Security
How Feezy keeps your fees safe.
Every rupee flows through RBI-regulated payment gateways - Razorpay, Easebuzz, Cashfree and PayU. Member data is encrypted at rest and in transit. Access is role-based across owners, branch admins, and staff. Audit logs cover every fee change, payment, and refund.
RBI-regulated payment rails
Razorpay, Easebuzz, Cashfree and PayU process every transaction under the Reserve Bank of India's payment-aggregator licence. Feezy never holds member funds directly. All gateways are PCI-DSS compliant - card numbers and bank credentials are never stored on Feezy's servers. (Specific gateways vary by institute type - all are RBI-regulated and PCI-DSS compliant.)
AES-256 encryption
Member PII, fee records, and receipts are encrypted at rest using AES-256 and in transit via TLS 1.3. Data is stored on servers located in India.
Role-based access control
Owners, branch admins, fee admins, and staff each get only the data and actions they need. Access levels are set by the institute owner and can be changed at any time. A full audit trail records every action per role.
Daily backups and disaster recovery
Encrypted daily snapshots with a 30-day retention window. Recovery procedures are tested quarterly to ensure data can be restored within the defined RTO.
WhatsApp and UPI security
Feezy sends payment links via WhatsApp using the official WhatsApp Cloud API. UPI payments are processed by Razorpay, Easebuzz, Cashfree and PayU - Feezy does not sit in the payment flow. Members pay directly to your institute's bank account.
Your Data Is Yours
Export your member list, fee schedules, and complete transaction history as CSV at any time - directly from your dashboard, no support ticket required.
If you stop using Feezy, your data is retained for 90 days from account closure and then permanently deleted from Feezy’s servers. You can initiate a full data export at any point during that window.
Responsible Disclosure
If you discover a security vulnerability in Feezy, please report it to security@feezy.one. We review all reports and respond within two business days. We do not pursue legal action against researchers who follow responsible disclosure practices.
Compliance
Feezy is designed around compliance with the Digital Personal Data Protection Act (DPDPA) 2023 and RBI payment-gateway guidelines. We update our controls as regulations evolve. Read our Privacy Policy and Terms of Service for full details. For specific compliance questions, contact hello@feezy.one.
Frequently Asked Questions
Questions about how we handle your data?
We’re happy to walk you through our controls, share policy docs, and answer compliance questions. We usually reply within four hours.
Contact our teamSee also: Pricing · Why Feezy · Privacy Policy · Terms of Service.