LAST UPDATED ON 01 June 2023
The security of your personal information is our utmost priority. We receive and store both personal and non-personal information about you when you use our iOS or Android mobile application Senda. We protect this information by maintaining physical, electronic, and procedural safeguards that meet applicable laws. We train our employees in the proper handling of personal information.
2. COLLECTION OF INFORMATION
We collect the following Personal and Non-Personal Information when you use Senda.
i. Your name, contact number and e-mail that is collected for signing up on Senda.
ii. Information provided by you for using our services, such as your mobile number, e-mail, password, date of birth, residential address, gender, marital status, Permanent Account Number (PAN) and your bank account details.
iii. You may be required to provide certain additional information depending on the services that you wish to use, at your discretion.
iv. We may also retrieve information from centralised Know Your Customer (KYC) databases such as CVL KRA, NDML KRA, CERSAI (CKYC) etc, your details such as your KYC status, father’s name, occupation, identity and address proof documents.
v. For use of some services, we may be required to perform a Know Your Customer registration check and register/update your KYC if not already registered/updated. In such cases, we will require you to provide your KYC information as detailed in i) and ii) above, upload documentary evidence of your identity, address and financial details and record a live video interaction through the device in use that clearly shows your face to establish liveliness and verify that it’s you who is accessing our application.
vi. We may also retrieve your information from SMS, data aggregators and loan bureau to fill up the details in order to calculate your financial health score. This will be at your discretion and you will be asked to grant permission for the same. We read only relevant information for such purposes and the data will be encrypted.
vi. During the use of our services, we will collect information about your transaction history, transaction status and other transaction details.
vii.When you access Senda through the mobile application we will receive information about your location, IP address, the make, model and the unique identifier of the device in use.viii. When you interact with our customer support systems including through chat bots, email or call we record these interactions.
b. Non-Personal Information
i. When you open our mobile app, we collect and store information to enable us to provide an online experience that matches your device. The information collected includes the type and address of the device you use, the browser and its version, the operating system and its version you are using and the website from which you came to the Finwell Website.
ii. When you install and access our mobile application through a mobile device, we collect information including your location, IP address, the make, model and the unique identifier of the device in use, the browser and its version, the operating system installed on the device and its version,
iv. Cookies and pixel tags help us improve your online experience. This comprises, inter alia, your response to any of our emails, the time and duration of your visit to our site and pages you viewed while on our site.
v. We may also supplement the information we collect with information we receive from other companies. For example, we may use marketing segments developed by us or other companies to customise certain services to your local area and provide relevant Finwell offers tailored to you.
Any information provided to us by you or collected by us about you shall be deemed to have been disclosed willingly by you, without any coercion by our officers, agents or affiliates. While we make efforts to validate the information provided by you, we do not/shall not undertake any liability and do not/shall not make no representations as to the genuineness, validity, completeness or correctness of the information provided by you.
3. STORAGE OF YOUR INFORMATION
Information collected is stored on our servers, log files or storage systems owned by us or by third parties specifically providing such storage services.
4. USE OF INFORMATION
We use the personal information and non-personal information provided by you for
a. Facilitating various services provided by us, the availing of each of which are at your discretion, including
i. Setting up your account and facilitating the processing of your transactions through our transaction partner for Mutual Fund services.
ii. Setting up and facilitating the processing of your transactions through our partners for domestic equities, insurance if applicable.
iii. To enable us to complete your registration with us and/or with them and to process any transaction requests that you authorise, maintain a record of your transactions and holdings, generate and send reminders, alerts, notifications to you for transactions, upcoming funds transfers etc.
b. Checking/Updating/Registering your KYC in centralised KYC databases such NDML KRA, CERSAI (CKYC)
c. Resolving your queries, concerns and to provide you with support in the case of any issues during the use of our services and of those provided by our partners.
d. Informing you about any offers relating to products and services including sharing of marketing material with you.
e. Streamlining and customising your experience while using our mobile application or while accessing our services through the mobile browser or our website.
f. Informing you over email or on call about the progress of and issues with, if any, pertaining to the transactions initiated by you and the resolution thereof or relating to the services availed by you.
g. Facilitate the transfer of funds from your bank account to the service provider by validating your bank account and redirecting you to the payment gateway provided by the service provider(s).
h. To track, analyse and maintain information about your use of our application to enable us to maintain and preserve information of your current state and flow progress.
j. To communicate with our partners with respect to their products and services that you may have availed through us.
k. To enable our partners to communicate with you with respect to their products and services that you may have availed through us.
l. To update your information in the My Data section to generate recommendations and financial health scores. Senda reads your SMS data upon your discretion to read information like insurance payments and EPF balance to update your profile which will be used to build the recommendation on the Senda app.
m. To update your financial information in the My Data section , Senda also uses account aggregation and loan bureau services.
We use the non-personal information provided by you and aggregated information for:
a. To improve your experience while using our website, mobile website or mobile application
b. For troubleshooting and identifying any bugs, operational issues, process bottlenecks, errors in the application and for analysing usage and activity trends and to
c. To prepare analyses, reports and tools for your use such as insights.
d. To monitor, identify, resolve and prevent any security incidents, frauds, criminal activities, prohibited activities, non-compliance
e. For research, design and development of the products and services offered by us.
f. We may use aggregated information that does not identify you individually for better product design, research and for developing customised marketing offers either by us or any affiliated or unaffiliated third-party consultants or service providers.
5. SHARING OF YOUR INFORMATION
a. When we use third parties to provide services, we require them to protect the confidentiality of personal information about you that they receive from us. The information is disclosed on a need-to-know basis.
b. We may use third party service providers to enable us in providing some services to you such as sending e-mail messages to you and tracking them on our behalf, collecting a fee for our services, and providing technical support that can contact you regarding an issue with any feature or functionality on our website.
c. Information will be shared with select third parties such as our group companies, Asset Management Companies (AMC), Registrar and Transfer Agents, and affiliate companies. Central Registry of Securitisation Asset Reconstruction and Security Interest of India (CERSAI), KYC registration agencies (KRA), payment gateway providers, banks providing collection services in order to enable us to complete your registration with us and/or with them and to process any transaction requests that you authorise, maintain a record of your transactions and holdings, generate and send reminders, alerts, notifications to you for transactions, upcoming funds transfers etc.
d. We also use third-party services such as Google Tag Manager, Google Analytics etc that may collect information used to identify you.
e. We will not share with, or make available, your personal information to any third party without your authorisation, except if we are specifically directed or mandated to do so under any Applicable Law, legal proceeding or directive by any administrative, judicial, quasi-judicial, statutory or regulatory body or any authority or agency of the Government.
6. SECURITY OF YOUR INFORMATION
b. Every time you login to our website or mobile application, we use, inter alia, the latest authentication and encryption protocols (TLS 1.2) along with session timeouts, firewalls to protect your account from unauthorised access. Your password information is not accessible to anyone including us and can only be changed/updated by you using a two-factor authentication process.
c. We may offer the use of social logins or identity providers such as Google, Facebook etc. to enable you to conveniently create an account and register yourselves on our website. By enabling the use of these credentials, we offer you the convenience of not having to create and remember a fresh user ID and password. Such service, its availability and the privacy of your login information are governed by the terms and conditions of the respective service providers. Whilst we do take adequate measures to safeguard your information, we do not take responsibility for your information in case of a security breach at these service providers or in case you share your login information with anyone or in case your social media account was to get hacked. We require you to maintain adequate confidentiality of your social login information and use this facility after due consideration and with appropriate caution.
d. When you provide us with your personal information either while setting up an account with us or later, it is kept maintained by the division that is responsible for your account management. You can view and/or update/edit this information by logging on to your account through our app, e-mailing us or calling customer service.
As we add more services or wish to inform you of some additional benefits that we offer either directly or in partnership with any third party, we may use the information we have collected to offer you customised recommendations as well as marketing communications through any medium including e-mail, SMS etc. You will have the option to opt out of such communications at any time.
Withdrawal of consent: Personal information collected will not be used for any purposes other than as mentioned herein. You may withdraw your consent for the use of the personal information at any time by deactivating your account. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent. In the event you choose to withdraw your consent for collecting and processing your personal data, we will be unable to provide you with our products and services.
8. GRIEVANCE REDRESSAL
We comply with the requirements of the Information Technology (Reasonable Security Practices And Procedures And Sensitive Personal Data Or Information) Rules, 2011. And for the purposes of this act, we have designated a Grievance Officer. The Grievance Officer may be reached by writing to email@example.com