As uncovered by investigative news website Cobrapost’s sting operation video, one of the senior executives of Paytm is allegedly seen claiming that the digital payments giant had shared personal data of users to a political party on request of the PMO (Prime Minister’s Office) during the stone-pelting protests in Jammu and Kashmir earlier last year.

Attached below, the video in question titled ‘Operation-136 II’ shows Paytm’s Senior vice president Ajay Shekhar Sharma (brother of founder and CEO Vijay Shekhar Sharma) is shown narrating to the Cobrapost journalist the incident of the PMO contacting them and asking for the data of its users to identify whether any of them were stone-pelters that participated in the protest or not. In the video, Ajay is allegedly seen saying,

We got a call personally from the PMO asking us to give them the data. They said that maybe there were Paytm users (among the stone-pelters).

The idea being that any stone pelters caught on camera might be caught by authorities through their Paytm details.

This incident of a massive breach of user privacy came to light after undercover journalist Pushp Sharma, who claimed to be “Acharya Chhatra Pal Atal” from an NGO called Shrimad Bhagavad Gita Prachar Samiti. He claimed to be part of an NGO that was affiliated to the hardline Hindu right-wing group RSS (Rashtriya Swayamsevak Sangh) and visited the Paytm offices to speak about a campaign they want to run on the platform.

During the conversation that appears to take place at a restaurant, Ajay Sharma simply makes his political affiliations known and declares knowing several top BJP and RSS members well. He also seemed astounded by the fact that these contacts had not approached them about Atal’s plans in their earlier conversations:

This is such a big thing, what can I say; I have done many things for the Sangh, some of which I can’t even tell you. RSS is in my blood, I have attended RSS shakhas too.

Though the video shows Ajay sharing the story with the Cobrapost journalist, there’s no word on whether Paytm complied with the PMO’s request or not. And the company has taken to social media to explicitly deny any and all allegations that have been making the rounds of the Internet all night:

Paytm may deny it but this response is as government-like as it gets. It’s just a different version of the same ‘Aadhar is Secure’ mantra that UIDAI seems to be chanting in the hope that all security issues will disappear.If Paytm did share user data with the government, it would be in violation of their privacy policy. The company’s explicitly states that ‘We will not sell, share or rent your personal information to any 3rd party or use your email address/mobile number for unsolicited emails and/or SMS.’

The sting operation, however, allegedly reveals that our personal data may not be totally secure in the hands of a digital payments giant and that it may have sold it to other third-parties out there. It even raises serious questions about the current government and how it has used Indian businesses to push the Hindutva agenda through ultra-right-wing groups.