Privacy Policy for Digital Lending Products / Money Lending Services

I. Types of Information We collect

• Personal Data and Personally Identifiable Information (PII) which Includes but is not limited to the following:
  • Name
  • Contact information (phone numbers, email addresses)
  • Residential address
  • Financial information
  • Employment details
  • Credit history and records
  • Documents such as identity card / passport details / Aadhaar details / PAN / Voter ID / driving license, and/or education details provided by You to Us to avail various products/Services from Us.
• Voice recordings of Our conversations with the customer care agent to address Your queries/grievances;
• Opinions provided by You to Us by way of feedback or responses to surveys;
• Information obtained from Your mobile device, including but not limited to SMS data, for the purpose of on-boarding / KYC requirements only, duly agreed and consented by You by way of using the Site / Platform like device location, camera, and microphone access, or such other information that may have been voluntarily provided by you in connection with availing the Services on the Platform. Necessary permission/consent shall be sought for the same at an appropriate stage during the Platform usage at all times.
• Employment details (e.g. occupation, positions held, employment history, salary and/or benefits) as part of Our record retention for credit/various product evaluations or required under applicable law, including Prevention of Money Laundering (Maintenance of Records) Rules, 2005.
• Specimen signature(s) for processing of Your instructions received by Us through Our various payment and delivery channels;
• Access to your mobile camera device for the purpose of on-boarding/ KYC requirements only and for the functioning of many Platform functionalities including, but not limited to scan and pay, etc. Access to device camera is required. Permission is sought for the same at an appropriate stage during the Platform usage.
• We may periodically collect metadata information of apps installed on your mobile device which includes the application’s name, package name, installed time, updated time, version name and version code of each installed application, understand the usage of applications like VPN, gaming applications on your device to assess for fraud, if any and also to understand your risk profile.

In general, You can browse Our Platform (limited web pages from our website) without telling Us who You are or revealing any Personal Data about yourself. However, to create an account on Platform, You must provide Us with the aforementioned basic information required to provide customized services. Mobile application can be browsed only after creating an account with us as aforesaid.

You may, in your sole and absolute discretion, choose either: (i) not to provide the information, specific data requisitioned by Us from you in connection with Our Services from time to time or (ii) cancel/revoke your consent so granted to collect Your Personal Data and/or communication that you have elected to receive from Us in relation to the information you have already shared with Us. However, in the event if You do not provide Your consent or later withdraw Your consent, We request you not to access the Platform and/or use the Services and We also reserve the right to not provide You any Services through the Platform. In such a scenario, the Company may delete Your information (Personal or otherwise) or de-identify it so that it is anonymous and not attributable to You.

II. Purpose of obtaining the information:

• Establish identity and verify the same;
• To facilitate your KYC;
• Conduct KYC for our third-party having contractual relationships with Us based on the information shared by You. Necessary permission/consent is sought for the same at an appropriate stage during the Platform usage;
• Post any changes/updates/modifications as deemed necessary;
• Monitor, improve, and administer Our Platform;
• To make improvements to our Service to provide correct transaction information to You;
• Design and offer customized products and Services on Our Platform from time to time;
• Send communications, notifications, information regarding the products or Services requested by You, or process queries and applications that You have made on Our Platform;
• Conduct data analysis in order to improve the Services/products provided to You;
• Use Your information in order to comply with country laws and regulations;
• Use Your information in other ways permitted by law (statutory and/or regulatory) to enable You to obtain financial services from third-party having contractual relationships with Us.

We will use and retain the information for such periods as necessary to provide You the Services on the Platform, to comply with our legal obligations, to resolve disputes, and enforce the agreements entered into by You and for such other reasons as specified in Clause V below.

III. Sharing of data with third parties

Any Personal Data that We have access to shall not be shared without Your consent unless as specified in the below cases wherein we are obliged to share.
In various processes / submission of applications / availing of product / service offerings, We shall seek Your explicit consent to use / share Your Personal Data.
In our business and operational processes, We only share the data on a “need-to-know” basis to designated personnel or partners or service providers.

We will share your data with competent / legal / statutory / regulatory agencies / authorities or partners / service providers acting on our behalf (as the case may be) in following cases:

• a. We may disclose and share Your information with the lending partners and our third-party partners for the purpose of reviewing credit records, facilitation of a loan provision or facility or line of credit, suggesting loan eligibility, and the shared information is used by these vendors/partners in accordance with their own privacy policies and applicable laws;
• b. For enabling the provision of the products/services availed by You, strictly on a "need to know" basis and subject to applicable laws.
• c. We will disclose the information to our third-party technology service providers and credit partners to perform credit checks and credit analysis like Credit Information Companies (Credit Bureaus) or third party data source providers;
• d. We will share your information under confidentiality obligations with the third parties and restrict the use of the said information by third parties only for the purposes detailed herein.
• e. We may disclose Your information, without prior notice, if We are under a duty to do so in order to comply with any legal obligation or an order from the government and/or a statutory authority, or in order to enforce or apply Our terms of use or assign such information in the course of corporate divestitures, mergers, or to protect the rights, property, or safety of Us, Our users, or others, and this may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
• f. Where it is directed or required by legal/regulatory/statutory/governmental authorities/judiciary under any applicable laws/regulations or judicial pronouncement though a legally obligated request.
• g. Where it is required to verify, mitigate, or prevent fraud or to manage risk or recover funds in accordance with applicable laws/regulations.
• h. When You make purchases through our services, we may collect and store information about You to process your requests and automatically complete forms for future transactions, including (but not limited to) your phone number, address, email, billing information, and payment preferences. This information may be shared with third-parties which assist in processing and fulfilling Your requests, including payment gateway processors, and for providing You with products/services to better serve Your needs and interests. Such sharing shall be in accordance with Your instructions and subject to appropriate confidentiality and security requirements.

IV. Storage of your Personal Data

When You use Our Platform, We collect and store your information which is provided by You from time to time by explicitly seeking permissions from You to get the required information. This allows Us to provide Services and features that meet Your needs, and to customize Our Platform to make Your experience safer and easier and to improve the Services provided by Us.

We may store, process, and retain Your Personal Data on Our servers where the data centers are located, and/or on the servers of third parties having contractual relationships with Us. We will retain your data for the period that you continue to be our customer and for such period as required to comply with any obligation under any law for the time being in force.

The information that is collected from you may be transferred to, stored, and processed at any destination as permitted under applicable law. By submitting information to Us, You agree to this transfer, storing and / or processing.

V. Usage of Your Personal Data

We use Your Personal Data in our business activities for providing and performing, among other actions, the following:

• To facilitate the transactions or report on these transactions;
• To undertake research and analytics for offering or improving our products/services and their security and service quality;
• To check and process Your requirements submitted to Us for products/services and/or instructions or requests received from You in respect of these products/services;
• To share with You updates on changes to the products/services and their terms and conditions including Site/Platform’s terms and conditions;
• To take up or investigate any complaints/claims/disputes;
• To respond to your queries or feedback submitted by You;
• To verify your identity for us to provide products/services to You;
• To carry out credit checks, screenings, or due diligence checks as lawfully required by Us and/or Bureaus;
• To undertake financial/regulatory/management reporting and create and maintain various risk management models;
• To conduct audits and for record-keeping purposes;
• To enable us to provide You with selective offers and promotions, search results, location-based services;
• To auto-populate such third-party pages based on Your click on advertisement instances on our website and Your proceeding to such pages;
• To comply with the requirements of applicable laws/regulations and/or court orders/regulatory directives received by Us;

Commission/Brokerage: You understand that Angel One may earn commission / brokerage from money lending vendors / partners for facilitating loan transactions. This commission is earned for connecting customers with the money lending vendors/partners.

VI. Retention and Deletion of your Personal Data / PII

Angel One Ltd. retains Your PII data only for as long as necessary to fulfill the purposes outlined in this policy or as per the Retention period defined in the Applicable Laws, rules and regulations. Afterward, We securely delete or anonymize the data in accordance with our retention policies and applicable laws.

VII. Cookie Policy

Please note that a “cookie” is a small piece of information stored by a web server on a web browser so it can be later read back from that browser. We may use cookie and tracking technology depending on the features offered. No Personal Data will be collected via cookies and other tracking technology; however, if you previously provided Personal Data, cookies may be tied to such information.

VIII. Links to other websites

Our website may contain links to other websites which are not maintained by Us. This privacy policy only applies to Us. You are requested to read the other websites’ privacy policies when visiting these websites.

IX. Reasonable Security Practices and Procedures

We take the security of Your information very seriously. To this end, We use several security techniques including secure servers, firewalls and encryptions. We have in place appropriate administrative, technical, physical safeguards and security measures to protect the Personal Data / PII You provide to us against accidental, unauthorized or unlawful loss, destruction, damage, alteration, access, disclosure or use and any other unlawful forms of processing.

We employ comprehensive security measures to protect customers' PII data from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption of sensitive data during transmission and storage
• Regular security assessments and updates to our systems
• Access controls and authentication processes
• Employee training on data security and privacy policies

At Angel One, we uphold stringent security practices to ensure the protection and confidentiality of your personally identifiable information (PII) during data collection, at-rest storage, and in-transit sharing with our data processing partners. Here are the security best practices we implement:

1. **Secure Data Collection:** During data collection, we employ a highly secure server environment to gather your personal details, ensuring that the transmission of this data is encrypted and secure.
2. **Firewall Protection:** Our servers are fortified with robust firewalls to fortify the defense against unauthorized access and potential cyber threats, thereby enhancing the overall security of your PII.
3. **Security Measures for Data at-Rest:** We implement various steps and measures to protect the security of your Personal Data when at rest, preventing misuse, loss, unauthorized access, modification, or disclosure while stored in our systems.
4. **Encryption Protocols for Data in-Transit:** All data in-transit or in-motion is protected using the latest and most secure encryption protocols, ensuring that any information exchanged between our systems and our partners is highly secure and confidential.
5. **Access Control on Systems:** Access to our systems is tightly controlled and limited to authorized personnel only, enforcing strict access control measures to ensure that your PII is accessed solely by individuals with appropriate authorization.
6. **Confidentiality Best Practices:** Our organization places a strong emphasis on confidentiality practices to prevent any unauthorized sharing or disclosure of your PII, both within the organization and when sharing data with trusted partners.
7. **User Education and Awareness:** We actively educate and inform our users about the significance of protecting their account login credentials, passwords, and OTP details. We strongly urge users not to share this sensitive information with anyone to further enhance account security. While We observe aforesaid security measures to protect Your Personal Data / PII on all our digital platforms, security risks may still arise for reasons outside of our control such as hacking, virus dissemination, force majeure events, breach of firewall etc. Please note that the above mentioned measures do not guarantee absolute protection to the Personal Data. We wish to mention that in case of non-compliance and/or breach with the privacy policy pertaining to access or usage of the computer resource, We shall have the right to terminate the access or usage rights of Yours to the computer resource immediately or remove non-compliant information or both, as the case may be.

While We observe the aforesaid security measures to protect Your Personal Data/PII on all our digital platforms, security risks may still arise for reasons outside of our control such as hacking, virus dissemination, force majeure events, breach of firewall, etc. Please note that the above mentioned measures do not guarantee absolute protection to the Personal Data.

We wish to mention that in case of non-compliance and/or breach with the privacy policy pertaining to access or usage of the computer resource, We shall have the right to terminate the access or usage rights of Yours to the computer resource immediately or remove non-compliant information or both, as the case may be.

X. Compliance with Laws and Applicable Regulations

Angel One limited complies with all applicable laws and regulations concerning data privacy and security, including but not limited to the data protection laws of the jurisdiction in which we operate.

XI. Contact us

If you have any queries, feedback, questions, or concerns regarding the collection, processing, usage, disclosure, and security of your information/data, or any aspect of this Privacy Policy, please address them to lendingsupport@angelbroking.com.

XII. Policy Review & Updates

This policy will be reviewed by Us as and when required and the same may be subject to change at any point in time. While We will make reasonable efforts to keep you posted on any updates to this privacy policy, to make sure that you are aware of any changes, we recommend that you review this policy periodically.

This Privacy Policy shall apply uniformly to Our desktop website, mobile site & mobile applications. We reserve the right to change/modify the information provided on or via this Site, including the terms of this disclaimer, at any time and without notice. You can determine when the Terms were last modified by referring to the “Last Updated” legend above. However, We shall not undertake to update You with the content contained on this Site/Platform from time to time. You are obliged to exercise your independent diligence on the information provided on or via this Site before arriving at any decision and you will be solely responsible for your actions. We shall not be held responsible for all or any actions that may subsequently result in any loss, damage and or liability on account of such change in the information on this Site. Your continuous use of the website/mobile application following the posting of changes shall mean that You accept and agree to the changes and shall be legally bound by the same.

XIII. Governing Law & Jurisdiction

This policy will be governed by and construed in accordance with the laws of India and subjected to the exclusive jurisdiction of Courts of Mumbai.

XIV. Details of associated third parties