Legal & Compliance

Privacy Policy

–Last Update 16/07/2019


This privacy policy describes how ‘Tap Smart Data Information Services Pvt. Ltd.’ ( or “CityCash”) collects and uses the personal information you provide when you use our services or visit our website/App.

Digital payment services provided by CityCash through Semi-closed and closed loop wallet(s) are a collective effort of CityCash, Fino payments Bank and Trimax IT Infrastructure Pvt. Ltd. as per the latest RBI guidelines.

Changes to CityCash Privacy Policy:

We may update our privacy policy from time to time. If changed, these changes will be reflected on our website and the date of the last change displayed on the top of the page. Your continued use of ‘CityCash’ services or the website/App after we have made such changes will constitute your acceptance of the new privacy policy.

Information we collect about you:

When any individual registers to use ‘SmartCard’ services through any touchpoint, we relay all the information received from the frontend application to the concerned party and only hold customer information on behalf of the service provider bank necessary for maintaining the Travel Wallet including the mobile number which is a unique identifier of the customer in our system and is integral to provide quality services to the customers. 

Apart from this, when the customer registers on our website or App, we also seek permission from the customer to auto-detect OTP during login for better customer experience and store the Universal Unique Identifier of the device (UUID) so as to enable us to track the activities performed by the customer through our website/app. Since money transactions are done through our website/app, it is important for us to safeguard our customers against any fraudulent activity and take corrective actions in case any suspicious activity is detected.

Retaining and sharing the customer Information:

We retain the information on behalf of the bank necessary for maintaining the Travel Wallet of the customer including the phone number and UUID of the device being used in our database for as long as your account is active or is required to comply with our legal obligations as per RBI guidelines, to resolve disputes and/or enforce our agreements. However, we do not share any customer-related information that we hold to any individual or entity for whatsoever be the reason.

How we safeguard your information:

We maintain strong security safeguards to ensure the security and confidentiality of the customer data, protect against any anticipated threats to the security of your personal information, protect against unauthorized access to your information, and ensure the proper disposal of your personal information. We have adopted a comprehensive security policy that complies with laws and regulations and reflects industry standards.

Our security policy requires us to consistently monitor the risk of any threats to the administrative, technical, and physical safeguards we have put in place to protect your information. The safeguards include, at a minimum, firewalls and data encryption and restricting access to your personal information only to those employees who have a need to know such information to carry on our operations. Further, access to our physical office is restricted only to our employees and representatives. These safeguards are reviewed and adjusted periodically based on ongoing risk assessments.

Compliance with RBI:

We comply with all rules and regulations (applicable on Services provided by ‘CityCash’) mandated by the Reserve Bank of India. These rules are regularly updated by the concerned authorities and our legal team ensures that we remain law compliant.

Confidentiality, security, and integrity of customer information:

Employees of ‘CityCash’ are regularly sensitized about the importance of confidentiality and privacy. Management will take steps necessary to ensure only employees with a legitimate business reason for knowing personally identifiable customer information shall have access to such information. To the extent practicable, access will be limited by computer access codes and granting limited access to areas in which sensitive customer information is retained. Employees will be informed at the time of their initial employment of these standards. Violation of this policy through misuse of sensitive information will result in disciplinary action against the offending individual.