Neo Pay stores tenant, session, driver, payout, and provider-response data needed to operate payout workflows. Driver phone numbers and bank details are stored only for payout access and settlement operations.
Provider credentials are kept in tenant-specific integration settings. Session cookies are httpOnly, tenant-scoped through application logic, and expire automatically.
Support and operational staff should access only the tenant data they are authorized to operate. Audit and intervention records are retained to explain provider failures and payout state transitions.