This legal document is an electronic record in terms of Information Technology Act, 2000, and rules there under as applicable and the amended provisions pertaining to electronic records in various statutes as amended by the Information Technology Act, 2000. This electronic record is generated by a computer system and does not require any physical or digital signatures.
We, ORICRED FINSERV PRIVATE LIMITED (Company; We; us; our) have developed a mobile application called MobiCred (Application / App) through which you may apply for a loan (Loan) to be granted by us or non-banking financial company or Banks (LENDER), based on the loan agreement executed between you and LENDER. LENDER has appointed and authorized us to collect, store, authenticate, verify and distribute the Personal Information (defined below) as may be required by the LENDER to sanction the Loan. The Personal Information shall be collected through the mobile application form (Mobile Application Form) available on the Application.
While providing aforesaid online services, the issue of online privacy is extremely crucial for MobiCred which is committed to safeguarding the information provided by users. MobiCred is dedicated to create a reasonably secured environment for its users.
In order to avail the Services, you are required to register with the Company by logging in through Third Party Platforms (defined below) (User Account). During the application process, you shall be required to share/upload certain personal information including but not limited to your name, e-mail address, gender, date of birth, mobile/phone number, photograph, mobile phone information including installed applications on your device, contact numbers, SMS and browsing history, data and login-in credentials of Third Party Platforms (defined below), financial information such as bank documents, salary slips, bank statements, PAN card, bank account no., data from Credit Information Companies, data required for Know Your Customer compliances, requirement and other relevant details (Personal Information). You undertake that you shall be solely responsible for the accuracy and truthfulness of the Personal Information you share with us.
As part of the Services, you authorize us to import your details and Personal Information dispersed over Third Party Platforms. Third Party Platforms are social networking platforms, such as Facebook, LinkedIn and other similar platforms.
You understand and acknowledge that the Company reserves the right to track your location (Track) during the provision of the Services, and also in the event that you stop, cease, discontinue to use or avail the Services, through the deletion or uninstallation of the Mobile App or otherwise, till the event that your obligations to pay the Outstanding Amount(s) to LENDER, exist. Deletion, uninstallation, and/or discontinuation of our Services, shall not release you from the responsibility, obligation and liability to repay the Outstanding Amount(s).
The key information collected from the device is further detailed below:
We collect the location data from you in two ways: (i) When you add the address as part of your filling up of MobiCred App; and (ii) from your mobile device when enabled by you to do so. This information collected and monitored about the location of your device so as to provide serviceability of your loan application, reduce risk associated with your loan application and to provide pre-approved customized loan offers.
How we use this data : For enabling the App and its services; for loan processing and KYC authentication; for enabling customer support; for enabling marketing and outreach; for automated decisions; for legal compliance and requirements.
We collect users’ phone contact list post their consent. This data is required by our app to detect references during the loan application process for seamless user journey. Also, app collects and monitors your contact's information, account type, contact last modified, favourites and other optional data like relationship and structural address to enrich your overall profile.
How we use this data : We use this data to ascertain your social network from your phone book contacts and identify fraudulent contacts in your network. This helps us in detecting fraud loan applications, reducing credit risk, for enabling the App and its services; for loan processing, reference checking and KYC authentication.
Storage permission is required so that your KYC and other relevant documents can be securely downloaded and saved to your phone. These KYC documents can then be easily uploaded for faster completion of your loan application and disbursal. This will help us to ensure that you undergo a seamless experience on our app.
How we use this: For securely downloading and saving KYC documents on users' phones and upload the right documents for a faster approval and disbursal of the loan.
List of Installed Applications
We collect each installed applications' meta-data information which includes the application name and package name of each installed application on your device.
How we use this data : To assess your creditworthiness and provide you with pre-approved customized loan offers, for enabling the app and its services; for research and development; for enabling communication between the user and us; for enabling marketing and outreach.
Specific Information is collected and monitored by our application regarding your device including hardware model, brand, manufacturer, OS version, IMEI information.
How we use this data : To uniquely identify the devices and to ensure that no unauthorized device acts on your behalf which will help us in preventing frauds. This will also help us in enriching your credit profile and assessing your credit worthiness, besides enabling the app and its services, for enabling customer support and for research and development.
We collect your personal information data which includes your name, phone number, email address, date of birth, mailing and home address, personal identifiers like bank account number, permanent account number and unique identification number (aadhaar). We also collect your picture and photo of PAN Card, Aadhaar Card and Address Proof like Driving License or Electricity Bill or LPG Related documents and Profession related document which you provide at the time of profile creation.
How we use this data : All the mentioned information is required as part of Profile creation and KYC process and to access our service and is also used to auto-populate relevant input fields in the course of our application interface as part of application feature. Also, we use some of the above mentioned personal information like name, phone number, email address etc. to uniquely identify you and prevent frauds and unauthorized access. Your address and professional details are used for personalizing the loan products for you.
When you use MobiCred for information purposes only, we only collect the data that your browser transmits to our server. If you wish to view MobiCred app, we collect the following data, which is technically necessary for us to display our app to you and to ensure its stability and security: IP address, Date and time of the request, Time zone difference to Greenwich Mean Time (GMT), Content of the request (specific page), Access status/HTTP status code, Amount of data transferred in each case, Page from which the request came, Browser, Operating system and its interface, Language and version of the browser software.
How we use this data : The aforementioned data is processed by us for the following purposes: Ensuring a smooth connection setup of the app, ensuring a comfortable use of our app, evaluating system security and stability and for other IT administrative purposes.
You agree and acknowledge that when we receive e-mails from you, we may retain the content of any e-mail messages sent to us, as well as details of your e-mail address. You further agree and acknowledge that MobiCred shall use your email id and mobile number information for sending promotional messages using different platforms from time to time. If you send us personal correspondence, such as letters, or if other users or third parties send us correspondence about your activities or postings on MobiCred, we may collect such information into a file specific to you.
We use data collection devices such as "cookies" on certain pages to help analyze our online page flow, measure promotional effectiveness, and promote trust and safety.
MobiCred uses "cookies" to track usage patterns, traffic trends and user behaviour, as well as to record other information from the app. For certain services provided on MobiCred, cookies allow MobiCred to save information locally so that you will not have to re-enter it the next time you visit. Many content adjustments and customer service improvements are made based on the data derived from cookies.
You can set your browser so that you are informed about the setting of cookies, allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, activate the automatic deletion of cookies when closing the browser.
The cookie settings can be managed under the appropriate links for the respective browsers.
We also recommend that you regularly delete your cookies and browser history manually.
We use certain APIs for various services and authentication related to KYC, Loan Processing and Disbursement. It is important for us to inform you that we will have limited control over aforesaid APIs and therefore you clearly agree and acknowledge that we shall not be held responsible for privacy/security issues relating to the same.
We use your personal information to facilitate the services you request. We do not sell, rent, trade or exchange any personally-identifying information of our Users. We may provide your collected information to our affiliates and service providers under contract (such as customer care, billing, data analytics etc.) to support the operation of MobiCred and our services. To the extent we use your personal information to market to you, we will provide you the ability to opt-out of such uses. We use your personal information to: resolve disputes; troubleshoot problems; collect payments; measure consumer interest in the services provided by us, inform you about online and offline offers, products, services, and updates; customize your experience; detect and protect us against error, fraud and other criminal activity; enforce our User Agreement(s), and in general to improve the user experience and make it comparable to other similar websites/apps; and as otherwise described to you at the time of collection. In our efforts to continually improve our product and service offerings, we may collect and analyze demographic, profile and usage data about our users' activity on our app.
We use your personal information to improve our platform, improve MobiCred's content and product offerings, prevent or detect fraud or abuses of our MobiCred and tailor it to meet your needs, so as to provide you with a smooth, efficient, safe and customized experience while using the app.
We do not sell, rent, lease your Personal Information to anybody and will never do so. Keeping this in mind, we may disclose your Personal Information in the following cases:
Notwithstanding anything mentioned hereinabove, the Company shall not be responsible for the actions or omissions of the service providers or parties with whom the Personal Information is shared, nor shall the Company be responsible and/or liable for any additional information you may choose to provide directly to any service provider or any third party.
As per Rule 5(7) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008, you have an option to withdraw your consent for use of your sensitive personal data given earlier to us. Such withdrawal of consent shall be sent in writing to our registered address.
However, we will retain your Personal Information for as long as your registration with us is valid and the Outstanding Amount(s) is due and payable to LENDER. We may also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Subject to this section and approval from the LENDER, we will try to delete your Personal Information upon reasonable written request for the sameas per above Rule 5(7) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011. Please note, however, that there might be latency in deleting Personal Information from our servers and backed-up versions might exist even after deletion.
We value your trust in providing us your Personal Information, hence we continuously strive to use commercially acceptable means of protecting it. We request you to note that no method of transmission, whether in physical form or over the internet, or method of electronic storage is 100% secure and may be subjected to unintentional risks, due to reasons beyond our control. Data pilferage due to unauthorized hacking, virus attacks, technical issues is possible and we take no liabilities or responsibilities for it.
You are responsible for all actions that take place under your User Account. If you choose to share your User Account details and password or any Personal Information with third parties, you are solely responsible for the same. If you lose control of your User Account, you may lose substantial control over your Personal Information and may be subject to legally binding actions.
We have implemented reasonable security practices as per Rule 8 of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008.
Access to your Loan Account is through the APP and the same is accessed through your registered mobile number by providing OTP received in your registered mobile number for authentication.
MobiCred has implemented reasonably stringent, internationally acceptable standards of technology, managerial security, technical security, operational security and physical security in order to protect personally identifiable information from loss, misuse, disclosure, alteration or destruction. The data resides behind a firewall and other standard security tools, with access restricted to authorized personnel of MobiCred.
MobiCred has implemented “Reasonable Security Practices & Procedures” as required by the Information Technology Act, 2000 rules including any amendment in the said Act and its rules. By complying with such provisions, MobiCred assures you proper care and control over its I.T. and Security operations under sections 43, 43A, 45, 66,72A & 85 of I. T. Act, 2000 and I.T.A.A, 2008 including related rules and therefore you agree that MobiCred shall not be held responsible for any activity in your account which results from your failure to keep your own password/device secured.
By using this app, you agree that MobiCred shall not be held responsible for any uncontrollable security attacks and in such cases you agree that MobiCred shall not be held responsible for any type of financial losses, loss of opportunity, legal cost, business losses, reputation loss, direct and indirect losses that may occur to you as per the Provisions of Section 43, 43A and 45 of Information Technology Act, 2000 including any amendments in the said Act and any other laws of India for the time being in force.
You further agree that MobiCred's management shall not be held responsible directly or indirectly for any cyber-crime related criminal liabilities under I. T. Act, 2000 relating to your information as you have verified, agreed and acknowledged that management of MobiCred complies with due diligence (care & controls) requirements of I.T.Act,2000 including its rules and amendments.
You clearly agree and acknowledge that our reasonable security practices & procedures shall mean and include but are not limited to following:
Strong password, OTP and other general security controls
256 Bit Encryption Standards
Built with the high Standards for Privacy and Data Security on AWS Cloud Server having its link https://aws.amazon.com/products/security, which provides complete information of security controls of server on which MobiCred is hosted.
Further, you also agree and acknowledge that MobiCred management shall never be held responsible regarding privacy of your sensitive personal data in case of sharing your sensitive personal data to any authorized cyber investigation agency of appropriate government authorities under sections 67C, 69, 69A, 69B, 70B, 79 and 80 of I.T. Act, 2000 including its amendments, rules and every other applicable laws.
In case you need to access, review, and/or make changes to the Personal Information, you will be required to furnish supporting documents relating to change in Personal Information for the purpose of verification by the Company. You shall keep your Personal Information updated to help us to serve you better.
Our services are not meant for children and we do not knowingly solicit or collect personal information from persons under the age of 18 (Eighteen). If we find out that a child has given us personal information, we will take steps to delete that information and terminate the relevant MobiCred account.
We may provide you with certain ancillary services such as chat rooms, blogs and reviews for the Services. Subject to any applicable laws, any communication shared by you via the Platform or through the blogs, reviews or otherwise to us (including without limitation contents, images, audio, financial information, feedback etc. collectively Feedback) is on a non-confidential basis, and we are under no obligation to refrain from reproducing, publishing or otherwise using it in any way or for any purpose. You shall be responsible for the content and information contained in any Feedback shared by you through the Platform or otherwise to us, including without limitation for its truthfulness and accuracy. Sharing your Feedback with us, constitutes an assignment to us of all worldwide rights, titles and interests in all copyrights and other intellectual property rights in the Feedback and you authorize us to use the Feedback for any purpose, which we may deem fit.
You expressly understand and agree that the Company shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data, information, details or other intangible losses (even if the Company has been advised of the possibility of such damages), resulting from: (i) the use or the inability to use the Services; (ii) unauthorized access to or alteration of your Personal Information.
You expressly understand and agree that the Company, including its directors, officers, employees, representatives or the service provider, shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses (even if the Company has been advised of the possibility of such damages), resulting from; (a) use or the inability to avail the Services (b) inability to use the Platform (c) failure or delay in providing the Services or access to the Platform (d) any performance or non-performance by the Company (e) any damages to or viruses that may infect your electronic devices or other property as the result of your access to the Platform or your downloading of any content from the Platform and (f) server failure or otherwise or in any way relating to the Services.
This Agreement shall be construed and governed by the laws of India and courts of law at Bhubaneswar shall have exclusive jurisdiction over such disputes without regard to principles of conflict of laws.
If you have any questions or grievances regarding the privacy statement, practices of the app, or any other transaction issue, please contact our Grievance Officer on firstname.lastname@example.org. We have appointed our Grievance Officer as per Rule 5 (9) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 of Information Technology Act, 2000 amended through Information Technology Amendment Act, 2008 and you can contact him (Name: Mr. Ajay Sakti Das) on above mentioned email id or on our office address: Oricred Finserv Pvt Ltd, N6/152, IRC Village, Bhubaneswar, Odisha, India.