Reference

How thunderpick Handles Your Personal Data

This Privacy Policy sets out exactly what personal data we collect when you open and use your thunderpick account, how we store and protect it, and what rights…

Data collected only as neededAccount security via encryptionRight to access your dataRetention periods disclosedContact us to request changes
explore lobby Read FAQ
thunderpick How thunderpick Handles Your Personal Data
REACH OUR TEAM

How to Contact Us About Your Privacy

If you have a question about how your data is handled, want to request a copy of what we hold, or need to report a concern, our support team is available around…

Email Privacy Desk Send your data-access or deletion request to our dedicated privacy email address. We acknowledge all requests within one business day and aim to resolve them fully within 30 days.
Live Chat Support Connect directly with our support team via the live chat window inside your account. For privacy queries, ask to be routed to the data-handling team and we will escalate immediately.
Help Centre Ticket Submit a formal privacy ticket through the Help Centre in your account dashboard. Tickets are tracked with a reference number so you can follow progress end to end.
DATA HANDLING PRACTICES

How We Protect and Manage Your Data

We apply industry-standard encryption to all data in transit and at rest, and we restrict internal access to your personal information on a need-to-know basis.

Encryption in Transit

All data moving between your device and our servers is encrypted using TLS protocols. This applies to your login session, any UPI or Paytm transaction, and every account settings update you make.

Cookie Policy

We use strictly necessary cookies to keep your session active and functional cookies to remember your preferences. Analytics cookies are deployed only with your consent, and you can withdraw that consent via your account settings at any time.

Account Security

Your account is protected by password hashing and, where you choose to enable it, two-factor authentication. We flag unusual login attempts automatically and notify you immediately when a new device accesses your account.

Data Retention

We hold identity and transaction data for the period required under applicable local law. Profile and behavioural data is deleted or anonymised once it is no longer necessary for the purpose it was collected, and you can request early deletion in writing.

Third-Party Sharing

We share data only with the payment processors — including UPI rails, Paytm and PhonePe networks — and identity-verification partners needed to run your account. No data is passed to advertisers or unrelated third parties.

Your Right to Access

You can request a full export of the personal data we hold on your account at any time. Submit the request via the Help Centre or privacy email desk, and we will deliver a structured data file within 30 days of verification.

Your Most Common Privacy Questions

Below you will find answers to the questions we hear most often about data collection, storage, rights and how to get in touch. If something is not covered here, open a support ticket and our team will respond in detail.

We collect your name, email address, date of birth and contact number during registration. When you add a payment method such as UPI or Paytm, we record the payment identifier needed to process transactions on your account.

Payment identifiers are passed securely to the relevant payment processor and are not stored in plain text on our servers. We retain only the reference needed to reconcile your transaction history and meet applicable financial record-keeping obligations.

Yes. Submit a data-access request through the Help Centre or to our privacy email desk. We verify your identity first, then deliver a structured export of your account and transaction data within 30 days of the confirmed request.

Send a deletion request via live chat or the Help Centre ticket system. We will close your account and remove or anonymise personal data that is not subject to a mandatory retention period under local financial or legal regulations.

We share data only with payment processors and identity-verification partners required to operate your account. We do not sell your data or pass it to advertising networks, and all third-party processors are bound by contractual data-protection obligations.

Transaction and identity records are retained for the period required under applicable local law, which typically covers financial audit obligations. Behavioural and session data not subject to legal hold is deleted or anonymised within 90 days of account closure.

Reach out to our privacy desk by email or raise a formal ticket in the Help Centre. We acknowledge privacy concerns within one business day and aim to resolve them fully within 30 days, keeping you updated throughout the process.

Related Pages

Arctic Spins Register Odin FAQ