Privacy Policy
How we collect, use, share, and protect your information.
Last updated: 27 May 2026 · Effective from: 27 May 2026
This Privacy Policy explains how AdsReverb Technologies (“PaisaTask”, “we”, “us”) collects, uses, discloses, and protects your information when you use the PaisaTask mobile application and website (the “Service”).
By using PaisaTask, you agree to this Privacy Policy. If you do not agree, please do not use the Service.
1. Who we are
PaisaTask is a cashback rewards platform operated by AdsReverb Technologies, an Indian entity. We can be reached at:
- Email: support@paisatask.com
- Grievance Officer (India, IT Act 2000): grievance@paisatask.com
- Website: https://paisatask.com
2. Eligibility
PaisaTask is available only to users aged 18 years or older. We do not knowingly collect information from minors. If you believe a minor has registered, please contact us and we will delete the account.
3. Information we collect
3.1 Information you provide directly
- Account: phone number, email address, full name, date of birth (optional).
- KYC (only when required for higher withdrawal tiers): PAN, Aadhaar number, address, selfie/face photo, photo of identity document.
- Payout details: UPI ID, Paytm number, bank account number, IFSC code — used solely to send you your earnings.
- Support: any messages, screenshots, or attachments you send us.
3.2 Information collected automatically
- Device: device model, OS version, Android Advertising ID, language, time zone, app version.
- Network: IP address, approximate location derived from IP, mobile carrier, connection type.
- Activity: offer views, offer completions, clicks, sessions, in-app actions, scratch card and spin wheel results, daily check-ins.
- Diagnostics: crash logs, performance metrics, error messages.
- Integrity signals: Google Play Integrity verdict, Apple App Attest assertions, device fingerprint hash (SHA-256), emulator/root detection, used to prevent fraud.
3.3 Information from third parties
- Offer providers (BitLabs, CPX Research, Pollfish, Tapjoy, Adjoe, AdGem, AdGate Media, Torox, RevU, OfferDaddy, AdsReverb/Affise) send us postback notifications confirming you completed an offer, including provider transaction ID and reward amount.
- OTP providers (2Factor) confirm successful delivery and verification of one-time passwords.
- Fraud signal providers (IPQualityScore) return risk scores for your IP address.
- KYC providers (Surepass) verify your Aadhaar/PAN against government databases.
- Payment processor (Cashfree Payments) confirms successful, pending, or failed payouts.
4. How we use your information
| Purpose | Data used |
|---|---|
| Create and manage your account | Phone, email, name, date of birth |
| Authenticate you via OTP | Phone number |
| Credit rewards from completed offers | User ID, offer provider postbacks |
| Process withdrawals | Name, payout details, KYC documents |
| Comply with Indian KYC / AML / tax regulations | PAN, Aadhaar, address (high-tier only) |
| Prevent fraud and abuse | Device ID, IP, fingerprint, integrity verdicts, activity patterns |
| Personalise the Service | Activity history, tier, language |
| Send transactional messages (OTP, payout confirmations, security alerts) | Phone, email |
| Respond to support requests | Email or in-app message contents |
| Analyse aggregated trends and improve the Service | De-identified activity data |
5. How we share your information
We do not sell your personal information. We share data only with:
- Offer providers — your anonymised user ID (sub1) is sent to providers when you start an offer so they can attribute completions back. No personally identifiable information (name, phone, email, address) is shared with them.
- Cashfree Payments (RBI-authorised Payment Aggregator) — your name, payout details (UPI ID or bank account), and withdrawal amount are sent when you cash out.
- 2Factor — your phone number is sent when we deliver an OTP.
- Surepass — your PAN/Aadhaar number and selfie are sent during KYC verification only.
- IPQualityScore — your IP address is sent for fraud scoring.
- Supabase (our cloud database and authentication provider) — all of the above data is stored on Supabase infrastructure.
- Law enforcement — when compelled by a valid legal order from Indian authorities, or to comply with the IT Act 2000 and CERT-In rules.
6. Data retention
- Account data: retained as long as your account is active.
- Financial records (withdrawals, KYC): retained for 8 years after the transaction date, as required by Indian tax and AML law.
- Fraud signals (device IDs, IPs, integrity verdicts): retained for up to 24 months for fraud investigation.
- Crash and diagnostic logs: retained for 90 days.
- When you delete your account, we delete or anonymise your personal data within 30 days, except where retention is legally required.
7. Your rights
Under the Indian Digital Personal Data Protection Act 2023, you have the right to:
- Access the personal data we hold about you.
- Correct inaccurate or incomplete data.
- Delete your data — available in the app at Profile → Settings → Delete Account.
- Withdraw consent (note: this may make parts of the Service unusable).
- Nominate another person to exercise your rights in case of incapacity or death.
- File a grievance with our Grievance Officer (see Section 1) — we will respond within 30 days.
8. Security
We take security seriously:
- All data in transit is encrypted using TLS 1.2 or higher.
- Sensitive fields (payout details, KYC documents) are encrypted at rest.
- Row-Level Security policies on our database restrict access to your own records.
- OTP codes are valid for 5 minutes and tied to a single device session.
- Biometric authentication (Face ID / fingerprint) is available for app unlock.
- We run automated fraud detection on every offer and withdrawal.
No system is 100% secure. If we discover a breach affecting your data, we will notify you and the relevant Indian authorities (CERT-In) within 72 hours as required by law.
9. Children
PaisaTask is not directed to children under 18. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal information, please contact us and we will delete it.
10. International transfers
Your data is primarily stored on infrastructure located in India and Singapore. Some processors (e.g. survey research panels) may process data in other jurisdictions. Where we transfer data internationally, we ensure equivalent protection through contractual safeguards.
11. Cookies and similar technologies
Our mobile app does not use browser cookies. Our website uses essential cookies for session management and security only — no advertising cookies, no cross-site tracking. Some offer providers may use cookies inside their own offer walls (loaded in WebView) — these are governed by the provider’s own privacy policy.
12. Changes to this policy
We may update this policy from time to time. Material changes will be notified in-app and by email. The “Last updated” date at the top reflects the latest revision.
13. Contact
General privacy questions: support@paisatask.com
Grievance Officer (India): grievance@paisatask.com
Data deletion request: in-app via Profile → Settings → Delete Account, or email support@paisatask.com with subject “Delete my data”.