Home / Pay&Serve Data Privacy Policy for Intermediaries in Digital Lending

Pay&Serve Data Privacy Policy for Intermediaries in Digital Lending

Introduction

PayandServe, operating in the B2B digital lending segment, is committed to safeguarding the privacy and confidentiality of all data shared with us. Our data privacy policy is structured following the latest guidelines issued by the Reserve Bank of India (RBI) and the Government of India. This policy outlines our practices for collecting, using, and protecting your information.

Data Collection and Usage

  1. Purpose Specification:
  • Data collected will be used solely to provide and improve digital lending services.
  • Explicit consent will be obtained before collecting any personal or business data.
  1. Types of Data Collected:
  • Personal Information: Name, contact details, identification documents, financial information.
  • Business Information: Company name, registration details, financial statements, transaction history.
  • Transaction Data: Details of loans applied for and processed, repayment history.
  1. Data Minimization:
  • Only data necessary for the specified purposes will be collected and processed.
  • Regular reviews to ensure data relevance and accuracy.

Consent and Transparency

  1. Informed Consent:
  • Clear and understandable consent forms outlining data usage, sharing, and retention policies.
  • Users have the right to withdraw consent at any time.
  1. Transparency:
  • Users will be informed about the data being collected, its purpose, and any third parties it will be shared with.
  • Regular updates to users on changes to the data privacy policy.

Data Storage and Security

  1. Data Storage:
  • Data will be stored securely on servers with state-of-the-art security measures.
  • Compliance with local data storage regulations, ensuring data is stored within India unless otherwise permitted.
  1. Security Measures:
  • Encryption of sensitive data during transmission and storage.
  • Regular security audits and vulnerability assessments.
  • Implementation of robust access controls to restrict data access to authorized personnel only.

Data Sharing and Disclosure

  1. Third-Party Sharing:
  • Data will only be shared with third parties who adhere to strict data protection standards.
  • Clear agreements with third parties outlining data usage and protection measures.
  • Users will be informed about any third-party data-sharing arrangements.
  1. Regulatory Disclosure:
  • Compliance with legal and regulatory requests for data disclosure.
  • Transparent procedures for responding to government and regulatory body requests.

User Rights and Control

  1. Right to Access:
    • Users have the right to access their personal and business data held by PayandServe.
    • Procedures for users to request data access and receive timely responses.
  2. Right to Correction:
    • Users can request correction of inaccurate or incomplete data.
    • Mechanisms for users to update their information.
  3. Right to Deletion:
    • Users can request deletion of their data, subject to regulatory and contractual obligations.
    • Clear processes for data deletion requests and confirmation.

Data Retention and Disposal

  1. Data Retention:
    • Data will be retained only as long as necessary for business purposes and regulatory compliance.
    • Regular reviews of data retention policies to ensure relevance and compliance.
  2. Data Disposal:
    • Secure disposal methods for data that is no longer needed.
    • Documentation of disposal processes to ensure compliance.

Compliance and Accountability

  1. Compliance Monitoring:
    • Regular audits to ensure compliance with RBI and Government of India guidelines.
    • Appointment of a Data Protection Officer (DPO) to oversee compliance and handle user queries.
  2. Training and Awareness:
    • Ongoing training programs for employees on data protection and privacy.
    • Awareness initiatives to ensure understanding and adherence to data privacy policies.

Updates to the Policy

  1. Policy Review:
    • Regular reviews and updates to the data privacy policy to reflect changes in regulations and business practices.
    • Notification to users about significant changes to the policy.
  2. User Communication:
    • Clear communication channels for users to inquire about the data privacy policy.
    • Prompt responses to user queries and concerns regarding data privacy.

Contact Information

For any queries or concerns regarding our data privacy policy, users can contact us at:

PayandServe Data Protection Office
Email: privacy@payandserve.com
Phone: +91 022 6971 0489

Address: IInd Floor VDS D-53 Near FM Radio Noida Sector-2 UP 201301 India

By adhering to these guidelines, PayandServe ensures the highest standards of data privacy and protection for our users in the B2B digital lending sector.