India's biggest digital payments company Paytm has flagged concerns over rival Google Pay's privacy policy, saying it allows collection and disclosure of users' personal data with group companies.
The Alibaba and SoftBank-backed company also alleged that Google's privacy policy allows the American giant to utilise a user's personal data for advertising and promotional purposes, without any additional consent from the user.
"This is a clear disregard for a consumer's need for privacy," Paytm said in a recent letter to the National Payments Corporation of India (NPCI).
As the battle to capture market share in the booming Indian digital payments space intensifies, One97 Communications owned-Paytm has alleged violation of basic privacy norms in the tech titan's policy.
In its two-page letter, Paytm said Google Pay's privacy policy allows it to access user's navigation, logs and correspondence data while also reserving the right to collect, store, use and read user's communication.
When contacted, a Google spokesperson said the company does not use any individual UPI transactions data for any monetisation purpose, including advertisements.
More From This Section
"Google Pay shares user data as may be required for the purpose of processing transactions or providing Google Pay Services with our authorised partners... Sharing of this information is in accordance with the applicable laws and requisite consent obtained from the user and in conformity with standard industry practice," the spokesperson said.
These partners, the spokesperson said, include banks, banks on UPI infrastructure, bill aggregators, merchants on the Google Pay for Business programme and others with whom the user transacts.
Interestingly, Google and Paytm have taken contrarian views on the data localisation issue.
While Paytm has been in favour of storing and processing critical data like payments within India, Google's stance has been to allow free flow of data.
"...Google Pay...has the scope of using their customer's data for their monetary gains with complete disregard of the user's need for privacy," Paytm argued.
It alleged that critical payments data collected by Google "is being processed and stored outside of India which can have severe security implications in case of a data breach as their policy states that this data is also being disclosed with advertisers and third parties".
It hoped that NPCI "would re-visit the payments policy of Google Pay for India". A copy of the letter has also been marked to IT Secretary, Ajay Sawhney.
Paytm has also written to industry body IAMAI emphasising its stance that India has taken a bold step in strengthening data sovereignty through dynamic measures like data localisation.
It has asked the Internet and Mobile Association of India (IAMAI) to incorporate Paytm's views in the final submission to IT Ministry on the draft Personal Data Protection Bill.