Privacy Policy

This Privacy Policy explains how apipartner collects, uses, stores, processes, and shares information when corporate clients, authorized users, administrators, or visitors access this corporate API portal, related onboarding workflows, API documentation, reporting tools, wallet records, invoice records, and support services.

This portal is intended for corporate onboarding, KYC review, account management, wallet and ledger visibility, transaction monitoring, commission reporting, invoice access, API documentation, and operational control. Payment, recharge, messaging, travel, KYC, plans, number lookup, and other service transactions are executed through APIs and are reflected in the portal for reporting and administration.

By accessing or using the portal, you confirm that you have read and understood this Policy. If you do not agree with this Policy, you should not access the portal or submit information through it.

Legal Compliance

This Policy is intended to align with applicable Indian laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable data protection and compliance principles. apipartner follows reasonable administrative, technical, and operational safeguards for handling information processed through the portal.

Information We Collect

Depending on the module used, apipartner may collect information directly from corporate clients and authorized users, automatically through the portal, or from systems connected to API services. Information may include:

• Corporate account details such as company name, business type, GST number, PAN number, registered address, city, state, pincode, and contact information.
• Authorized user details such as name, email address, mobile number, role, login status, and account access permissions.
• KYC and onboarding documents such as PAN card, GST certificate, authorized signatory identity proof, business registration proof, bank proof, and related review remarks.
• API credential and integration details such as client ID, API key metadata, IP whitelist details, environment access, rate limit notes, and webhook configuration references.
• Service and transaction records generated through APIs, including BBPS bill payment, recharge, FASTag, SMS, WhatsApp, bus booking, flight booking, KYC, plan lookup, number lookup, transaction references, status updates, provider responses, and callback records.
• Wallet, ledger, invoice, commission, settlement, report, and account activity records required for operational visibility and reconciliation.
• Technical and security information such as IP address, browser details, device information, user agent, login attempts, session activity, audit logs, and access timestamps.

You may choose not to provide certain information, but this may restrict access to onboarding, approval, API credentials, reporting, or other portal services.

How We Use Information

apipartner uses collected information for legitimate business, compliance, security, and operational purposes, including:

• Creating and managing corporate client accounts.
• Reviewing KYC documents and approving, rejecting, suspending, or updating account access.
• Issuing and managing API access credentials and integration settings.
• Displaying wallet balances, ledger entries, transaction reports, commission records, invoices, and operational summaries.
• Processing support requests, service alerts, account notifications, password reset requests, and administrative communication.
• Monitoring login activity, preventing misuse, detecting fraud, enforcing access controls, and maintaining audit trails.
• Meeting legal, tax, regulatory, accounting, contractual, and internal compliance requirements.
• Improving portal reliability, reporting performance, user experience, and operational controls.

Data Security

apipartner uses reasonable administrative, technical, and physical safeguards to protect information against unauthorized access, alteration, disclosure, or destruction. Access to sensitive records is restricted to authorized users based on role and operational need.

Security controls may include secure password hashing, session controls, CSRF protection, prepared database queries, file upload validation, restricted document storage, audit logging, login attempt monitoring, and permission-based access. No electronic transmission or storage method is completely secure, so users are responsible for safeguarding their credentials, devices, and authorized access.

Data Retention

apipartner retains information for as long as necessary to provide portal services, maintain account records, support reconciliation, comply with legal or regulatory obligations, resolve disputes, enforce agreements, and maintain audit trails. Certain transaction, invoice, KYC, ledger, and compliance records may be retained for longer periods where required by law, regulation, taxation, accounting, or contractual requirements.

Sharing of Information

apipartner may share information only where necessary for service delivery, operations, compliance, or legal obligations. Information may be shared with:

• Partner banks, payment networks, billers, operators, service providers, API providers, aggregators, and processors required to support requested services.
• Technology, hosting, security, messaging, reporting, and support vendors assisting portal operations.
• Auditors, advisors, consultants, or internal teams where required for governance, accounting, risk, reconciliation, or compliance.
• Regulatory authorities, courts, law enforcement agencies, government departments, or other lawful authorities where disclosure is required or permitted by law.

apipartner does not sell personal information. Sharing is limited to information reasonably necessary for the relevant business, operational, compliance, or legal purpose.

Third-Party Services and Links

The portal may include references, redirects, integrations, or links to third-party systems, service providers, banks, billers, operators, travel providers, messaging providers, verification providers, or documentation resources. apipartner is not responsible for the privacy practices or content of third-party platforms. Users should review the privacy policies and terms of those third parties independently.

Cookies and Tracking Technologies

apipartner may use cookies and similar technologies to maintain secure sessions, remember preferences, improve portal functionality, analyze usage, and support security monitoring. Users may control cookies through browser settings, but disabling cookies may affect login, session, or portal functionality.

User Rights and Choices

Subject to applicable law and verification requirements, authorized users or corporate account contacts may request access to, correction of, or updates to their information. Requests may be limited where records must be retained for legal, regulatory, security, accounting, audit, transaction, or contractual reasons.

Where processing is based on consent, a user may withdraw consent by contacting apipartner. Withdrawal of consent may affect onboarding, approval, API access, reporting, support, or service availability.

Disclosure for Legal and Safety Reasons

apipartner may access, preserve, or disclose information when required to comply with applicable law, regulation, legal process, government request, court order, audit requirement, tax requirement, or regulatory obligation. Information may also be disclosed to protect the rights, property, security, or safety of apipartner, clients, users, service providers, or the public, or to prevent fraud, misuse, unauthorized access, or unlawful activity.

Change in Ownership or Business Structure

If apipartner undergoes a merger, acquisition, restructuring, transfer of assets, business transfer, or similar transaction, information may be transferred to the relevant successor entity in accordance with applicable laws and contractual safeguards.

Updates to this Privacy Policy

apipartner may update this Privacy Policy from time to time. Updated versions will be published through the portal or other appropriate channels. Continued use of the portal after updates are published constitutes acceptance of the revised Policy.

Contact Us

For questions, concerns, corrections, or requests regarding this Privacy Policy or data handled through the portal, contact apipartner support.