KYC Policy

CORPSE

The Operating System for Esports

KYC & KYC Modification

Terms & Conditions

Verification • Data Handling • Modification Process • Financial Impact

Binding on: All KYC-Verified Users | Captains | Organisers

By submitting KYC information or initiating a KYC modification request on the Corpse platform, you confirm that you have read, understood, and agree to be bound by these Terms & Conditions in their entirety.

PART I — INTRODUCTION & SCOPE

1. What KYC Is & Why It Is Required

Know Your Customer ("KYC") is the process by which the Company verifies the identity and financial details of users who wish to participate in financial transactions on the Corpse platform. KYC is a mandatory regulatory requirement under the Prevention of Money Laundering Act, 2002 (PMLA) and Reserve Bank of India (RBI) guidelines for any platform that facilitates the movement of money between users.

On the Corpse platform, KYC serves three specific purposes:

• Identity verification — confirming that the user is who they claim to be, using government-issued identity documents.
• Financial verification — confirming that the user's bank account details are valid and belong to them, to ensure prize money and settlement payments are disbursed to the correct and verified recipient.
• Regulatory compliance — satisfying the Company's obligations under PMLA, RBI payment aggregator guidelines, and income tax regulations including TDS deduction and reporting.

Note: KYC is not required to create an account or to use the Platform's free features. It is required only when a user initiates a financial transaction — specifically when acting as a Captain paying an entry fee, receiving prize money, or receiving an organiser settlement.

2. Who This Document Applies To

These KYC & KYC Modification Terms & Conditions ("KYC Terms") apply to:

• All users who have completed or are in the process of completing KYC verification on the Platform.
• All users who wish to modify any KYC detail previously submitted to the Platform.
• Players acting as Captains of paid arena squads.
• Organisers who deposit security pools and receive arena settlements.

These KYC Terms must be read alongside the Money Deposit & Receive Policy and the Corpse Terms & Conditions of the Platform, all of which together constitute the binding financial framework governing your use of the Platform.

3. Governing Legal Framework

PART II — KYC REQUIREMENTS ON CORPSE

4. Who Must Complete KYC

KYC verification is mandatory for the following users and activities on the Platform:

5. Who Is Exempt from KYC

6. When KYC Is Triggered

KYC is not required at the time of account creation. It is triggered at the point when a user first attempts to initiate a financial transaction on the Platform — specifically:

• When a user first attempts to pay an entry fee as Captain — the Platform will prompt KYC completion before the payment can proceed.
• When an organiser first attempts to deposit a security pool — the Platform will prompt KYC completion before the deposit can proceed.
• The Platform will not permit any financial transaction to be initiated by a user who has not completed KYC verification.

PART III — KYC VERIFICATION PROCESS

7. eKYC Service Provider

The Company uses the services of an authorised third-party eKYC API service provider ("eKYC Provider") to conduct digital identity and financial verification. The eKYC Provider is a UIDAI-authorised entity for Aadhaar-based verification and operates in compliance with all applicable Indian regulatory requirements.

The identity of the eKYC Provider is not disclosed publicly for security and operational reasons. All verification performed by the eKYC Provider is conducted under the Company's instruction and within the regulatory framework described in these KYC Terms.

Note: By submitting your KYC details on the Platform, you consent to your information being shared with and processed by the eKYC Provider and Razorpay for the purposes described in these KYC Terms.

8. Verification Types Performed

The KYC process on the Platform comprises three distinct verification types, all of which must be successfully completed before a user's KYC status is activated:

9. Aadhaar OTP Verification Flow

The Aadhaar-based eKYC verification on the Platform uses the OTP-based authentication method authorised by UIDAI. The process is as follows:

• Step 1 — The user enters their 12-digit Aadhaar number in the designated field within the Platform or eKYC portal.
• Step 2 — The user provides explicit consent for Aadhaar-based eKYC verification, as required under the Aadhaar Act, 2016.
• Step 3 — The eKYC Provider sends a One Time Password (OTP) to the mobile number registered with the user's Aadhaar (the Aadhaar-linked mobile number).
• Step 4 — The user enters the OTP within the validity window to authenticate the verification.
• Step 5 — Upon successful OTP entry, the eKYC Provider retrieves the user's demographic details from UIDAI's database and confirms identity verification.

Important: The OTP for Aadhaar eKYC is sent to your Aadhaar-linked mobile number — not your Corpse-registered email or phone. If your mobile number is not linked to your Aadhaar, you will not be able to complete Aadhaar-based eKYC. Contact UIDAI to update your Aadhaar-linked mobile number before attempting KYC on the Platform.

10. PAN Verification Flow

PAN verification is performed to confirm the user's tax identity for TDS deduction and reporting purposes:

• Step 1 — The user enters their 10-character Permanent Account Number (PAN).
• Step 2 — The eKYC Provider verifies the PAN against the Income Tax Department's database to confirm it is valid, active, and matches the name provided.
• Step 3 — Verification result is returned to the Platform — confirmed or failed.
• Step 4 — If PAN verification fails, the user is notified and must provide a valid PAN to proceed.

Note: The name on your PAN must match the name provided during Aadhaar verification. A mismatch between PAN name and Aadhaar name will result in KYC rejection. Ensure both documents reflect the same legal name before initiating KYC.

11. Bank Account Verification Flow

Bank account verification confirms that the user's bank account is valid, active, and belongs to them — ensuring prize money and settlement payments are disbursed correctly:

• Step 1 — The user enters their bank account number, IFSC code, and account holder name.
• Step 2 — The eKYC Provider performs a penny drop or bank account verification check — a small nominal amount is credited and reversed to confirm the account is active and the details are correct.
• Step 3 — Verification result confirms the account is valid and belongs to the user.
• Step 4 — Verified bank account details are stored and used for all future prize disbursements and settlement payments.

Note: Only one bank account can be linked to a KYC-verified Platform account at any time. If you wish to change your bank account, you must submit a KYC modification request as described in Part VI of these Terms.

12. Hybrid Verification Experience

The KYC verification process on the Platform is a hybrid experience — certain steps are completed within the Corpse app itself, while other steps involving direct interaction with the eKYC Provider's secure systems are completed on a page or interface provided by the eKYC Provider outside the app environment.

• In-app steps include: entering your Aadhaar number, PAN, and bank account details; providing consent for eKYC; and viewing verification status updates.
• Redirected steps include: OTP entry for Aadhaar authentication and any document liveness or identity confirmation steps managed by the eKYC Provider's secure interface.

This hybrid approach ensures that sensitive authentication steps — particularly Aadhaar OTP entry — are handled within the eKYC Provider's regulated and secure environment, minimising the risk of data interception.

PART IV — KYC DATA HANDLING & PRIVACY

13. What Corpse Stores

Upon successful completion of KYC verification, the Company stores the following on its own servers:

• KYC verification status — verified, pending, or rejected.
• Masked Aadhaar number — only the last 4 digits are stored on Corpse servers. The full 12-digit Aadhaar number is never stored by the Company.
• PAN number — stored in encrypted form for TDS deduction and reporting purposes.
• Verified bank account details — account number (masked), IFSC code, and account holder name — stored in encrypted form for disbursement purposes.
• KYC completion timestamp — date and time of successful verification.
• eKYC reference ID — the transaction reference number provided by the eKYC Provider for the verification session.

14. What the eKYC Provider Stores

The eKYC Provider stores the following on their own regulated and secure infrastructure:

• Full Aadhaar eKYC data — retrieved from UIDAI upon successful OTP authentication, including name, date of birth, address, and photograph as per UIDAI records.
• Aadhaar XML / eKYC XML — the digitally signed XML file returned by UIDAI containing the user's demographic data.
• PAN verification records — the verification query and response from the Income Tax Department's database.
• Bank account verification records — the penny drop or verification query and result.
• Verification session logs — timestamps, IP addresses, and session metadata for audit and regulatory compliance.

The eKYC Provider retains this data in accordance with their own privacy policy and applicable regulatory requirements including UIDAI guidelines, PMLA, and RBI data retention mandates. The Company does not control the eKYC Provider's data retention policies.

15. Data Sharing — Razorpay

The Company shares the following KYC-verified data with Razorpay India Private Limited, our payment gateway partner, strictly for the purpose of processing financial transactions:

• Verified bank account details — for prize disbursement and organiser settlement transfers.
• PAN number — for TDS deduction and reporting to the Income Tax Department.
• Name as per KYC — for payment beneficiary identification.

This data sharing is mandatory for regulatory compliance and cannot be opted out of. By completing KYC on the Platform, you consent to this data being shared with Razorpay for the stated purposes.

16. No Sale of KYC Data

The Company does not sell, rent, trade, or otherwise transfer your KYC data to any third party for commercial, marketing, or any other purpose. KYC data is shared only with the eKYC Provider (for verification) and Razorpay (for payment processing) — both of which are mandatory for the operation of the Platform's financial features.

Important: If you receive any communication claiming to be from Corpse asking for your Aadhaar number, OTP, bank password, or any other sensitive financial credential outside of the official KYC flow within the Corpse app — it is fraudulent. Corpse will never ask for your OTP, bank password, or full Aadhaar number via email, SMS, phone call, or WhatsApp. Report such incidents immediately tosupport@corpsearena.com.

17. DPDP Act 2023 & Aadhaar Act 2016 Compliance

The Company handles all KYC data in compliance with the Digital Personal Data Protection Act, 2023 and the Aadhaar (Targeted Delivery of Financial and Other Subsidies, Benefits and Services) Act, 2016:

• Aadhaar-based eKYC is performed only with the user's explicit, informed consent as required under Section 8 of the Aadhaar Act, 2016.
• The full Aadhaar number is not stored by the Company — only the masked version (last 4 digits) is retained.
• Aadhaar data retrieved via eKYC is used only for identity verification and is not used for any purpose beyond what is stated in these KYC Terms.
• Users have the right to access, correct, or request erasure of their KYC data subject to legal retention requirements. Requests should be directed to legal@corpsearena.com.
• KYC data retention by the Company is governed by PMLA requirements — financial transaction records including KYC data must be retained for a minimum of 5 years from the date of the last transaction.

PART V — KYC MODIFICATION — OVERVIEW

18. What Can Be Modified

After initial KYC verification is complete, a user may request modification of any of the following KYC fields:

Note: Only the specific field being modified requires re-verification. For example, if you are only changing your bank account details, you do not need to redo Aadhaar or PAN verification — only the bank account verification step is repeated on the portal.

19. Modification via Support Request Only

KYC modification is not available as a self-service feature within the Platform's settings. All KYC modification requests must be initiated through the Platform's in-app support system. This restriction exists to:

• Ensure every modification request is reviewed by the Company's support team before being forwarded to the eKYC Provider.
• Prevent unauthorised or fraudulent modification of KYC details.
• Maintain a clear audit trail of all KYC changes for regulatory compliance.

20. One Active Request at a Time

A user may only have one active KYC modification request pending at any given time. The Platform will not accept a second modification request while a previous request is still under review. If a user wishes to change multiple KYC fields simultaneously, all changes must be included in a single modification request.

21. Non-Withdrawable Once Submitted

Once a KYC modification request has been submitted and the identity verification Magic Link has been clicked by the user — the request cannot be withdrawn, cancelled, or reversed. The financial freeze that accompanies the modification request (described in Part VII) will remain in place until the modification is either approved or rejected by the Company.

Important: Think carefully before submitting a KYC modification request. Once submitted and identity-verified, it cannot be undone. Your financial activity on the Platform will be frozen for 3 to 5 working days until the request is resolved. Do not submit a modification request unless you genuinely need to change your KYC details.

PART VI — KYC MODIFICATION — STEP-BY-STEP PROCESS

22. Step 1 — Raise In-App Support Ticket

The KYC modification process begins when the user raises a support ticket through the Platform's in-app support system. The support ticket must include:

• The specific KYC field(s) the user wishes to modify.
• The reason for the modification (e.g., bank account changed, name correction, new Aadhaar).
• A brief description of the change required.

Users should not include any sensitive document details (Aadhaar number, bank account number) in the support ticket itself. These details will be submitted securely through the portal provided in Step 4.

Note: Support tickets must be raised from within the Platform app under Settings > Support > KYC Modification Request. Requests submitted via email or other channels without a corresponding in-app ticket may not be processed.

23. Step 2 — Identity Verification via Magic Link

Upon receiving the KYC modification support ticket, the Company sends a secure, single-use Magic Link to the user's registered email address. This step is mandatory and serves as identity verification — confirming that the modification request is being made by the actual account holder and not a third party.

• The Magic Link is valid for 24 hours from the time it is sent.
• The user must click the Magic Link within 24 hours to confirm their identity and proceed with the modification request.
• If the Magic Link expires before the user clicks it, the support ticket is automatically closed. The user must raise a new support ticket to restart the process.
• Clicking the Magic Link constitutes the user's explicit confirmation of identity and consent to proceed with the KYC modification.

Important: If you receive a KYC modification Magic Link that you did not request, do not click it. Contact support@corpsearena.com immediately to report potential unauthorised access to your account.

24. Step 3 — Support Team Review & Portal Dispatch

After the user successfully clicks the identity verification Magic Link, the Company's support team reviews the modification request to confirm:

• The modification request is complete and includes all necessary information.
• The user does not already have an active KYC modification request pending.
• The request does not contain any indicators of fraudulent intent.

Upon completing the review, the support team dispatches a secure, time-limited portal link to the user's registered email address. This portal link provides access to the eKYC re-verification flow for the specific field being modified.

• The portal link is dispatched within 24 hours of the Magic Link being successfully clicked by the user.
• The portal link is valid for 24 hours from the time it is sent.
• If the portal link expires before the user accesses it, the user must raise a new support ticket to restart the process from Step 1.

25. Step 4 — User Accesses Secure Portal

The user accesses the secure portal by clicking the portal link sent to their registered email address. The portal is provided by the Company's authorised eKYC service provider and is a secure, regulated environment for KYC data submission.

• The portal will display only the specific KYC field(s) that need to be re-verified, as specified in the user's support ticket.
• The user does not need to re-verify KYC fields that are not being changed.
• The portal session is linked to the user's Platform account and support ticket reference number, ensuring the submission is associated with the correct modification request.

Note: The portal link can only be used once. Once you have completed the re-verification steps on the portal, the link is permanently invalidated. Do not share the portal link with anyone.

26. Step 5 — Field-Specific eKYC Re-Verification

Within the secure portal, the user completes eKYC re-verification for the specific field being modified. The re-verification process depends on which field is being changed:

Upon successful completion of re-verification on the portal, the eKYC Provider sends the verification result to the Company for final review.

27. Step 6 — Company Review & Decision

Upon receiving the eKYC re-verification result from the eKYC Provider, the Company reviews the result and makes a final decision on the modification request. The review timeline is 3 to 5 working days from the date the portal re-verification is successfully completed.

During the review period, the Company may:

• Approve the modification if the re-verification is successful and the new KYC details are consistent and valid.
• Reject the modification if the re-verification fails, documents are inconsistent, or the new details raise any compliance concern.
• Request additional information from the user via the support ticket if clarification is needed before a decision can be made.

28. Step 7 — Notification & Outcome

The user is notified of the outcome of their KYC modification request via both in-app notification and email to their registered email address.

If Approved:

• The new KYC details are activated on the user's account immediately upon approval.
• The financial activity freeze is lifted immediately — the user can resume paying entry fees, receiving prize money, and receiving organiser settlements.
• Any prize money held in escrow during the modification review period is released to the new KYC-verified bank account.

If Rejected:

• The rejection notification includes the specific reason for rejection.
• The financial activity freeze is lifted immediately upon rejection — the user's original KYC details remain active.
• Any prize money held in escrow during the review period is released to the original KYC-verified bank account.
• The user may resubmit a new KYC modification request immediately by raising a new in-app support ticket from Step 1.

PART VII — FINANCIAL ACTIVITY DURING KYC MODIFICATION

29. Complete Financial Freeze

From the moment a KYC modification request is confirmed — specifically from the moment the user successfully clicks the identity verification Magic Link in Step 2 — all financial activity on the user's Platform account is completely frozen. This freeze remains in place until the modification request is either approved or rejected.

Important: The financial freeze is automatic and cannot be reversed, paused, or bypassed while a KYC modification request is active. Plan your KYC modification requests carefully to avoid disruption to your tournament participation and financial activities on the Platform.

30. What Is Frozen

The following financial activities are suspended during the KYC modification review period:

Note: Free arena participation as a non-Captain squad member is not affected by the financial freeze. Only financial transactions are suspended — the user can still browse the Platform, participate in free arenas as a squad member, and access all non-financial features.

31. When the Freeze Is Lifted

The financial freeze is lifted immediately and automatically upon either of the following outcomes:

• Approval — the new KYC details are activated and all financial activity resumes under the new KYC credentials.
• Rejection — the original KYC details remain active and all financial activity resumes under the existing KYC credentials.

There is no manual step required by the user to lift the freeze — it is lifted automatically by the Platform upon the Company's decision being recorded in the system.

PART VIII — PRIZE MONEY DURING KYC MODIFICATION

32. Prize Won During Review Period

If a user wins a prize in an arena that concludes while their KYC modification request is under review — the prize money will not be disbursed immediately. Instead:

• The prize money is held in the Platform's escrow account in a pending state.
• The escrow hold is applied automatically as soon as the Platform's system detects that the winning user has an active KYC modification request.
• The user is notified via in-app notification and email that their prize is being held pending KYC modification review.

Note: Participating in a paid arena as Captain while a KYC modification request is active is not recommended, as you will not be able to pay any new entry fees during the review period. However, if you were already registered for an arena before submitting your modification request, the arena will proceed normally — only the prize disbursement will be held pending modification resolution.

33. Release Upon Approval

If the KYC modification request is approved, the held prize money is released as follows:

• The prize is disbursed to the new KYC-verified bank account — not the original bank account — immediately upon approval.
• TDS at 30% is deducted from the prize amount before disbursement as per normal prize disbursement rules.
• Bank payout fee of Rs 5.90 is deducted.
• The user is notified of the prize disbursement via in-app notification and email.

34. Release Upon Rejection

If the KYC modification request is rejected, the held prize money is released as follows:

• The prize is disbursed to the original KYC-verified bank account — the one on record before the modification request was submitted.
• TDS at 30% is deducted from the prize amount before disbursement as per normal prize disbursement rules.
• Bank payout fee of Rs 5.90 is deducted.
• The user is notified of the prize disbursement and the rejection of the modification request simultaneously.

Note: The 24-hour prize disbursement commitment in the Money Deposit & Receive Policy is paused during a KYC modification review period. The disbursement clock restarts from the moment the modification request is resolved — approval or rejection.

PART IX — REJECTION & RESUBMISSION

35. Grounds for Rejection

A KYC modification request may be rejected on any of the following grounds:

• The eKYC re-verification failed — for example, the Aadhaar OTP was not entered correctly, the PAN verification returned a mismatch, or the bank account penny drop failed.
• The new details are inconsistent with existing verified KYC details — for example, the name on the new PAN does not match the name on the existing Aadhaar record.
• The documents or details submitted raise a compliance concern — for example, an Aadhaar number that has been previously flagged, or bank account details associated with a suspicious account.
• The portal link expired before the user completed the re-verification steps.
• The request contains incomplete or insufficient information to process the modification.

36. Notification of Rejection

The user is notified of the rejection via in-app notification and email. The notification includes:

• The specific reason for rejection — clearly stated.
• The KYC fields that failed verification — if applicable.
• Guidance on what the user should check or correct before resubmitting.
• Confirmation that the original KYC details remain active and financial activity has resumed.

37. Resubmission Process

A user whose KYC modification request has been rejected may resubmit immediately — there is no waiting period before a new request can be submitted. To resubmit:

• The user raises a new in-app support ticket from Step 1 of the modification process.
• The user should address the specific reason for the previous rejection — for example, providing the correct Aadhaar number, ensuring the PAN name matches the Aadhaar name, or providing correct bank account details.
• The full 8-step modification process is repeated from the beginning for the new request.

Note: There is no limit on the number of KYC modification requests a user can submit. However, each rejected request results in an extended period of financial activity freeze — plan accordingly and ensure your new documents are correct before resubmitting.

PART X — PROHIBITED CONDUCT & CONSEQUENCES

38. Prohibited Conduct

The following conduct in connection with KYC verification or KYC modification is strictly prohibited:

• Submitting false, fabricated, forged, or another person's identity documents (Aadhaar, PAN) for KYC verification or modification.
• Submitting bank account details that do not belong to the user — including using a family member's or third party's bank account without their knowledge and consent.
• Using a KYC modification request as a mechanism to redirect prize money or settlement payments to a third party's bank account.
• Submitting multiple simultaneous KYC modification requests through multiple channels to circumvent the one-at-a-time restriction.
• Using KYC modification to evade tax obligations — for example, changing PAN details to avoid TDS deduction or reporting.
• Using KYC modification to evade financial monitoring obligations under PMLA.
• Sharing the portal link provided by the support team with any third party.
• Clicking a KYC modification Magic Link or portal link that was not requested by the account holder — this constitutes unlawful access to another user's KYC process.

39. Consequences

Any user found to have engaged in prohibited conduct in connection with KYC or KYC modification is subject to the following consequences, at the Company's sole discretion:

• Immediate suspension of the user's Platform account and financial privileges pending investigation.
• Permanent revocation of KYC status — the user will be unable to participate in any financial transaction on the Platform.
• Permanent ban from the Platform and forfeiture of all funds associated with the prohibited activity.
• Reporting to the Financial Intelligence Unit — India (FIU-IND) under the Prevention of Money Laundering Act, 2002 for suspicious financial activity.
• Reporting to UIDAI for misuse of Aadhaar-based eKYC.
• Criminal complaint under applicable provisions of the Indian Penal Code, IT Act 2000, and Aadhaar Act 2016.
• Civil legal action for recovery of any amounts fraudulently obtained through misuse of the KYC system.

PART XI — COMPANY'S RIGHTS

40. Right to Reject or Suspend

The Company reserves the right to:

• Reject any KYC verification or modification request at its sole discretion if the documents submitted are invalid, inconsistent, unverifiable, or raise any compliance concern — without being obligated to provide a detailed explanation beyond the general reason for rejection.
• Suspend a user's KYC privileges and financial activity at any time if the Company has reasonable grounds to suspect fraudulent, deceptive, or non-compliant use of the KYC system.
• Place a KYC modification request on extended hold beyond the standard 3-5 working day timeline if the Company is awaiting additional information or is conducting a regulatory compliance review — the user will be notified of any such extension.
• Permanently revoke KYC status from any user who is found to have submitted fraudulent KYC documents or engaged in any prohibited conduct listed in Section 38.

41. Right to Report to Authorities

The Company is legally obligated under the Prevention of Money Laundering Act, 2002 to report suspicious financial activity, including suspicious KYC submissions or modification requests, to the Financial Intelligence Unit — India (FIU-IND). The Company may also report:

• Misuse of Aadhaar-based eKYC to UIDAI.
• Suspected tax evasion through KYC manipulation to the Income Tax Department.
• Identity fraud to the relevant law enforcement authorities.

The Company will exercise this right without prior notice to the user where required by law or where prior notice would compromise the integrity of any investigation.

PART XII — GOVERNING LAW, DISPUTE RESOLUTION & CONTACT

42. Governing Law

These KYC Terms shall be governed by and construed in accordance with the laws of India, including the Prevention of Money Laundering Act 2002, the Aadhaar Act 2016, RBI Guidelines, the Digital Personal Data Protection Act 2023, and the Information Technology Act 2000, as amended from time to time.

43. Dispute Resolution

Any dispute arising from or in connection with these KYC Terms shall first be attempted to be resolved through good-faith negotiation by contacting support@corpsearena.com. If unresolved within 30 days, the dispute shall be submitted to binding arbitration under the Arbitration and Conciliation Act, 1996. The seat of arbitration shall be Guwahati, Assam, India. The language of arbitration shall be English.

44. Contact

For all KYC-related queries, modification requests, and disputes, contact the Company through the following channels:

These KYC & KYC Modification Terms & Conditions were last updated in April 2026 and are effective from May 1, 2026.

Version 1.0 | Corpse — [CORPSE ESPORTS PRIVATE LIMITED]

Confidential & Proprietary. All rights reserved.