FAVE — Privacy Policy

Last Updated: 16th April 2026

1. Introduction and Scope

1.1 Fave is a consumer application owned and operated by Pine Labs Private Limited, a company incorporated under the Companies Act, 1956/2013 and having its registered office at Unit No. 408, 4th Floor, Time Tower, MG Road, Gurgaon - 122002, Haryana, ("Fave", "we", "us"). We offer the services related to all TPAP functionalities (UPI), and all Bill Payments functionalities ("Services") at the request of a registered user ("you", "your") of our application ("Application").

1.2 This privacy policy ("Policy") is published in accordance with the provisions of Section 5(1) and 5(2) of the Digital Personal Data Protection Act, 2023 Rule 4 (1) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, Rule 3 (1) of the Information Technology (Intermediaries Guidelines) Rules, 2021 that require publishing the rules and regulations, privacy policy and Terms & Conditions for access or usage of the Application.

1.3 We are committed to protecting your personal data and respecting your privacy. Please read the following terms of the Policy carefully to understand our practices regarding your personal data, and how we will treat it. This Policy sets out the basis on which any personal data we collect from you or about you, or that you provide to us, will be processed by us.

1.4 We request you to go through this Policy and the Terms & Conditions ("Terms") carefully before you decide to access the Application and the Services. Please read this Policy in consonance with the Terms.

1.5 By accessing the Platform, you also confirm that (a) you are above 18 years of age, (b) you agree to this Policy and provide your free, specific, informed, unambiguous, and unconditional consent to the practices described in this Policy, and (c) you shall not impersonate any person or entity, or falsely state or otherwise misrepresent your identity, age, or affiliation with any person or entity. In the event of any violation of the Policy, we reserve the right to suspend or permanently prevent you from availing of Services or using the Application.

1.6 You understand that the Platform is meant for usage and access within the territory of the Republic of India, and cannot be accessed outside the territory of India. Fave is only bound by applicable laws of India and is not liable under any foreign laws.

2. Information Collected

2.1 We collect your Personal Information ("PI") only to the extent necessary to process your requirements, in the manner prescribed below, and per the applicable laws. However, in case you choose not to share your PI with us, we may not be able to provide you with the Services.

Activity Data Collected
For Registration on the Application Your name, Your mobile number, Your email address, Location
For UPI Payments UPI Handle, Masked bank account details, Masked credit card details, Contacts (names and mobile numbers), Relationship with contacts, Recipient bank account details, Recipient UPI handle, Recipient name
For Bill pay Customer ID for Bharat Connect Biller, Bill details (amount, due date, etc.)
For Transactions Transaction Details (amount, recipient, category, etc).
For Communication, OTP, etc. Your mobile number, Your email address

2.2 You are responsible for maintaining the accuracy and confidentiality of the PI. We will not be responsible for any unauthorised usage of your account by a third party. In case of any unauthorised usage of your account, please report this to us at the earliest.

2.3 For Communication: You understand that your registered email ID and phone number may be used for (a) the generation of a one-time password at the time of login, and (b) for any communications to you for the provision of the Services. You understand that you may not be able to opt out of essential communications that are necessary for the provision of the Services.

2.4 For the provision of the Services: To provide the Services, we will collect PI under applicable laws. Please note that in accordance with applicable laws, we do not store or use any financial data that you choose to share with third parties or otherwise transmit through our Services.

3. Use of Personal Information

3.1 We may collect, use, store, and transfer different kinds of personal data about you to provide you with, or in connection with, the Services. Such personal data includes:

3.2 Data about your device, including but not limited to:

3.3 Additional information: We may log certain non-personally identifiable information such as session information, user IDs, and audit trails of consent handles and communications, during usage of the Application. During usage of the Application, we may log the usage of cookies as well.

3.4 Other purposes: Your PI may be collected for the following additional purposes:

3.5 Purpose limitation: We follow a strict policy of purpose limitation. Your PI is only used for the purposes specified herein and any additional purposes will be duly notified to you.

4. Authenticity of Information

4.1 We have taken all reasonable steps to ensure that the information on the Application is authentic.

4.2 You agree that the personal data you provide us with is true, correct, and accurate. We shall not be liable for any incorrect or false information or personal data that you might provide.

5. Rights

5.1 With regard to your PI, you have the right to:

5.2 Please note that in the event you exercise your right to withdraw your consent to the processing of your information, restrict or limit our right to process your PI, or object to the processing of your PI, such exercise of rights may adversely impact the provision of the Services by us. In this context, we reserve the right to discontinue the provision of some or all of the Services or provide the Services in a limited manner should you choose to exercise any of the aforesaid rights.

5.3 You may exercise these rights by contacting us by email.

5.4 You may request the anonymisation of your PI by sending us an email. We will consider each such request on a case-by-case basis and approve such requests in compliance with our legal obligations.

6. How we will use your PI and for what purpose

6.1 We will only use your PI as the law allows us to. Most commonly, we will use your PI to provide you the Services, or where we need to comply with a legal obligation.

6.2 You understand that when you consent to provide us with your PI, you also consent to us sharing such data with third parties. However such PI will be shared with third parties only for the purpose of providing you the Services. You are aware that by using our Services on the Application, you authorise us, our authorised partners, and affiliates to contact you via email, phone, or otherwise. This is to ensure that you are aware of all the features of the Services.

6.3 You are aware that any information pertaining to you, whether or not you directly provide it to us (via the Services or otherwise), including but not limited to personal correspondence such as emails, instructions from you, etc., may be collected, compiled, and shared by us to provide the Services to you and you expressly authorise us to do so. This may include but not be limited to storage providers, marketing partners, data analytics providers, consultants, lawyers, and auditors. We may also share this information with our subsidiaries, affiliates, or any of their holding companies.

6.4 You agree and acknowledge that we may share data without your consent when it is required by law or by any court, government agency, or authority to disclose such information. Such disclosures are made in good faith and belief that it is reasonably necessary to do so to enforce this Policy or the terms of the arrangement we have with you, or to comply with any applicable laws and regulations.

6.5 In general, we will not disclose personal data except in accordance with the following purpose/activity:

7. Cookies

7.1 We may use "cookies" as required on the Application.

7.2 Cookies themselves do not personally identify You, but they identify your device. Generally, cookies work by assigning a unique number to the computer that does not have a meaning beyond the assigning site.

7.3 We cannot control the use of cookies or the resulting information by advertisers or third parties hosting data on our Application. If you do not want information collected through the use of cookies, they may change the settings in the browsers that allow them to deny or accept the cookie feature as per your discretion and in the manner agreed by them.

8. Security

8.1 The information that is collected from you may be transferred to and stored in a cloud server. The physical location of the server(s) will be located within India. By submitting information on the Application, you agree to this transfer, storing, and/or processing. We will take such steps as it considers reasonably necessary to ensure that your information is treated securely and in accordance with this Policy.

8.2 We will implement certain security measures including encryption and firewalls to protect your personal information from unauthorised access and such security measures comply with the security practices and procedures as prescribed under the Information Technology Act, 2000, and the applicable rules (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information Rules, 2011).

8.3 We use standard, industry-wide, commercially reasonable security practices such as encryption, firewalls, and SSL (Secure Socket Layers) to protect your information. We are compliant with the data security standards such as ISO 27001. However, as effective as encryption technology is, no security system is impenetrable.

8.4 We use commercially reasonable precautions to preserve the integrity and security of your information against loss, theft, unauthorised access, disclosure, reproduction, use, or amendment. We assume no liability for any disclosure of information due to transmission errors, unauthorised third-party access, or other acts of third parties, or acts or omissions beyond its reasonable control and you agree not to hold us responsible for any breach of security. You agree and acknowledge that the above-mentioned measures do not guarantee absolute protection to the personal information, and by accessing the Services, you agree to assume all risks associated with the disclosure of personal information arising due to breach of firewalls and secure server software.

8.5 In the event we become aware of any breach of the security of your information, we will promptly notify you and take appropriate action to the best of our ability to remedy such a breach in compliance with applicable laws. In such events, we may need to disclose the details of such a breach to the relevant regulatory authorities.

9. Disclosure

9.1 We will not sell, or otherwise commercially exploit your PI.

9.2 Disclosures of your information will only be limited to mandatory disclosures required by law.

10. Data Retention

10.1 Your financial information and PI are never stored by Fave. Your PI provided at the time of registration on the Application will be retained only for as long as required for the provision of the Services.

10.2 You may delete your account and request for the erasure of your data through the Application, in which event your PI will be purged. Provided that we have the right to retain and disclose any information required by the RBI or other regulators to comply with its obligations under law.

10.3 We may be required to retain certain non-personally identifiable information such as transaction information as required under applicable laws.

11. Amendments and review of privacy policy

11.1 We may update this Policy at any time, with or without advance notice. In the event there are significant changes in the way we treat your PI, or in the Policy document itself, we will display a notice on the Application or send you an email informing you of such changes, so that you may review the changed terms before continuing to use the Application. Your continued usage of the Application will constitute consent to the amended terms.

11.2 As per applicable laws, we are required to notify you of the terms of this Policy on an annual basis. You understand that you will receive communication from us on your registered email and you will not be able to opt out of such essential communication.

12. Grievance Redressal

12.1 We will provide the necessary support to you concerning any grievances/complaints about the Services. All support shall be provided through email.