Consent - driven access
We believe that the alternative lending ecosystem can only be scaled up in an environment of trust between stakeholders, which calls for transparency.Consumers are presented with a prominent disclosure screen, and detailed information on why, how and what data is being collected and used. Conscious consent is a mandatory step to proceed with our service.
Security by design
Keeping data secure is a priority for us, and this is reflected in the design of our products, from the start.
- Data is collected, transmitted, stored and eventually purged in a highly secure manner
- We are proactive. We conduct vulnerability assessments periodically and have robust threat detection systems
- We take prevention seriously. Our multi-layered security architecture with multi-factor authentication ensures that risks are addressed before a potential security breach.
-
Our products are equipped with the following features right from conception:
- Confidentiality - allowing access to authorized users only
- Integrity - ensuring data is not tampered with
- Availability - ensuring data is available to each user as and when they need it
We believe that a commitment to privacy mandates that we maintain the highest global standards and protocols.
- We adhere to the Information Technology Act, 2000 and the Information Technology (Reasonable security practices and procedures for sensitive personal data or information) Rules, 2011
- We adhere to Google’s policy guidelines regarding data collection, processing and management
- We are a member of the Data Security Council of India (DSCI, NASSCOM)
ISO 27001
We are ISO 270001 certified, a reflection of our commitment to data privacy and security adherence across our operations.
- We carry out highly secure organisational and administrative practices
- We have strong technical measures and vulnerability tests to ensure the highest standards of security
- Periodic, repeated ISMS training of our employees in Information Security Management Systems is an integral part of our employee onboarding process. The Information Security team receives additional training
- Post training, each employee is thoroughly assessed to ensure efficiency.
