available.Account Deletion
Users may request the deletion of their accounts at any time. Account deletion will be processed after all pending transactions are settled and any contractual or regulatory obligations are fulfilled. Upon deletion, personal data associated with the account will be securely erased in accordance with applicable data protection laws. However, some information may be retained for legal or compliance purposes.
Fraudulent Activity and Misuse: dPaisa is committed to preventing and addressing any fraudulent activity and misuse of its services. Accounts suspected of involvement in fraudulent behavior or misuse may be temporarily suspended, deactivated, or permanently terminated to protect the security and integrity of the platform and its users.
Compliance Requirements: Deactivation may occur to comply with legal, regulatory, or internal policy mandates.
Security Concerns: Accounts suspected of fraudulent activity or security breaches may be deactivated to protect users and the platform.
Legal Obligations: dPaisa complies with all applicable legal obligations to ensure lawful operation and protect the rights of its users. This includes adherence to data protection laws, financial regulations, and any other statutory requirements relevant to our services. Users are required to provide accurate information and cooperate as necessary to fulfill these legal obligations. Non-compliance may result in restrictions, suspension, or termination of services in accordance with the law.
User Request: Upon receiving a written request letter from the user, accompanied by a copy of a valid identification document (such as Citizenship Certificate, Passport, Driver’s License, NID etc.)