Put yourself in the driver’s seat of
your financial information
This policy governs the access to and use of the Company‟s mobile application and Website (“Platform”) and the Services rendered
Terms used in this Policy shall have the same meaning as ascribed to them in the Master Direction- Non-Banking Financial Company – Account Aggregator (Reserve Bank) Directions, 2016 (hereinafter called “AA Master Directions”) and subsequent amendments thereto, unless the context indicates otherwise
Collection of “Information” and Usage of Information
- During the course of your usage of our Platform and for purpose of rendering Services, we may collect any of the following information:
- Data pertaining to your identity and related data, such as your first and last name, username or similar identifiers, gender, title, passwords, identity document and proof of addresses, purchases or orders of or through our Services, feedback, survey responses, etc.;
- Contact data, including email addresses, phone numbers, delivery addresses, business addresses, etc.,
- Data about your device, including but not limited to: i. Location – location data recorded on your device; and ii. Device Information – including hardware model, operating system and version, IMEI and serial numbers, user profile information, IP addresses, browser types and versions, time zone settings, and Wi-Fi and mobile networks.
- Usage data, including information about how you use our Services; and
- Marketing and communications data, including your preferences in receiving marketing from us and our third parties and your communication preferences.
- We also collect, use, and share aggregated data such as statistical data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data under applicable laws. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific feature of the Services. However, if we combine or connect aggregated data with your personal data, we treat the combined data as personal data, which will be treated in accordance with other terms of this Policy.
- Please note that in accordance with applicable laws, we do not store or use any financial data that you choose to share with third parties or otherwise transmit through our Services (“Financial Data”). You may use our Services to transmit and share Financial Data with third parties; however, we will not have access to such data. For more information on how your Financial Data is transmitted through our Services, please review our Terms.
- Where we need to collect personal data by law, or under the terms of the arrangement we have with you, and if you fail to provide that data as and when requested by us, we may not be able to perform our obligations under the arrangement we have with you or are trying to enter into with you (for example, to provide you with features of the Services). In this case, we may have to cancel or limit your access to the Services, but we will notify you if this is the case at the time.
- The Company may collect, store and use Information for any purpose as may be permissible under Applicable Laws, including but limited to the following:
- To fulfill/complete your requests for the services offered, subscribed or availed by you on the Platform.
- To protect integrity of the Platform, improve our platform, prevent or detect fraud or abuse of our Platform;
- To personalize your experience and better our responses to match your requirements, wherever possible.
- To improve our digital properties based on visitor profiles, servicing patterns, and their exact requirements,
- To improve customer service based on the feedback provided by the User.
- Use analytics to track the traffic patterns, sources of traffic, user preferences, referrals, etc., and use such analytics to improve the services.
- To send periodic emails/SMS to email address/phone numbers provided. These details are used to send you information and updates about your order or request, in addition to receiving periodic news/updates/promotions / related products or services provided by the Company and informative and educative material(s) that we deem appropriate.
- To trace computer resources of any person for the purposes of determining compliance with the provisions of the Information Technology Act, 2000 and / or any other law for the time being in force.
- The mobile number obtained may be used for, but not limited to, send to or directly read SMS from the mobile, enabling auto read is for any of the following purposes or during the events such as, but not limited to: Sign Up, Forgot PIN, Account Discovery, Account Linking, Update or Revoke Consent, Delink Accounts, Close Account
- We collect data by way of „cookies‟. Cookies are small data files which are sent to your browser from the Platform and are stored on your computer or device (hard drive). The cookies shall not provide access to data in your computer or device such as email addresses or any other data that can be traced to you personally. The data collected by way of cookies will allow us to administer the Services and provide you with a tailored and user-friendly service. The cookies shall enable you to access certain features of the Services. Most web browsers and devices can be set to notify when you receive a cookie or prevent cookies from being sent. If you do prevent cookies from being sent, it may limit the functionality that we can provide when you visit the Platform or try to access some of the Services.
Disclosure and Retention of User Information
- The Company considers Information about its customers as an important part of its business. Accordingly, the Company shall not engage in sale of Information relating to Users to third parties. However, the Company may share user information third parties in the circumstances specified herein below, after reasonably assuring itself that such third parties have undertaken to maintain confidentiality of Personal Information relating to the users:
- Third Party Service Providers: The Company may engage third party service providers to render various services (other than the core service of Account Aggregation), and perform various function in relation to the business undertaken on the Platform. For instance, the Company may engage third party services providers for maintenance of its Website, analyzing data, providing marketing assistance, provision of customer services etc
- Government Agency: The Company may share any Information relating to Users (i) with Government agencies mandated under the law to obtain Information relating to users from the Company; (ii) any third party, when the Company is required to disclose the same under an order of a Government or judicial authority under any law for the time being in force, or where such disclosure is necessary for the compliance of a legal obligation.
- The Company shall retain information of a user collected for registration on the Platform for a period of one hundred and eighty days after any cancellation or withdrawal of his/her registration, as the case may be
- The Company will share your Personal Information internally with those staff members who need it to complete provision of services to you on the Platform.
- The Company shall keep sensitive personal data or information for only as long as the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. For those customers who have registered for the mailing list, their personal information is kept until we are notified that they no longer want their information stored.
Company’s commitment to Data Securit
- The Company will adopt required IT framework and interfaces to ensure secure data flows from the Financial Information providers to its own systems and onwards to the Financial Information users
- The Company will not request or store your credentials (like passwords, PINs, private keys) which may be used for authenticating you to the Financial Information providers.
- We shall access your information only be based on consent-based authorisation.
- We shall build in adequate safeguards in our IT systems to ensure that it is protected against unauthorised access, alteration, destruction, disclosure or dissemination of records and data.
- The Company shall take all reasonable measures to secure its Plaform and information contained therein following the reasonable security practices and procedures as prescribed in the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011
Accuracy and Protection of Personal Information
The Company relies on our customers to notify us of any changes in personal information. Should inaccurate information come to our attention, we will investigate and correct the information and, if necessary, apprise you of the change. Only those staff members who need your personal information in order to respond to your requests are given access to it. Employees are provided with training and information regarding the proper handling of personal information. All information stored in our computer system is protected from unauthorized access and information that is stored in document form is kept in secure locations to prevent access by unauthorized persons.
In case you have any grievances or want to address any discrepancy with respect to the processing of any of the information/data you provided to the Company,please contact our Grievance Officer. The name and contact details of the Grievance Officer are provided below Grievance Redressal mechanism policy and is available in the website of the Company.