Reference

How y60 Handles Your Personal Data

At y60, we treat your personal data with the same care we apply to your account security — collected only for clear purposes, stored securely, and never sold…

No data sold to third partiesAccount data encrypted at restData requests handled within 30 daysIndia-region data practices applyUPI, Paytm, PhonePe transaction data protected

Explore the Lobby Read FAQ

What This Policy Covers and Where It Applies

y60 Service availability depends on jurisdiction. It is the user's responsibility to check local law before access.

This privacy policy applies to all personal data processed by y60 in connection with account registration, deposits, withdrawals and support interactions. Access to our platform depends on local law and is available where local law permits. When you make a deposit via UPI, Paytm or PhonePe,

1
we receive transaction reference data — we do not store your UPI PIN or PhonePe credentials. Account identifiers, device data, IP addresses and browsing behaviour within the platform are collected to deliver services and detect unauthorised access. We retain transaction records for the period required under
2
applicable Indian financial regulations, after which they are securely deleted or anonymised. Any material change to this policy will be communicated to you via the email address linked to your account before the change takes effect.

Service availability depends on jurisdiction. It is the user's responsibility to check local law before access.

REACH OUR PRIVACY TEAM

Contact Us About Your Data

If you have a question about how your data is used, want to request a copy of your records, or need to report a data concern…

HOW WE PROTECT YOUR DATA

Our Data Handling and Security Practices

Security and transparency are not afterthoughts in how we run y60 — they are built into every layer of account handling, from the moment you register to every deposit you make via…

Encryption at Every Layer

All personal data stored on our servers is encrypted using AES-256. Data in transit between your device and our platform — including UPI and Paytm payment flows — travels over TLS 1.3 so it cannot be intercepted in transit.

Cookie Consent and Control

We use functional cookies to keep your session active and analytics cookies to understand how the lobby is used. You can review and withdraw cookie consent at any time via the cookie settings panel in your account dashboard.

Account Access Security

Two-factor authentication is available on all y60 accounts. We log every login attempt — successful or failed — and will alert you by email if we detect a sign-in from an unrecognised device or location.

Data Retention Schedule

We hold your account data for as long as your account is active. If you close your account, we retain transaction records for the period prescribed by Indian financial regulations and delete all other personal data within 90 days.

Who Can Access Your Data

Only authorised y60 staff with a documented operational need can access personal data. Third-party payment processors — including the UPI and PhonePe networks — receive only the minimum data required to complete your transaction.

Requesting Changes to Your Data

You can request correction of inaccurate personal data, a full export of your account data, or deletion of your account at any time. Submit the request through your account settings or contact the privacy team by email — we will act within 30 days.

Privacy Policy — Questions We Hear Most

These are the questions our account holders ask most often about privacy, data rights and how we manage personal data at y60. If your question is not answered here, reach our privacy team through any of the contact channels listed above.

We collect your name, email address, date of birth, phone number and the payment identifiers associated with your UPI, Paytm or PhonePe account. We also collect device data and IP address to protect your account from unauthorised access.

We do not sell your data. We share it only with payment processors like the UPI network, Paytm and PhonePe — and only the minimum fields they need to complete a transaction. We may also share data with regulators if required by Indian law.

Transaction records are held for the period required by applicable Indian financial regulations. All other personal data — profile details, session logs, device identifiers — is deleted within 90 days of account closure.

Yes. Submit a data export request through the Privacy section in your account settings or email our privacy team. We will compile and send a structured copy of your account data to your registered email address within 30 days.

Go to Settings then Privacy in your account dashboard and submit a correction or deletion request. Alternatively, email the privacy team with your registered account address in the subject line. We aim to resolve all such requests within 30 days.

We use session cookies to keep you logged in, functional cookies to remember your lobby preferences, and analytics cookies to see which sections of the platform are visited most. You can adjust or withdraw consent for non-essential cookies in your account settings at any time.

Contact our privacy team immediately via live chat or email. We will review your account access logs, lock the account if there is any sign of unauthorised activity, and notify you of our findings within 48 hours so you can decide next steps.

How y60 Handles Your Personal Data

Contact Us About Your Data

Our Data Handling and Security Practices

Encryption at Every Layer

Cookie Consent and Control

Account Access Security

Data Retention Schedule

Who Can Access Your Data

Requesting Changes to Your Data

Privacy Policy — Questions We Hear Most

01 What personal data does y60 collect when I open an account?

02 Does y60 share my data with third parties?

03 How long does y60 keep my personal data after I close my account?

04 Can I request a copy of all the data y60 holds about me?

05 How do I ask y60 to correct or delete my personal data?

06 What cookies does y60 use and how can I control them?

07 What should I do if I think my y60 account data has been accessed without my permission?

Related Pages