NEXT GEN PAYON
Book a Free Demo

Table of Contents

Privacy Policy

Last Updated: May 15, 2025

1. Introduction

NEXT GEN PAYON PRIVATE LIMITED ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our payroll management platform, or engage with our services.

We value your trust and strive to be transparent about our data practices. Please read this policy carefully to understand our practices regarding your personal data and how we will treat it. By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy.

This policy applies to all information collected through our website, platform, APIs, and any related services, sales, marketing, or events.

2. Information We Collect

We collect several types of information from and about users of our services, including:

2.1 Personal Information

Personal information is data that can be used to identify you directly or indirectly. We may collect the following personal information:

  • Identity Information: Name, job title, company name, date of birth, gender, and profile images.
  • Contact Information: Email address, mailing address, phone number, and other similar contact details.
  • Financial Information: Bank account details, payment card details, and transaction history (for payment processing purposes).
  • Employment Information: Employee identification numbers, salary details, tax information, and other payroll-related data (when using our payroll services).
  • Account Information: Username, password, account preferences, and security questions/answers.

2.2 Usage and Technical Information

As you interact with our services, we may automatically collect technical information about your equipment, browsing actions, and patterns, including:

  • Device Information: IP address, browser type and version, operating system, device type, and other technology identifiers on the devices you use to access our services.
  • Usage Data: Information about how you use our website and services, including time spent on pages, click-through paths, features used, and other interaction data.
  • Location Data: General location information derived from IP addresses or precise location data (with your consent).
  • Log Data: Server logs, error reports, and performance data.

2.3 Information from Third Parties

We may receive information about you from third parties, including:

  • Business Partners: We may receive information about you from our business partners, such as when you integrate our services with other platforms.
  • Service Providers: Information from service providers who help us with fraud prevention, identity verification, and security.
  • Public Sources: Publicly available information from sources such as public records, social media platforms, and professional networks.

3. How We Use Your Information

We use the information we collect for various purposes, including:

3.1 Providing and Improving Our Services

  • To provide, operate, and maintain our payroll and payment processing services.
  • To process transactions and send related information, including confirmations and receipts.
  • To improve and personalize your experience with our services.
  • To develop new features, products, and services.
  • To provide customer support and respond to inquiries.

3.2 Communication and Marketing

  • To communicate with you about your account, updates to our services, and security alerts.
  • To send you marketing communications about products, services, and events (with your consent where required).
  • To conduct surveys and collect feedback about our services.
  • To respond to your comments, questions, and customer service requests.

3.3 Security and Compliance

  • To protect our services, users, and business from fraud, unauthorized access, and other security issues.
  • To verify your identity and prevent fraudulent transactions.
  • To comply with legal obligations, including tax and regulatory requirements.
  • To enforce our terms, conditions, and policies.
  • To establish, exercise, or defend legal claims.

3.4 Analytics and Research

  • To analyze usage patterns and trends to better understand how users interact with our services.
  • To evaluate the effectiveness of our marketing campaigns.
  • To conduct research and development for future service enhancements.
  • To generate aggregated, non-identifying analytics and reports.

We process your information based on legitimate interests, contractual necessity, legal obligations, or with your consent, depending on the specific purpose.

4. Information Sharing and Disclosure

We may share your information with third parties in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who perform services on our behalf, such as:

  • Payment processors and financial institutions to facilitate transactions.
  • Cloud hosting and storage providers.
  • Customer support and communication platforms.
  • Analytics and marketing service providers.
  • Security and fraud prevention services.

These service providers are contractually obligated to use your information only for the purposes of providing services to us and in accordance with this Privacy Policy.

4.2 Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We may also disclose your information to:

  • Enforce our terms and conditions and other agreements.
  • Protect the security of our operations, rights, privacy, safety, or property.
  • Protect against legal liability.
  • Prevent or investigate possible wrongdoing in connection with our services.

4.4 With Your Consent

We may share your information with third parties when you have given us your consent to do so for specific purposes.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with third parties for various purposes, including business intelligence, industry analysis, and improving our services.

5. Data Security

We implement appropriate technical and organizational measures to protect the security of your personal information. Our security measures include:

  • Encryption of sensitive data both in transit and at rest using industry-standard encryption protocols.
  • Implementation of access controls and authentication mechanisms to restrict access to personal data.
  • Regular security assessments, penetration testing, and vulnerability scanning.
  • Continuous monitoring of our systems for potential security breaches.
  • Employee training on data protection and security best practices.
  • Physical security measures at our facilities and data centers.

While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

We maintain ISO 27001 certification and are PCI DSS compliant, demonstrating our commitment to maintaining high security standards for handling your data.

5.1 Data Breach Notification

In the event of a data breach that compromises your personal information, we will notify you and relevant regulatory authorities as required by applicable law. We have incident response procedures in place to address such situations promptly.

6. Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect and use information about you and your interaction with our services. Cookies are small data files that are placed on your device when you visit a website, which uniquely identify your browser and device.

6.1 Types of Cookies We Use

  • Essential Cookies: These cookies are necessary for our services to function properly and securely, including for authentication, security, and remembering your preferences.
  • Performance/Analytics Cookies: These cookies help us understand how visitors interact with our services by collecting and reporting information anonymously. They help us improve our services and user experience.
  • Functionality Cookies: These cookies enable enhanced functionality and personalization, such as remembering your preferences and settings.
  • Marketing/Targeting Cookies: These cookies are used to track visitors across websites to display relevant advertisements and measure the effectiveness of advertising campaigns.

6.2 Cookie Management

You can control and manage cookies in various ways. Most web browsers allow you to manage your cookie preferences by adjusting your browser settings. You can:

  • Delete cookies from your device
  • Block cookies by activating the setting on your browser that allows you to refuse all or some cookies
  • Set your browser to notify you when you receive a cookie

Please note that if you choose to block or delete cookies, certain features of our services may not function correctly. For more information about cookies and how to manage them, please visit our Cookie Policy or your browser's help section.

6.3 Other Tracking Technologies

In addition to cookies, we may use web beacons, pixels, and other similar technologies to track user activity and collect data about how our services are used. These technologies help us analyze traffic patterns, determine the effectiveness of marketing campaigns, and improve our services.

Cookie Preferences

Essential Cookies

Required for basic functionality

Analytics Cookies

Help us improve our website

Marketing Cookies

Used for targeted advertising

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information. These may include:

7.1 Access and Information

You have the right to request information about the personal data we hold about you, including the categories of data, its sources, and the purposes for which we process it.

7.2 Correction and Update

You have the right to request that we correct inaccurate or incomplete personal information about you.

7.3 Deletion

You have the right to request the deletion of your personal information in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

7.4 Restriction of Processing

You have the right to request that we restrict the processing of your personal information under certain conditions.

7.5 Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

7.6 Objection

You have the right to object to the processing of your personal information in certain circumstances, particularly for direct marketing purposes.

7.7 Withdrawal of Consent

Where we process your personal information based on your consent, you have the right to withdraw that consent at any time.

7.8 How to Exercise Your Rights

You can exercise your rights by contacting us using the information provided in the "Contact Us" section below. We will respond to your request within the timeframe required by applicable law. We may need to verify your identity before fulfilling your request.

Please note that there may be limitations to these rights based on applicable laws, and we may retain certain information as required or permitted by law.

8. International Data Transfers

We operate globally and may transfer your personal information to countries other than the one in which you reside. These countries may have data protection laws that differ from those in your country.

When we transfer personal information across borders, we take appropriate safeguards to ensure that your information receives an adequate level of protection, including:

  • Implementing Standard Contractual Clauses approved by the European Commission.
  • Ensuring transfers to countries with adequate data protection laws as determined by relevant authorities.
  • Obtaining your consent for certain transfers.
  • Implementing appropriate technical and organizational measures to protect your personal information during transfer and processing.

By using our services, you acknowledge that your personal information may be transferred to and processed in countries outside your country of residence, including the United States and India, where our primary servers and operations are located.

9. GDPR Compliance

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we comply with the General Data Protection Regulation (GDPR) and equivalent data protection laws.

9.1 Legal Basis for Processing

Under the GDPR, we process your personal information based on one or more of the following legal bases:

  • Consent: You have given us explicit consent to process your personal information for specific purposes.
  • Contractual Necessity: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

9.2 Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for overseeing our data protection strategy and ensuring compliance with data protection laws. You can contact our DPO at privacy@nextgenpayon.com.

9.3 Supervisory Authority

If you are located in the EEA, UK, or Switzerland and believe that our processing of your personal information infringes data protection laws, you have the right to lodge a complaint with a supervisory authority in your country of residence, place of work, or place of the alleged infringement.

10. Children's Privacy

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will take steps to delete such information as quickly as possible.

If you believe that we might have any information from or about a child under 18, please contact us using the information provided in the "Contact Us" section.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date.
  • Sending an email notification to registered users.
  • Displaying a prominent notice on our website or services.

We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the revised policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the following information:

NEXT GEN PAYON PRIVATE LIMITED

123 Financial District, Mumbai, Maharashtra 400001, India

privacy@nextgenpayon.com

+91 22 1234 5678

Attention: Data Protection Officer

Privacy Inquiry Form