Reference

How h02 Handles Your Personal Data

At h02, your personal data belongs to you — we collect only what we need to run your account securely and process transactions via UPI, Paytm and PhonePe.

Data collected with clear purposeUPI, Paytm, PhonePe transaction privacyYour right to access and correctIndia-applicable data retention rules
explore the lobby Read FAQ
h02 How h02 Handles Your Personal Data
PRIVACY CONTACT PATHS

Reach Our Data Team Directly

If you want to exercise any right under this policy — access, correction, deletion or a complaint — our data team is reachable through the channels below.

Email the Data Team Send a written request to our dedicated privacy address. Include your registered account email so we can verify your identity before processing any data access or deletion request.
Live Chat Support Start a live chat session from your account dashboard. Ask to be connected to the privacy team; an agent will log your request and escalate it within one business day.
In-App Help Centre Open the Help Centre inside the h02 app, select 'Account and Privacy', then 'Submit a Privacy Request'. Your case reference number is generated immediately for tracking.
DATA HANDLING STANDARDS

See How We Protect Your Account Data

Every layer of data handling at h02 — from the moment you enter your UPI ID to when a withdrawal confirmation lands in your PhonePe wallet — follows strict internal controls.

Encryption in Transit and at Rest

All data moving between your device and our servers is encrypted via TLS. Stored records, including payment identifiers linked to UPI and Paytm, are encrypted at rest using AES-256 so they cannot be read if storage is ever compromised.

Cookie and Tracking Transparency

We use session cookies to keep you logged in, analytics cookies to understand page performance and optional preference cookies. You can adjust cookie settings from your account preferences page at any time without losing access.

Account Access Security

Two-step verification is available on every account. We log each login attempt — device type, approximate location and timestamp — and alert you by email if an unrecognised device accesses your account.

Data Retention Periods

Transaction records are retained for the period required under applicable financial regulations in India. Account profile data is held while your account remains active; once closed, non-regulatory data is deleted within ninety days.

Third-Party Processor Limits

Payment processors — including the gateways that handle UPI and PhonePe flows — receive only the minimum data required to complete a transaction. They are contractually prohibited from using your data for any other purpose.

Your Rights and How to Exercise Them

You may request a copy of your data, ask us to correct inaccuracies, or ask for deletion of non-regulatory records. Rights are exercised where local law permits — submit any request via the data team channels listed on this page.

Your Privacy Questions Answered

Below are the questions we hear most often about how your data is handled on h02. If your question is not covered here, reach out to our data team through live chat or email and we will respond within the timeframe set by applicable law.

We collect your name, email address, mobile number and date of birth at account creation. If you make a deposit via UPI or Paytm, we also record the transaction reference and payment identifier — nothing beyond what is needed to process the transfer and verify your account.

We share data only with payment processors that handle UPI, Paytm and PhonePe transactions, fraud-detection services and regulatory bodies where the law requires it. We do not sell your data to advertisers or unrelated third parties under any circumstances.

Non-regulatory profile data is deleted within ninety days of account closure. Transaction and identity records required under Indian financial regulations are retained for the legally mandated period and then securely destroyed. We do not hold data longer than the law requires.

Yes. Email our data team or submit a request through the in-app Help Centre. We will verify your identity using your registered account email, then send you a structured copy of your data within the timeframe applicable under local law where such rights apply.

Contact the data team via email or live chat with the specific correction or deletion you need. We aim to resolve corrections within seven working days. Deletion requests for non-regulatory data are completed within ninety days of verification.

We use essential session cookies, performance analytics cookies and optional preference cookies. You can disable non-essential cookies in your account settings at any time. Disabling analytics cookies does not affect your ability to access the lobby or make transactions.

Contact our live chat support immediately. We will lock the account pending investigation, review the login logs for your account and notify you of our findings. Enable two-step verification afterwards to reduce the chance of unauthorised access in future.

Related Pages

Divine Fortune FAQ h02 App About Us