1. INFORMATION WE COLLECT

1.1 Sensitive Data and Personal Information: In general, We may collect Personal Information, including Sensitive Data.

“Personal Information” means individually identifiable information that directly or indirectly, in combination with other information would allow the identification of a specific living person.

“Sensitive Data” means Your Personal Information such as financial information such as bank account details and/ or any other payment instrument details, sexual orientation, any details or preferences that may have been voluntarily provided by You and any of the information received under above clauses by Us in connection with availing the Services.

By providing Personal Information (including Sensitive Data) to us, you consent to the collection, usage, and disclosure of Personal Information (including Sensitive Data), as permitted by applicable laws. By using the Services, you are authorizing us to gather, parse data and retain basic data which are related to the provision of the Services.

1.2 Personal Information: We may collect and process your Personal Information, including but not limited to the following:

2. HOW WE USE INFORMATION WE COLLECT

Our primary goal in collecting the information is to provide you a platform to render our Services. We may use the personal information provided by you for one or more of the following:

1. To help provide you the Services;
2. To observe, improve and administer the quality of Services;
3. To analyze how the platform is used and diagnose technical problems;
4. Remember the basic information provided by you for effective access;
5. To confirm your identity in order to determine your eligibility to use the platform and avail the Services
6. To notify you about any changes to the Website;
7. To enable us to comply with our legal and regulatory obligations;
8. For the purpose of sending administrative notices, Service-related alerts and other similar communication with a view to optimizing the efficiency of the Website;
9. Doing market research, troubleshooting, protection against error, project planning, fraud and other criminal activity; and
10. To enforce our Terms and Conditions of Use.

3. DISCLOSURE OF INFORMATION

3.1 We do not publish your Sensitive Data provided by you.

3.2 We will treat your Personal Information strictly confidential. We will not disclose your Personal Information to anyone, except in the following cases:

1. We may disclose your Personal Information in the event it is required to do so by law, rule, regulation, law, enforcement, governmental official, legal or regulatory authorities and/ or to such other statutory bodies who have appropriate authorisation to access the same for any specific legal purposes.
2. Merger, acquisitions: Information collected from you may be transferred to a third party(ies) as a result of a sale or acquisition, merger or bankruptcy involving the Company.
3. We may disclose your information to any of our affiliates or related entities. We will ensure that our affiliates and related entities maintain the same standards of confidentiality and protection with respect to the Personal Information shared with them.
4. We may disclose your information in order to provide you the Services, enforce or apply the Terms and Conditions of Use, or to protect the rights, property or safety of the Company, its users or others. This includes providing information to one or more lending partners, and exchanging information with other companies / agencies that work for fraud prevention. You are specifically allowing the data collected from you to be shared with third parties.

3.3 Sharing: You hereby consent to sharing your Personal information with credit information companies, analytics, technical partners, payment facilitators, commercial partners, etc for purposes including but not limited to providing and monitoring Our Services, onboarding process on the FREED Platform, assessing the creditworthiness, KYC verification, fraud prevention and risk evaluation. We may share aggregated demographic information with our partners or affiliates. This is not linked to any personal information that can identify an individual person. We will not be liable for transfer of any personal identification information resulting from loss or distribution of data, the delineation or corruption of media storage, power failures, natural phenomena, riots, act(s) of vandalism, sabotage, terrorism or any other event beyond our control. You hereby consent to share your personal information with Trillionloans Fintech Private Limited

3.4. Consulting: We may partner with other parties to provide specific portions of the Services, if required. When you sign-up for the Services, we may share some of your Personal Information (including phone number registered or to be registered with FREED) and Sensitive data to the extent necessary for the third party to provide these Services. Our contractual arrangements with such third parties restrict these parties from using personally identifiable information except for the explicit purpose of assisting in the provision of these Services.

3.5. Promotional Offers: We may send you offers, which may be on behalf of other businesses. If you do not want to receive such offers, you may request us to adjust your preferences.

4. CHANGE OF INFORMATION

If your Personal Information or Sensitive Data changes, you may correct, delete inaccuracies, or amend information by reaching out to us at dcp@freed.care. We may request you to provide any additional information or documents as may be necessary to verify the changes requested by you.

5. SECURITY OF INFORMATION

5.1 We take the security of your information very seriously. To this end, we use several security techniques including secure servers, firewalls, and encryptions, as well as physical safeguard of the locations where the data are stored. We have in place appropriate administrative, technical, physical safeguards and security measures to protect the personal data you provide to us against accidental, unauthorized, or unlawful loss, destruction, damage, alteration, access, disclosure or use and any other unlawful forms of processing. When we collect data, we collect your personal details on a secure server. We use firewalls on our servers. Whilst we are unable to guarantee 100% security, this makes it hard for a hacker to decrypt your details. We maintain physical, electronic, and procedural safeguards in connection with the collection, storage and disclosure of your information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you. You are responsible for protecting against unauthorized access to your password and to your computer.

5.2 The information that is collected from you may be transferred to, stored, and processed at any destination as permitted under applicable law. By submitting information to us, you agree to this transfer, storing and/ or processing. We will take such steps as we consider reasonably necessary to ensure that your information is treated securely and in accordance with this Privacy Policy.

5.3 In using the Services, you accept the inherent security implications of data transmission over the internet. Therefore, the use of the Website will be at your own risk, and we assume no liability for any disclosure of information due to errors in transmission, unauthorised third party access or other acts of third parties, or acts or omissions beyond its reasonable control and you agree not to hold us responsible for any breach of security.

5.4 In the event we become aware of any breach of the security of your information, we will promptly notify you and take appropriate action to the best of its ability to remedy such a breach.

6. EXCLUSION

6.1 This Privacy Policy does not apply to any information other than information collected by us through the Website including such information collected in accordance with the clause on “Collection of Information” above. This Privacy Policy will not apply to any unsolicited information provided by you through this Website or through any other means. This includes, but is not limited to, information posted on any public areas of the Website. All such unsolicited information shall be deemed to be non-confidential, and we will be free to use, disclose such unsolicited information without limitation.

6.2 We also protect your personal information off-line other than as specifically mentioned in this Privacy Policy. Access to your personal information is limited to employees, agents, or partners and third parties, who we reasonably believe will need that information to enable us to provide Services to you. However, we are not responsible for the confidentiality, security, or distribution of your own personal information by our partners and third parties outside the scope of our agreement with such partners and third parties.

7. STORAGE OF DATA

We will retain any data or information provided by you till the time we render our services towards you. Our data retention policy is restricted to the provisions of our services towards you. You can request for the deletion of your information from us at any stage. Our data retention, storage and deletion policy is in consonance with the applicable laws and guidelines of the RBI. You have a right to revoke or deny consent to the data previously provided by you. You have a right to refrain from providing data or information. Upon your request we will erase the data from our website so that it not visible to anyone and will not be shared with any partner. However, the data can still reside in archived database and can be used for analytical purposes.

8. OPT OUT PROCEDURES

8.1 Upon initial communication from us, you may opt-out of receiving further communications from us. To be completely removed from our mailing list, you may contact us at dcp@freed.care. If you are using an e-mail forwarding service or other similar service, please make sure to include the correct e-mail address or addresses.

8.2 You are free to revoke the consent to access your email at any time while you avail the FREED Services. In the event you wish to revoke the consent or opt out from processing your application through us, please write to dcp@freed.care.

9. RETENTION & DATA PURGING

We will only retain your personal data for as long as it is necessary for the stated purpose, taking into account also our need to answer queries or resolve problems, provide improved and new services, and comply with legal requirements under applicable laws. This means that we may retain your personal data for a reasonable period after your last interaction with us. Kindly note that we do not sell your personal data to any third party and the use of your personal data is strictly restricted to the services provided by us, as mentioned herein. Your data will be stored in our systems in accordance with the Information Technology Act, 2000, Rule 3(h) of the Intermediary Rules and the IT RSP Rules (“IT RSP Rules”). When there is no longer a business, legal, or regulatory requirement to keep the data, then the data will be purged in a secure manner. Data Destruction Protocol: All the data, including all the copies thereof will be destroyed post the completion of the business, legal or regulatory requirement. In case the data are stored in physical form, that is, CDs, DVDs, Pen Drive, tapes, etc., then the physical device storage shall be destroyed. In case the data are stored in digital form, then secure erasure of individual folders and/or files will be done.

10. STANDARDS FOR HANDLING SECURITY BREACH:

No data collected and allowed to be stored by us shall be stored in any server which is not located in India.

1. All suspected or reported security breaches or violations shall be logged and tracked from initiation of the preliminary analysis to determine whether there was a security breach or violation till completion of actions taken.
2. Appropriate contacts with relevant authorities shall be maintained to escalate to respective authorities as required, including the local cyber cell information.
3. Below mentioned are the steps for handling security breach: •Move quickly to secure the systems and fix vulnerabilities that may have caused the breach. •Switch off the servers and change the access code to prevent additional data loss. •Mobilize the breach response team right away to prevent additional data loss. •Additional security required will be placed. •Securely delete personally identifiable information (PII) and other sensitive data when it no longer needed for business purposes
4. If any security breach comes to our knowledge, then we may take all steps required to protect misuse of such information and may attempt to notify you electronically so that you can take appropriate steps.

11. OPT OUT PROCEDURES

11.1 Upon initial communication from us, you may opt-out of receiving further communications from us. To be completely removed from our mailing list, you may contact us at dcp@freed.care. If you are using an e-mail forwarding service or other similar service, please make sure to include the correct e-mail address or addresses.

11.2 You are free to revoke the consent to access your email at any time while you avail the FREED Services. In the event you wish to revoke the consent or opt out from processing your application through us, please write to dcp@freed.care. You have the option to revoke or deny consent or seek erasure of data previously provided.

12. NOTIFICATION OF CHANGES

12.1 We may update this Privacy Policy at any time, with or without advance notice. In the event there are significant changes in the way we treat your Personal Information, or in the Privacy Policy document itself, we will display a notice on the Website or send you an email informing you of such changes, so that you may review the changed terms prior to continuing to use the Website and our Services.

12.2 Using the Company’s Services or accessing the Website after a notice of changes has been sent to you or published on the Website will constitute your consent to the changed terms.

13. ADDRESS FOR PRIVACY RELATED QUESTIONS

13.1 We respect and are sensitive to the rights as granted in the data protection laws. Should you have questions about the Privacy Policy or our information collection, use and disclosure practices, you may contact the Grievance Officer as per the details given hereinbelow. We will use reasonable efforts to respond promptly to requests, questions or concerns you may have regarding the use of your personal information.

13.2 In accordance with the Information Technology Act, 2000 and Digital Lending Guidelines and the rules made thereunder, the name and contact details of the Grievance Officer/Nodal Officer are provided below.

Name: Karishma Arora

Email Address: karishma.arora@freed.care

Address: BPTP Park Centra, Unit 503-505, 5th Floor, Sector 30, Gurugram, Haryana 122 002, INDIA.

You may contact FREED’s GRO to address any discrepancies and grievances you may have with respect to your information available with us. The Grievance Officer will redress your grievances expeditiously.

Sachet portal: https://sachet.rbi.org.in/