Effective Date: Mar 21, 2023
CredAvenue Securities Private Limited is located at:
CredAvenue Securities Private Limited
12th Floor, Prestige Polygon No-471, Anna Salai, Nandanam,
Chennai – 600 035, Tamil Nadu, India
- The Information Technology Act, 2000
- Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011;
- Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021
- Guidelines on Digital Lending issued by the Reserve Bank of India (RBI), 2022;
The Company will follow a risk management approach to developing and implementing Information Security policies, standards, guidelines, and procedures. The Information Security Program is designed to protect information assets by developing Information Security policies to identify, classify, and define the acceptable use of company information assets.
The types of personal data may include names, addresses, phone numbers, birthdates, social security numbers, tax identification numbers, national insurance numbers and financial account numbers.
The Policy applies to all employees, contractors, consultants, vendors, clients and stakeholders who access, use or control company resources and provide personal information on the Platform.
CredAvenue Securities Private Limited will only be using the information for providing the services to you.
IF YOU DO NOT AGREE TO THIS POLICY OR ANY PART THEREOF, PLEASE DO NOT USE/ ACCESS/ DOWNLOAD/ INSTALL THE PLATFORM OR ANY PART THEREOF.
The Company adheres to legal, regulatory and customer privacy requirements.
The Company collects personally identifiable information when voluntarily submitted by our online and onsite visitors. The information provided is used to fulfill specific requests unless given permission to use it in another manner.
ln connection with the services we provide, the Company may collect the following types of information:
Personally Identifiable Information: Names, addresses, email addresses, phone numbers, driving license, birthdates, GST, Aadhaar number, PAN, tax identification, financial account, passport number, voter ID, national insurance numbers, and company information.
User Communications: When a visitor sends an email or other communication to the Company, these communications may be retained in order to process inquiries, respond to requests, and improve overall services.
The Company reserves the right to collect and process personal information in the course of providing services to our clients without the knowledge of individuals involved. Where the Company collects personal information from individuals within the Indian region, upon request, the Company will inform them about the types of person information collected from them, the purposes for which it was collected, and uses of the information, and the types of non-agent third parties to which the Company discloses that information.
The Company may share information with governmental agencies or other companies assisting in fraud prevention or investigation. The Company may do so when:
Permitted or required by law
Trying to protect against or prevent actual or potential fraud or unauthorized transactions
Investigating fraud which has already taken place
This information, however, is not provided to these companies for marketing purposes.
Permitted transfers of information, either to third parties or within the Company, include the transfer of information within the India region and shall not be moved out of one jurisdiction to another.
The Company takes reasonable steps to protect personally identifiable information. To prevent unauthorized access or disclosure of personally identifiable information, maintain data accuracy, and support the appropriate use and confidentiality of personally identifiable information, either for its own purposes or on behalf of our clients, the Company has put in place appropriate physical, technical, and managerial procedures to safeguard and secure the personally identifiable information and data the Company possesses.
Whenever the Company is processing personal data, it will take reasonable steps to keep personal data accurate for the purposes for which they were collected. It will provide data subjects with the ability to exercise the following rights under the conditions and within the limits set forth in the law. If you wish to contact us regarding the use of your personal data or want to object in whole or in part to the processing of your personal data, please contact us at the below email address.
This policy is subject to change as per applicable laws from time to time.
Information obtained from or relating to clients or former clients is further subject to the terms of any privacy notice provided to the client, any contract or other agreement with the client, and application enforcement laws.
In certain cases, we will be a data controller / data fiduciary in respect of your relationship with us. A data controller / data fiduciary is responsible for deciding how to hold and use personal data about you. We may process your personal data ourselves and do not share with any third parties.
The Company will cooperate with the appropriate regulatory authorities, including local data protection regulatory authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between the Company and an individual.
The Company does not process any child data either directly or indirectly.
Currently, the Company does not transfer any client data out of India’s jurisdictions.
5. Deletion of Your Personal Data
The Company will retain your personal data only for as long as is necessary for the purposes of processing your personal data to provide the services. We may also retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. The company will manually delete the personal data on receipt of request from you or once the requirement to process such data ends, whichever is earlier. However, if you request us to delete any personal data before the requirement to process such data ends, the Company shall not be liable for any monetary loss or any damages, losses etc. whether direct or indirect that you may face for requesting such destruction.
6. Disclosure of Your Personal Data
6.2 Law enforcement: Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
In certain cases, in order to provide you with services, we may receive your information from third parties, such as NSDL and payment gateway providers, regarding the verification of your documents and your repayment status.
We will only collect & share your information if it is strictly necessary for the provision of the services. We do not retain the data obtained from these third parties. As part of our outsourcing obligations to our partners, we collect this information, which is transferred directly to them upon collection.
6.3 Other legal requirements – The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
Comply with a legal obligation
Protect and defend the rights or property of the Company
Prevent or investigate possible wrongdoing in connection with the Service
Protect against legal liability
6.4 Third Party Vendors – It refers to third-party companies or individuals employed by the Company who processes the data on behalf of the Company to facilitate a service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
A non disclosure agreement (NDA) and/or a data processing agreement (DPA) will be signed with the third-party vendor & the company to make sure the personal data of the client is secured and processed as per the agreement.
7 Security of Your Personal Data
The security of your personal data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While the company strives to use commercially acceptable means to protect your personal data.
8. Policy Enforcement and Compliance
Compliance with the policy is mandatory and CredAvenue Securities Private Limited department managers shall ensure continuous compliance monitoring within their department. Compliance with the statements of the policy is a matter of periodic review.
Any breach of the policy may constitute a security violation and gives the company the right to conduct disciplinary and / or legal action, up to and including termination of business relationship.
9. Standards of handling security breach
10. Document Management
Technological advances and changes in the business requirements will necessitate periodic revisions to documents. Therefore, this document may be updated to reflect changes or define new or improved requirements as and when required and in compliance with the Information Security Program Charter.
11. Third Parties who can collect your information
We may share your personal information (including Personal Information and Sensitive Personal Information) collected for the following purposes:
Legal Purposes: We may share Your information with law enforcement and other government agencies, courts and other bodies on their legal requests to comply with the law and aid to the ongoing and impending legal proceedings. We may also use your information when it is necessary to investigate, prevent, or take action regarding possible illegal activities or comply with legal processes or comply with any law in force or address threats to the physical safety of any person or safeguard our rights and the rights of users, or the public at large.
Additionally, we may share your information collected on the Platform with:
- The associated service providers that provide us services pertaining to protecting and securing our systems, and provide Us other services requiring the processing of information and data collected so as to host your information or data for the proper functioning of the Platform.
12. Contact Information
Board Number : 044-4091 2303
13. Grievance Redressal Mechanism
In case of any grievance, customers can intimate and record their complaints/ grievances for a resolution via:
- Email to email@example.com (or)
- Send a formal written complaint to the below mentioned address:
Address : CredAvenue Securities Private Limited, No.471, 12th Floor, Prestige Polygon, Anna Salai, Nandanam, Chennai – 600035, Tamil Nadu, India