Privacy Policy

Introduction
This Privacy Policy describes how Abuzar Gour and its affiliates (“Abuzar Gour”, “we”, “our”, “us”) collect, use, share, protect, and otherwise process your personal data through our website https://lifefortune.in/ (“Platform”), including mobile site and mobile application. By accessing or using the Platform or Services, you consent to the collection, use, and processing of your information as described herein and agree to be governed by the laws of India, including data protection and privacy laws. If you do not agree, please do not use the Platform.

Data Collection
We collect personal data when you register, transact, or interact with the Platform. This may include: name, date of birth, address, telephone/mobile number, email ID, government identifiers (Aadhaar, PAN), payment instrument details (bank account, credit/debit card), biometric data (if applicable), and transaction data (amount, timestamps, reference IDs). We may also track your behavior, preferences, and aggregated usage data.

Use of Data
We use your personal data to:

  • Provide and fulfill the Services you request.
  • Process payments and refunds in compliance with RBI guidelines.
  • Communicate offers, updates, and marketing materials (with opt-out options).
  • Detect, prevent, and investigate fraud, unauthorized access or other illegal activities.
  • Comply with our legal obligations and enforce our Terms of Use.
  • Conduct analytics, research and improve our Platform and Services.

Data Sharing
We may share your personal data with:

  • Group entities and affiliates for Service facilitation and marketing (with opt-out).
  • Third-party service providers (logistics, payment processors, reward programs) for Service delivery.
  • Government and law enforcement agencies as required by law or to protect rights, property or safety.
  • Overseas regulators only with RBI approval and where required by cross-border transaction regulations.

Data Storage and Localization
In compliance with the RBI’s “Storage of Payment System Data” directive:

  • All payment and transaction-related data (customer data, payment credentials, transaction messages, logs) shall be stored exclusively on servers located within India.
  • If any payment data is processed outside India, it will be deleted abroad and repatriated to India within 24 hours or one business day of processing, whichever is earlier.
  • Any subsequent transaction-related processing (settlements, chargebacks) must utilize data stored in India.
  • A certified system audit, including data security and backup restoration, will be conducted by a CERT-In empanelled auditor at least annually.

Card Data and Tokenization
In accordance with RBI’s “Guidelines on Regulation of Payment Aggregators and Payment Gateways”:

  • We do not store full card credentials (card number, CVV, expiry) beyond the timelines prescribed (T+4 days for settlement).
  • Card-on-File (CoF) data will be tokenized and stored securely in compliance with PCI-DSS standards for the limited purposes of transaction tracking and repeat payments.

Security Measures
We adopt reasonable security practices and procedures to protect your data from unauthorized access, loss or misuse. These include encryption, secure servers, access controls and periodic security audits. However, transmission of data over the internet is not entirely risk-free.

Data Retention and Deletion

  • We retain personal data only as long as necessary for the purposes collected or as required by law.
  • You may delete your account via your profile settings or by contacting us. Pending disputes or legal obligations may delay deletion.
  • Anonymised data may be retained indefinitely for analytics and research.

Your Rights
You may access, correct, update or delete your personal data through Platform functionalities or by contacting our Grievance Officer. You may withdraw consent for marketing communications at any time; withdrawal will not affect processing necessary for Services or compliance.