
Access tools and insights for your business
Merchant
Grow your business with our merchant solutions and tools
Partner With Us
Join our partner network and unlock exclusive benefits
Issued by Palm Tech Technologies Private Limited
Effective Date: 06 February 2026
This document outlines the cybersecurity controls, data protection safeguards, and regulatory compliance framework adopted by Palm Tech Technologies Private Limited ("Palmpay").
This policy supports compliance with the Information Technology Act, 2000; SPDI Rules, 2011; Digital Personal Data Protection Act, 2023; and CERT-In Directions dated 28 April 2022.
This policy applies to Palmpay mobile applications, backend servers, APIs, merchant dashboards, cloud infrastructure, and palm-vein authentication systems.
Only derived biometric templates are processed. These templates are encrypted and securely segregated.
Raw palm images are not stored except where legally required or with explicit written consent. Biometric data is used solely for authentication and not for profiling or commercial use.
Palmpay maintains a structured incident response framework. Reportable incidents shall be reported to CERT-In within legally prescribed timelines (currently 6 hours from awareness).
Use of the platform for money laundering, fraud, identity theft, or unlawful activity is strictly prohibited.
The Company cooperates with banking partners, regulators, and law enforcement authorities as required under applicable laws.
Users are fully responsible for unlawful or fraudulent activity conducted through their accounts.
Palm Tech Technologies Private Limited shall not be liable for losses arising from illegal misuse of the platform. The platform does not encourage or condone illegal activity.
Palmpay operates as a technology interface provider. To the extent permitted by law, the Company claims intermediary safe harbour protections subject to compliance with due diligence requirements.
Email: admin@Palmpay.co.in
This cybersecurity policy is intended to demonstrate reasonable security practices and compliance readiness under applicable Indian laws.