BrainPayBrainPay

Privacy Policy

Last updated: June 30, 2026

1. Introduction

BrainPay ("we", "our", or "us") is India's first video reward fintech platform — a Progressive Web App that rewards users with coins for watching financial literacy videos, which can be redeemed against mobile recharge and utility payments. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our platform at brainpay.in. By using BrainPay, you agree to the practices described in this policy.

2. Information We Collect

2.1 Information from Google Sign-In

We use Google OAuth 2.0 for authentication only. When you sign in with Google, we receive:

  • Your name and email address
  • Your Google profile picture
  • Your Google account ID

We do not request or access any other Google account data beyond basic profile information. To revoke BrainPay's access to your Google account, visit Google Account Permissions and remove BrainPay from the list of connected apps.

2.2 Profile & Location Data

  • Location data: pincode, area, city, state, latitude, longitude (captured once at profile setup via browser geolocation)
  • Profile data: name, email, house number/address
  • Device and session information

2.3 Usage & Transaction Data

  • Video watch history and percentage completion
  • Coin earn and redemption history
  • Wallet top-up and recharge transaction records

3. How We Use Your Information

  • Account creation and authentication via Google Sign-In
  • Awarding coins for completing financial literacy videos hosted on our own platform
  • Processing wallet top-ups via Razorpay and recharge payments via MyPayStore
  • Location used solely for profile setup and service area determination — not for tracking or advertising
  • Fraud prevention and single-session enforcement
  • Admin review of new user registrations
  • Sending OTP messages for authentication (via SmartPing SMS)
  • Improving our platform and customer support
  • Complying with applicable legal obligations

4. Google API Services

BrainPay uses Google OAuth 2.0 solely for sign-in authentication. We request only basic profile scopes (name, email, profile picture) — no sensitive or restricted Google API scopes are requested. Our use of Google Sign-In is subject to the Google Privacy Policy.

BrainPay's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. Video Watch Data

BrainPay hosts its own educational and financial literacy video content directly on our platform. We track watch time and percentage completion solely to determine coin credit eligibility. A minimum watch completion threshold is required to earn coins. Watch data is not shared with third parties and is used exclusively for coin reward calculation within BrainPay.

6. Coin Wallet and Recharge

Coins are credited automatically upon video completion. Coins can be redeemed against utility recharges subject to applicable tier rules. Recharge transactions are processed via Razorpay (payment gateway, subject to Razorpay's Privacy Policy) and MyPayStore (recharge execution). Transaction history is stored and accessible in your wallet.

7. Location Data

Location is captured once during profile setup using the browser's Geolocation API. This includes latitude, longitude, pincode, area, city, and state. Location data is stored as read-only and cannot be edited by the user. It is used solely for profile setup and service area determination — not for real-time tracking or advertising.

8. Data Sharing

We do not sell your personal data to any third party. Limited sharing occurs with:
  • Razorpay — payment processing for wallet top-ups
  • MyPayStore — recharge API provider for mobile and utility recharges
  • SmartPing — SMS provider for OTP delivery
  • Legal authorities — if required by law, court order, or government authority

9. Data Retention

We retain your personal data for as long as your account is active. Transaction records are retained for a minimum of 7 years as required under Indian financial regulations. You may request deletion of your account by contacting us at info@brainpay.in.

10. Data Security

All data is transmitted over HTTPS. JWT tokens are used for session authentication. Single active session per user is enforced at all times. MongoDB Atlas is used with access controls and IP restrictions. We do not store raw payment card data — all payments are handled by PCI-compliant Razorpay.

11. Children's Privacy

BrainPay is not intended for users under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has provided us with personal data, please contact us immediately and we will delete it.

12. User Rights

  • Right to request access to your personal data
  • Right to request correction of inaccurate data
  • Right to request deletion of your account and data
  • Right to withdraw Google Sign-In access via Google Account settings
To exercise any of these rights, contact: info@brainpay.in

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of the app after changes constitutes acceptance.

14. Contact Us

Address: Dhanupay Tower, Opp. Bareilly City Station, Jasoli, Bareilly, Uttar Pradesh – 243001, India
Website: https://brainpay.in