This notice explains how InfoCredit Services Private Limited (hereinafter referred to as “CreditVidya”), a company registered under the Companies Act, 1956, providing credit related solutions under its brand name of CreditVidya, collects, handles, uses and discloses Personal Information collected from you.
CreditVidya’s information handling practices are continually reviewed to ensure they comply with the “Reasonable Security Practices and Procedures and Sensitive Personal Data or Information Rules, 2011” under Section 43A of the Indian Information Technology Act, 2000 as well as any other applicable laws or regulations.
By accessing or using CreditVidya’s services, you agree to this privacy notice.
CreditVidya provides its services only within the territory of India and to corporations and individuals in India. CreditVidya does not market or intend to provide its services to individuals or entities outside the territory of India and does not use information shared by individuals or entities outside the territory of India. Accordingly, CreditVidya is governed by and liable to comply only with the data protection laws in India.
Pursuant to the services provided by us, we will ask you to provide certain information as a part of the credit evaluation process, and in the course of the client app interface. We will collect this information through various means and in various places through the App Services, including loan application forms, contact us forms, or when you otherwise interact with us. We will ask you to provide only such information lawfully and operationally required for the App Services and necessary to be collected by us for effectively providing our services to you.
Below information may be collected through the android permissions to which you have granted us access through the client interface. Explicit consent screen and the usage of data will be explained on the interface as well.
We also collect information about you from third parties, including third-party verification services, credit bureaus and publicly available sources. In some circumstances, where lawful, this information may include government-issued identification number. This includes, without limitation, the receipt and exchange of account or credit-related information with any credit reporting agency or credit bureau, where lawful, and any person or corporation with whom you had, currently have, or may have a financial relationship, including without limitation past, present, and future places of employment and personal reporting agencies.
We may use information about you to provide, maintain, and improve our Services, such as:
We may disclose your Information to:
While we attempt to partner with only companies that share our respect for your privacy, we cannot take responsibility for the content or privacy policies of those Third Parties, including our Clients. We do not have control over the use of your personal information once it is shared by our Clients or Third Party Providers, and we are not responsible for their privacy practices. Your rights with respect to their treatment of Your Information will be governed by their own policies. We encourage you to review the privacy policies of any website, service or application that you access which is operated by our Clients or Third Parties.
We store and process your data only in India. Our data center and systems also maintain backup and disaster recovery systems in India. We are hosted on Virtual Private Cloud on Amazon Webservices (Mumbai Region) which provides a secure and scalable technology platform to ensure we can provide you services securely and reliably.
We are an ISO 27001 Certified organization and have Information Security Management System framework in place that ensures up-to-date physical security, such as secure areas in offices; electronic safeguards, such as passwords, firewalls, and encryption; and secure development procedures. Access control systems are in place. Our safety and security processes are audited by a third party cyber security audit agency from time to time.
CreditVidya ML algorithms identify the PII fields at the source itself and do not collect this information or mask it before collection wherever PII data is not needed. In the scenarios where PII data collection is mandatory, ex: Data to pull Bureau report or loan application data we encrypt the data with the latest security algorithms before transmitting the data. All such data is encrypted at rest.
Information you and our Partners provide and receive during the Services is transmitted through a secure sockets layer (SSL) transmission. We encrypt and store PII data where ever it is possible. No data is shared with any third party unless until it is a core feature to serve the end-user, in all such scenarios the user consent is taken.
We restrict access to your Personal information only to those employees who are required to know such information in order provide our Services to you. We train our employees on all our security procedures, and we conduct audits to check compliance.
No security measures can provide absolute protection of data, but we will strive to protect your information. If you are a security enthusiast and have found a possible security vulnerability on our products, we encourage you to report the issue to us responsibly. You can reach out to us at firstname.lastname@example.org.
If you choose to use our blog or our Social Network pages (Facebook Fan page, Twitter, Linkedin, Google Play Store, Apple ITunes store etc), any information you submit can be read, collected, or used by other users of these sites. We are not responsible for the subsequent use of information, which you have submitted to the foregoing sites, by its other users.
We encourage our clients to provide mechanism for the end users to request deletion of their data. We at CreditVidya will delete your end-users data upon a written communication from our client.
CreditVidya can retain the aggregate anonymized data of your end users and this data will be used to improve our ML algorithms. This data will not be deleted as part of any data purging activity as this is devoid of any PII data.
If you have any questions or concerns regarding our policy, or if you believe our policy or applicable laws relating to the protection of your personal information have not been respected, you may file a complaint with our Privacy Department listed above, and we will respond to let you know who will be handling your matter and when you can expect a further response. We may request additional details from you regarding your concerns and may need to engage or consult with other parties in order to investigate and address your issue. We will keep records of your request and any resolution.