Google Pay clarifies on privacy policy, following Paytm's notice to NPCI


Just a day after Indian payments behemoth Paytm’s notice to Indian retail payments organisation National Payments Corporation of India (NPCI) raising concerns regarding Google Pay’s privacy policy, the global internet conglomerate has responded with a clarification.

Google has responded to the concerns saying,

"Google Pay users have a direct relationship with Google - as per Google Pay terms of service a Google Account is opened with Google LLC. A common Google Account allows for checks and controls required for managing risk, fraud, spam, and for enhancing security measures, that are applied across Google products. It runs as a common thread across Google products allowing for seamlessness of service that a user can avail of and benefit from. Google does not use any individual UPI transactions data for any monetisation purpose e.g. for advertisements."

It further added,

"Google Pay shares user data as may be required for the purpose of processing transactions or providing Google Pay Services with our authorised partners. These include participating banks, banks on UPI infrastructure, bill aggregators, merchants on the Google Pay for Business program and with whom the users are transacting and billers such as utility services etc. Sharing of this information is in accordance with the applicable laws and requisite consent obtained from the user and in conformity with standard industry practice."

With respect to this clarification, Google Pay also updated its privacy policy stating,

‘… Your (Consumer’s) UPI Transaction Data will not be used for any monetisation purpose (eg. for advertisements) by any entity other than Google.’

Google Pay also made some additional changes to the langauge of its policy after yesterday's notice.

In its notice, Paytm had highlighted the clauses in Google Pay's privacy policy that stated it "collects, stores, uses and discloses Indian user’s personal data for advertising and promotional purposes" with not just its "group of companies" but also with unnamed "third parties". While writing to NPCI, Paytm questioned Google’s need to access such private information, raising concerns over Google Pay's intent while sharing this data with its group of companies as well as third parties.

The news comes on the heels of Moneycontrol reporting earlier this week that the Reserve Bank of India (RBI) may have approached the Ministry of Electronics and Information Technology with respect to its directive about payments firms storing data on local servers.

In the first week of April, the central bank, in its bi-monthly Monetary Policy Statement, made it clear that all payments system operators working in India have to ensure that data related to payments systems (operated by them) is stored in the country.