Privacy Policy
Last Updated: January 15, 2026
At TestUPI.com ("we", "our", or "the Service"), we take your privacy seriously. This Privacy Policy explains what information we collect, how we use it, how we protect it, and your rights regarding your personal data when you use our UPI testing and verification service.
1. Information We Collect
1.1 Automatically Collected Data
When you use our Service, we automatically collect minimal information necessary to provide the verification service:
| Data Type |
Purpose |
Retention Period |
| Transaction ID (Payment ID) |
Track payment status, prevent fraud |
30 days |
| Transaction Amount |
Service analytics, accounting |
30 days |
| Payment Method Used |
Service optimization, analytics |
30 days |
| Transaction Timestamp |
Report generation, support |
30 days |
| IP Address |
Security, fraud prevention |
7 days |
| Browser/Device Type |
Service optimization, compatibility |
30 days |
1.2 Data We Receive from Payment Gateway
We receive limited information from Razorpay (our payment processor) when you complete a payment. This may include:
- Payment confirmation status (success/failure)
- Transaction reference number (for reconciliation)
- Payment method used (UPI, card, netbanking)
Razorpay may collect additional information according to their own Privacy Policy, which is separate from ours.
2. What We DO NOT Collect or Store
We NEVER collect, store, or have access to:
- ❌ Your UPI PIN
- ❌ Banking passwords or credentials
- ❌ Payment card details (card number, CVV, expiry date)
- ❌ Bank account numbers
- ❌ UPI app login credentials
- ❌ Any sensitive financial or banking information
- ❌ Your name, email address, or phone number (unless you contact us for support)
All payment processing happens securely through Razorpay. Sensitive payment data never touches our servers.
3. How We Use Your Information
We use the limited information we collect only for the following purposes:
- Provide the Service: Process your UPI test and generate your verification report
- Display Results: Show your transaction details, UTR number, and analysis on screen
- Prevent Fraud: Detect and prevent fraudulent transactions and abuse
- Improve Quality: Analyze service performance, uptime, and user experience
- Technical Support: Respond to your inquiries if you contact us for help
- Legal Compliance: Meet regulatory requirements and respond to lawful requests
- Service Analytics: Understand aggregate usage patterns (anonymized data only)
We DO NOT use your data for:
- ❌ Marketing or promotional communications
- ❌ Selling or renting to third parties
- ❌ Profiling or behavioral tracking
- ❌ Targeted advertising
4. Email and SMS Communications
IMPORTANT: TestUPI.com does NOT send any emails or SMS messages to users.
We do not collect your email address or phone number, and we do not send any communications. Your verification report is displayed on screen immediately after payment.
Note: Razorpay (the payment gateway) may send you a payment receipt or transaction confirmation according to their policies. These communications are from Razorpay, not from TestUPI.com.
5. Payment Processing
All payment processing is handled by Razorpay Payment Solutions Private Limited, an RBI-authorized payment aggregator and PCI-DSS Level 1 certified payment gateway.
How Payment Processing Works:
- When you click the payment button, you are redirected to Razorpay's secure payment interface
- All payment information (card details, UPI PIN, etc.) is entered on Razorpay's secure servers
- We never see, handle, or store your payment credentials
- Razorpay processes the payment and sends us only a confirmation (success/failure)
- Razorpay complies with international payment security standards (PCI-DSS)
For details on how Razorpay handles your payment data, please review Razorpay's Privacy Policy at: https://razorpay.com/privacy/
6. Data Sharing and Third Parties
We share minimal data ONLY with:
- Razorpay: Payment processing (they have their own comprehensive privacy policy)
- Cloudflare: Website hosting and security (minimal technical data for CDN/DDoS protection)
- Law Enforcement: Only when legally required by valid court order or government request
We DO NOT share data with:
- ❌ Advertisers or marketing companies
- ❌ Data brokers or analytics companies
- ❌ Social media platforms
- ❌ Any other third parties for commercial purposes
7. Data Retention and Deletion
We retain your data only as long as necessary for the purposes described in this policy:
- Transaction data: Automatically deleted after 30 days
- IP address logs: Automatically deleted after 7 days
- Payment confirmations: Retained for 30 days for support purposes
- Support correspondence: Deleted after resolution + 30 days
- Aggregated analytics: Retained indefinitely (completely anonymized, no personal data)
After the retention period expires, all personal data is automatically and permanently deleted from our systems.
8. Data Security
We take data security seriously and implement multiple layers of protection:
Technical Security Measures:
- 🔒 SSL/TLS Encryption: All data transmission is encrypted using HTTPS
- 🔒 Secure Cloud Infrastructure: Hosted on Cloudflare's secure infrastructure
- 🔒 Access Controls: Strict authentication and authorization for system access
- 🔒 Firewall Protection: Network-level security and DDoS protection
- 🔒 Regular Security Updates: Systems kept up-to-date with latest security patches
- 🔒 Automated Deletion: Personal data automatically deleted after retention period
- 🔒 No Database Storage: We don't store sensitive personal information in databases
Note: While we implement industry-standard security measures, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
9. Your Privacy Rights
Under Indian data protection laws and as a matter of good practice, you have the following rights:
- Right to Access: Request a copy of data we hold about you
- Right to Deletion: Request deletion of your personal data
- Right to Correction: Request correction of inaccurate information
- Right to Object: Object to certain types of data processing
- Right to Portability: Receive your data in a portable format
- Right to Withdraw Consent: Withdraw consent for data processing (where applicable)
- Right to Complain: Lodge a complaint with appropriate authorities
How to Exercise Your Rights:
To exercise any of these rights, email us at: hardhead-hash-thud@duck.com
Include in your request:
- The nature of your request (access, deletion, etc.)
- Transaction details or payment ID (if available)
- Date of transaction (approximate if not exact)
We will respond within 7 business days.
10. Cookies and Tracking Technologies
Cookies We Use:
- Essential Cookies: Required for website functionality (session management)
- Security Cookies: Prevent fraud and abuse
We DO NOT Use:
- ❌ Advertising cookies
- ❌ Tracking cookies for behavioral profiling
- ❌ Third-party analytics cookies (like Google Analytics)
- ❌ Social media tracking pixels
Our use of cookies is minimal and necessary for service operation only.
11. Children's Privacy
Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.
If you believe a child under 18 has provided us with personal information, please contact us immediately at hardhead-hash-thud@duck.com, and we will take steps to delete such information.
12. International Users and Data Transfers
TestUPI.com is designed primarily for users in India. Our servers are located in India, and we process data in India.
If you access our Service from outside India:
- Your data may be transferred to and processed in India
- By using our Service, you consent to this transfer
- India's data protection laws may differ from your country's laws
13. Business Transfers
In the event of a merger, acquisition, sale, or transfer of assets, your information may be transferred to the acquiring entity. We will notify you via prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.
14. Legal Disclosure
We may disclose your information if required by law or in response to:
- Valid legal process (court orders, subpoenas, warrants)
- Government or law enforcement requests
- Compliance with regulatory requirements
- Protection of our legal rights or safety
- Prevention of fraud or criminal activity
We will comply with lawful requests while protecting your privacy to the extent permitted by law.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect:
- Changes in our data practices
- Changes in applicable laws
- New features or services
- Security improvements
When we make significant changes:
- We will update the "Last Updated" date at the top
- We will post the new policy on this page
- Changes become effective immediately upon posting
We recommend checking this page periodically for updates.
16. Data Protection Officer
For privacy-related questions, concerns, or requests, contact our Data Protection Officer at:
Email: hardhead-hash-thud@duck.com
Subject Line: "Privacy Inquiry" or "Data Request"
17. Contact Us
For any privacy-related questions, concerns, or to exercise your privacy rights:
Email: hardhead-hash-thud@duck.com
Website: testupi.com
Response Time: Within 7 business days
18. Summary
In simple terms:
- ✓ We collect minimal transaction data (payment ID, timestamp, device info)
- ✓ We NEVER collect your name, email, phone, or banking credentials
- ✓ We don't send any emails or SMS
- ✓ Your report is shown on screen only
- ✓ All data is automatically deleted after 30 days
- ✓ Payment processing is 100% handled by Razorpay (secure)
- ✓ We don't sell or share your data
- ✓ You can request data deletion anytime
19. Consent
By using TestUPI.com, you consent to the collection and use of information as described in this Privacy Policy. If you do not agree with this policy, please do not use our Service.
← Back to Home