This Privacy Policy explains how Secure Transact Solutions (Private) Limited, using the SahulatPay brand, may collect, use, retain, disclose and otherwise process personal data in connection with the SahulatPay platform and services.
SahulatPay is committed to handling your personal information transparently and only for legitimate purposes, in accordance with applicable laws.
Effective Date: 26th March 2026
This Privacy Policy applies to personal data processed in connection with SahulatPay accounts, onboarding, use of the SahulatPay platform, payment and related services, support interactions, complaint and dispute handling, compliance reviews and security controls. It is intended to explain what information may be collected, where it may come from, why it may be used, how it may be shared and what choices may be available to you.
For general questions about this Privacy Policy or the handling of personal data, you may contact SahulatPay through the details below.
Contact point | Details |
|---|---|
Legal entity | Secure Transact Solutions (Private) Limited |
Brand | SahulatPay |
info@sahulatpay.pk | |
Phone | +92-21-33540360 |
Address | 32C, 3rd Floor, 13th Street, Bukhari Commercial, D.H.A. Phase 6, Defence Housing Authority, Karachi, 75500, Pakistan |
Website | https://sahulatpay.pk |
Depending on how you use SahulatPay, the information processed may include:
SahulatPay does not knowingly collect personal data from persons under 18 years of age for account opening or use, unless a minor-specific product is expressly offered in accordance with applicable law. If we become aware that personal data has been collected from a minor without a valid legal basis or required authorization, we may delete or anonymize such data, subject to applicable legal, regulatory, fraud-prevention, and record-retention obligations.
SahulatPay may obtain information directly from you, automatically through your use of the platform and services, from your device or browser settings, from services, channels, or providers you authorise or use, from merchants or counterparties involved in a transaction, from partner institutions or service providers, and from third-party sources permitted by law.
SahulatPay may use personal data and related information for purposes including account opening and maintenance, service delivery, authentication, customer support, complaints and disputes, transaction processing, fraud prevention, sanctions screening, risk management, security monitoring, product improvement, analytics, legal and regulatory compliance, service communications, marketing where permitted, and protection of SahulatPay, its users, merchants, partners and the public.
SahulatPay may share personal data and related information on a confidential and need-to-know basis with affiliates, partner institutions, payment processors, merchants, agents, service providers, cloud or technology vendors, call centre or support providers, auditors, professional advisers, regulators, competent authorities and other parties where this is necessary for the operation of the platform and services, transaction processing, dispute handling, risk management, fraud prevention, legal compliance, corporate governance or protection of rights. SahulatPay does not sell personal data. Information may also be shared with counterparties, merchants or partners to the extent reasonably necessary to complete, verify, review, reconcile, reverse or investigate a transaction or request.
SahulatPay may use device identifiers, SDKs, in-app analytics tools, permissions, and similar technologies to recognise users, remember preferences, secure sessions, operate features, measure performance, reduce fraud, improve usability, support analytics, and help deliver content or communications. Your device may also allow you to control certain permissions relating to camera, microphone, location, storage, or notifications. Restricting permissions may limit some features.
SahulatPay may send account, service, security, legal, verification, transaction, support and other operational messages that are necessary for use of the platform or compliance with law. SahulatPay may also send promotional or marketing communications about its own services or related offerings where permitted. Operational notices cannot always be opted out of where they are necessary for the service or required by law, but promotional communications may be disabled through available settings or another opt-out method where offered.
SahulatPay may retain personal data and related records for the duration of the customer relationship and thereafter for up to ten (10) years, or for any longer period required or permitted by applicable law, regulatory requirements, dispute preservation, audit needs, fraud prevention, recovery efforts, litigation holds or other legitimate operational purposes. If an account is closed, SahulatPay may take steps to restrict or mask certain information while still retaining and accessing data to the extent needed for lawful purposes.
Subject to applicable law, technical feasibility, SahulatPay’s operational requirements and the rights of others, you may request access to certain personal data, correction of inaccurate information, updates to profile details, restriction of certain optional permissions or deactivation of certain promotional preferences. SahulatPay may request verification of identity before acting on a request and may decline a request where law, security, fraud controls, legal privilege, third-party rights or other valid grounds prevent full compliance.
SahulatPay maintains administrative, physical and technical safeguards designed to reduce the risk of accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or misuse of personal data. These safeguards may include access controls, need-to-know restrictions, encryption or tokenisation where appropriate, monitoring, logging, review processes, vendor controls and physical security measures. SahulatPay uses TLS/SSL or equivalent encryption for data in transit and applies access controls, need-to-know restrictions, monitoring, and tokenisation where appropriate. No security system is perfect, so you also remain responsible for protecting your password, MPIN, device access and account details.
If your account is closed, suspended or inactive, SahulatPay may retain and continue to process data to the extent required for compliance, record keeping, risk review, disputes, recoveries, legal proceedings, audit trails, fraud prevention and protection of rights. Transaction history and other service records may remain available only in accordance with system capability, support processes, retention rules and applicable law.
SahulatPay may amend this Privacy Policy from time to time to reflect changes in law, regulation, technology, operational practices, products, services or risk controls. The updated version may be made available through the SahulatPay platform, website or another approved communication channel, and continued use of the services after the effective date of an updated version may constitute acceptance to the extent permitted by law.
The SahulatPay app may use third-party SDKs or analytics tools for performance monitoring, crash reporting, security, fraud prevention, or usage analytics. Such tools may collect device identifiers, technical diagnostics, and usage information in accordance with their own privacy practices and applicable law.
