Privacy Policy

Last Updated: May 20, 2026

Onsys Infotech ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the TokenX platform across web and mobile applications.

1. Information We Collect

We collect information that you provide directly to us, as well as information generated through your use of our services:

  • Account Information: Name, phone number, email address, and business details (for Hosts) or personal profile details (for Users).
  • Queue & Booking Data: Token IDs, appointment times, service categories, and check-in status.
  • Device Information: We may collect data about the device you use to access TokenX, including hardware model, operating system, and unique device identifiers for push notification delivery.
  • Transaction Data: Subscription details and payment history. Note that raw payment credentials (card numbers, PINs) are handled exclusively by our secure payment partner, PhonePe.

2. How We Use Your Information

We use the collected information for the following purposes:

  • To provide, maintain, and improve the TokenX queue management service.
  • To facilitate real-time notifications via WhatsApp, SMS, and Push alerts.
  • To process subscription payments and top-up transactions.
  • To provide customer support and respond to your inquiries.
  • To detect and prevent fraudulent activity and ensure platform security.

3. Data Sharing and Disclosure

We do not sell your personal data to third parties. We only share information with trusted service providers strictly necessary for our operations:

  • Communication Providers: Meta (WhatsApp) and Twilio for delivering queue alerts.
  • Payment Processors: PhonePe for secure transaction handling.
  • Cloud Infrastructure: Secure hosting providers (Microsoft Azure/Firebase) for data storage and processing.

4. Data Retention & Deletion

We retain your information as long as your account is active. Users can request account deletion at any time via the profile settings in the app. Upon a valid deletion request, we perform a surgical cleanup of your personal identifiers from our production databases, retaining only anonymized logs for financial compliance.

5. Security Measures

We implement industry-standard security protocols, including AES encryption for sensitive data and secure OAuth2 authentication for API access. While we strive to protect your data, no method of transmission over the internet is 100% secure.

6. Contact Us

If you have any questions or concerns regarding this Privacy Policy or our data practices, please reach out to us:

Email: [email protected]

Your privacy is our priority.

Contact Data Officer