Payana
Book a demo
Home / Legal / Privacy

Privacy policy.

What we collect, why, where it lives, and how to get it removed — for agency users and for travelers whose trips run on Payana.

Draft — pending review by counsel. Not yet a binding document.

Version 1.4 (draft) · Contact: privacy@payana.today

1. Two kinds of people, two roles

Agency users (you and your team): we are the data fiduciary — we decide how your account data is processed.

Travelers (your customers): your agency is the fiduciary; Payana is the processor acting on your instructions. Travelers' privacy questions route to their agency first; we assist with every request.

2. What we collect

DataWhy
Account data (name, email, phone, agency details, GSTIN)Running your workspace, billing, tax invoices
Customer & trip data you enter or importThe product itself — pipelines, itineraries, documents
Messages via connected channels (WhatsApp, email)The unified inbox; stored so your team has context
Payment status from RazorpayTrip balances and reminders — we never see card/UPI credentials
Usage analytics (feature events, device, IP)Reliability and product decisions; never sold, never ad-targeted

3. What we never do

  • Sell personal data. To anyone, in any form.
  • Show your customer list, pricing, or pipeline to any other agency — including on Discover.
  • Use traveler contact details to market anything. The traveler app has no ads and no cross-sell.
  • Train AI models on your private data without an explicit opt-in. AI drafting runs on your inputs for your outputs.

4. Where data lives

Production data is stored in AWS Mumbai (ap-south-1), encrypted at rest (AES-256) and in transit (TLS 1.2+). Encrypted backups replicate to AWS Hyderabad. Message delivery necessarily transits Meta (WhatsApp) and your email provider under their own terms.

5. Sub-processors

ProviderPurpose
AWS (India regions)Hosting, storage, backups
Meta PlatformsWhatsApp Business API delivery
RazorpayPayment links & subscription billing
AnthropicAI itinerary drafting (content of drafting requests only)

The current list is always at this page; we give 30 days' notice in-app before adding one.

6. Retention

  • Active workspaces: data kept as long as you keep it.
  • Closed accounts: 60-day grace, then deletion from production within 30 further days.
  • Our own invoices to you: 8 years (Companies Act requirement).
  • Server logs: 90 days.

7. Your rights

Access, correction, export, and erasure — exercised in-product (Settings → Data) or by writing to privacy@payana.today. We respond within 30 days. Travelers should contact their agency first; if that fails, write to us directly and we'll coordinate. Details specific to Indian DPDP and EU GDPR are on the DPDP & GDPR page.

8. Changes

Material changes are announced in-app and by email 30 days ahead. The version number and date at the top of this page always reflect what's in force.