FlazhPay is designed to comply with the NDPA 2023 data-protection framework by architecture, not as an afterthought. This statement summarizes the key design decisions that make that true.
All FlazhPay artificial intelligence — fraud detection, dispute assistance, identity verification, voice and photo resolution, and Trust Score computation — runs on infrastructure we control. No transaction data, identity records, or behavioral profiles are transmitted to external AI providers such as OpenAI, Anthropic, or Google. This eliminates the cross-border transfer risk that arises when financial data is sent to foreign AI APIs without explicit consent and transfer agreements.
Payment processing relies on the contract we have with you and the direct-debit mandate you explicitly authorize with your bank via OTP. Optional features (such as liveness verification and, in future, consent-based identity or credit signals) operate on explicit, revocable consent.
You may exercise your NDPA rights of access, rectification, erasure, restriction, and objection by contacting privacy@flazhpay.com. We respond within the timelines the Act prescribes.
AES-256 encryption at rest, TLS in transit, role-restricted and logged access, and continuous AI-driven anomaly monitoring on our own infrastructure.
Data Protection inquiries: privacy@flazhpay.com.