The DigitSathi Platform is made available by Star Finserv India Limited (“our”, “us”, “we”, “Company”), having its registered office at 8-2-268/K/35, Plot #35, Navodaya Colony, Road #2 Banjara Hills, , Hyderabad, Telangana, India - 500034, through which: (a) DigitSathi (“Lending Partner”) shall provide the services to you (“Services”). The Lending Partner shall collectively be referred to as (“Affiliates”).
In order to facilitate and provide you with the Services through DigitSathi Platform, we (i.e. the Company), the Lending Partner need to collect various data and information from you. The manner in which this data and information is collected, retained, shared, stored, and processed by us (i.e., the Company), the Lending Partner is addressed in this Privacy Policy (“Policy”). By setting up an account on this Platform, you agree to the processing, storage, usage and sharing of the data provided by you pursuant to this Policy.
This Privacy Policy is an electronic record in the form of an electronic contract formed under the Information Technology Act, 2000 and the rules made thereunder and the amended provisions pertaining to electronic documents / records in various statutes as amended by the Information Technology act, 2000. The term “you”, “customer” “user”, “borrower” denotes the person who avails the services of Lending Partner by using the DigitSathi platform.
We may revise this Policy as well as update the Services and the App from time to time, it is strongly recommended for you to return to this page periodically to review the most current version of this Privacy Statement which is amended by us from time to time. If you do not agree with any part of this Policy, please stop using our Services immediately.
This Policy, incorporates, and includes our Terms and the Agreement(s) executed by you for availing the lending products made available by Lending Partner (“User Loan Agreement”). Words and phrases not defined in this Policy shall mean the same as provided in the Terms. We comply with all regulations on the protection of Personal Information specified in laws and regulations applicable to information and communication service providers.
1. Data collected by us:
By using the App, you consent to provide us and our Lending Partner your data in the ways listed below. We collect the data you provide to ensure that you are provided with the services in the best manner possible. Our Lending Partner uses this data to underwrite (i.e. assess the risk it will be taking) loan it might offer you and to determine the rates and tenure for such loans. The data being asked from you helps us and our Lending Partner to provide services to you in a robust and user-friendly manner. We have detailed the manner in which we and our Lending Partner collect data:
A. Data you input in the course of signing up/ onboarding stage for using our services: When you visit our app the administrator processes technical data such as your IP-address, Device ID or MAC-address, information about the manufacturer, model, operating system of your mobile device, the internet browser you use to enable us to deliver the functionalities of the Website. In addition to this, in certain instances the browser may prompt you for your geo-location to allow us to provide you with an enhanced experience. With this technical data the Website administrator can manage the Website, for instance by resolving technical difficulties or improving the accessibility of certain parts of the Website. This way, we ensure that you can (continue to) find the information on the Website in a quick and simple manner.
We and our Lending Partner collect the data you provide to us when you create or update your DigitSathi account. This includes your full name, phone number, email ID, gender, photograph, marital status, PAN, verifies Aadhaar Number linked with your Mobile Number, date of birth, pin code, nature of employment, official employment email address, name of employer, monthly income. We or our Lending Partner may require you to share further information on a later date to confirm the veracity of your information or pursuant to any additional features added to the App.
How we use this data: For Enabling the App and its Services; For Loan Processing and KYC Authentication; For Enabling Customer Support; For Research and Development; For Enabling Communications Between You and Us; For enabling Marketing and Outreach; For Automated Decisions; For Legal Compliance and Requirements.
a. Financial and KYC Information: We and our Lending Partner collect the data you provide to us when you accept the tentative terms of the loans. This includes your photograph, Aadhaar Number verification linked with your Mobile Number, PAN, parents’ names, bank account number, IFSC, One of Officially Valid Documents specified in RBI-KYC directions (Driving License, Voter’s ID, NREGA Job Card, Passport etc.) and transaction information, and any other KYC (Know Your Customer) information required by law to provide our Services.
How we use this data: For Enabling the App and its Services; For Loan Processing and KYC Authentication; For Legal Compliance and Requirements.
b. Other Data Solicited for enhanced functionality and improved Service: You may be required to provide further information to our lending Partner for the purposes of processing your loan application. Such additional information may include (without limitation) bank statements, goods and services tax returns, salary, income statements, type and version of the internet browser/operating system, type and manufacturer of the mobile phone, name and version of system and application software. This data shall be supplied to the Lending Partner through us.
How we use this data: For Enabling the App and its Services; For Loan Processing and KYC Authentication; For assessing the quantum and interest rate of loan to be extended; For Legal Compliance and Requirements.
c. Feedback Data and Other Data: This includes the following:
- If you call our call centers, we may record information provided by you to service you or record the calls for quality and training purposes.
- Data you input when you participate in our referral programs or use any discount codes offered by us.
- If you provide any feedback or comments to us on the App.
How we use this data: For Enabling the App and its Services; For Loan Processing and KYC Authentication; For Legal Compliance and Requirements.
B. Data we collect from Usage of Our Services:
- Geolocation Data: We and our Lending Partner collect the location data from you in two ways: (i) when you add the pin code as part of your DigitSathi Account data; and (ii) from your mobile device when enabled by you to do so. The location data helps us to provide you with better loan offers, for KYC, reduce risk associated with your loan application and also to prevent any Fraud.
- User Personal Information: Our app collects user account data which includes email address, name to log in to the app. This information is required as part of the registration process to access our service and it is also used to auto populate relevant fields in the course of the interface of the app. Our app also collects mobile numbers for verification to check the active SIM status on the device uniquely identify you and prevent fraud and unauthorized access. We also collect the AAID for advertising and analytics.
- Financial SMS Data: We collect all of the SMS data and transmits only financial and promotional SMS data to our server while transmitting only your Financial transactional SMS data to our Lending Partner. We and our lending Partner monitors only your financial transactional SMS which helps us in identifying your bank accounts, cash flow patterns, names of transacting party, description and amount of the transactions undertaken by you to help our lending partner perform credit risk assessment enabling it to determine your risk profile and provide you with the appropriate credit analysis and to prevent fraud thereby helping us and our lending partner to provide you with quicker loan disbursal. This data may be collected even when the app is not in use. No personal SMS data is stored by us on our server neither by our lending partner You will not be able to use the App if you disable this access.
- Device Data: Our app collects and monitors specific information about your device including
your hardware model, RAM, storage; unique device identifiers like IMEI, serial number, SSAID, SIM
information that includes network operator, roaming state, MNC and MCC codes, WIFI information that
includes MAC address and mobile network information to uniquely identify devices and to prevent
fraud. This also helps in enriching your credit profile and providing you with the best loan offers
according to your profile.
How we use this data: For Enabling the App and its Services; For Enabling Customer Support; For Research and Development; For Enabling Communications Between You and Us; For enabling Marketing and Outreach. - App Data: We and our Lending Partner collect the data about your installed applications, including the applications and package name, installed and updated time, version name and version code for all applications installed on your device on and from the date you create your DigitSathi Account and the manner in which you use them. This also includes having access and permission to send you messages and notifications via your social media and instant messaging applications. We use this to assess your credit worthiness and provide you with pre-approved customized loan offers. You will not be able to use the App if you disable this access.
- Microphone and Camera: We require microphone and camera access permission to initiate two-way audio communication as a part of KYC journey. This may be stored for future verification purposes.
- Usage data: We collect data about how you interact with our services. This includes data such as interaction patterns, access dates and times, App features or pages viewed, App crashes and other system activity, type of browser, and third-party sites or services used before or in the course of interacting with the Services.
- Transaction information: We collect transaction information related to the use of our Services, including the type of services requested, date and time the service was provided, loan availed, interest payable, EMI selected, and payment method.
- Storage: This permission is required so that users' documents can be securely downloaded and saved on users' phones and upload the right documents for a faster approval and disbursal of the loan. This helps provide a very smooth and seamless experience while using the app.
Information Received from other sources: We may also be working closely with third parties (including, for example, credit information bureaus, business partners, technical sub-contractors, analytics providers, Lending service providers) and may lawfully receive information about you from such sources. Such data may be shared internally and combined with data collected on the App. We may also use the content you have shared publicly, including on third party platforms or applications, to promote our Services (including by quoting your content, reviews and/ or recommendations, or displaying screenshots of your content, reviews and/ or recommendations).
How we use this data: For Enabling the App and its Services; For Loan Processing and KYC Authentication; For Enabling Customer Support; For Research and Development; For Enabling Communications Between You and Us; For enabling Marketing and Outreach; For Automated Decisions; For Legal Compliance and Requirements
2. Usage and Purpose of Data collected:
The data that is collected in accordance with Section 1 above will be used in the manner detailed below:
a. For enabling App & its Services: The data collected is used to personalize, maintain and improve our Services. This includes using the data to:
- Create and update the DigitSathi Account.
- Analyze your loan eligibility and estimate your loan terms.
- Track the disbursement and repayment of the loan.
- Enable features that allow you to add and remove bank accounts for your loan repayment and disbursements from time to time.
- Enable features that help you check your loan history and other such App features as may be added from time to time.
- Perform internal operations necessary to provide Services, including to troubleshoot software bugs and operational problems; to conduct data analysis, testing, and research; and
- to monitor and analyze usage and activity trends.
b. For Loan Processing and KYC Authentication: Our Lending Partner use the data to analyze your creditworthiness, loan eligibility, KYC documents, current employment verification and the terms of your loans. While we collect the Financial and KYC Information, Lending Partner is required to individually process the loan requests and verify the KYC documentation received. Failing to process such data means that you cannot be provided any loans. You hereby grant us explicit consent to fetch your KYC (Know Your Customer) details from the Central KYC Records Registry using the details provided by you. Our Lending Partner also use the data to track disbursement and repayment of your loan
c. For Enabling Customer Support: We use the information to provide customer support, including to resolve your concerns from the use of the Services, and train customer service executives.
d. For Research and Development: The data so collected by us may be used for research, analysis, and product development to improve the UI/UX experience – all of which will ultimately improve how you experience the App. This also helps us develop automated actions to be triggered in certain events, such as to identify if photographs uploaded are not clear, fraud takes place, IFSC is incorrect etc.
e. For Enabling Communications Between You and Us: We may add features that allow you to call us (through the App or otherwise), similarly, we may also need to contact you (through the App or any other channels that you give us access to, such as WhatsApp).
f. For Marketing and Outreach: We may use the data collected to market the App and its Services. This includes sharing your feedback, ratings and screen names for purely promotion and marketing purposes. Such promotion and marketing may be done via hoardings, banners, pamphlets etc.
g. For Automated Decisions: The App may provide automated features for customer responses, reimbursement tracking, etc. As the App grows, we will keep adding more automated features to the App.
h. For Legal Compliance and Requirements: We may use the data we collect to investigate or address claims or disputes relating to use of our Services, or as otherwise allowed by applicable law, or as requested by regulators, government entities, and official inquiries.
i. For Product Innovation: We may use the data collected to offer new products and services for your use.
- You acknowledge that if we determine that any information you have provided or uploaded violates the terms of this Privacy Policy, we have the right, in our absolute discretion, to delete or destroy such information without incurring any liability to you.
- You acknowledge that you are licensing us to use, modify, display, distribute and create new material from the information you provide through the App to render certain Services on the App. By providing such information, you automatically agree, or promise that the owner of such information has expressly agreed to allow or license, as the case may be, us to use the information in the manner set out in this Privacy Policy, without the payment of any fees. We may, to the extent permitted by law, also use, license, reproduce, distribute disclose, and aggregate, non-personally identifiable information that is derived through your use of the App and you hereby provide consent for the same.
- For the avoidance of any doubt, it is hereby clarified that any User information collected from you will be used only for the purposes of providing our Services.
3. Sharing of the Collected Information:
Personal information held by us will only be used for purposes directly related to one or more legitimate functions or activities in the provision of our services or as otherwise permitted by law. We are very protective about your data.
We will not use your information for any purpose other than in connection with the App and as expressly set forth herein. We may enter into data-sharing agreements as Non-Disclosure Agreements or disclose the collected data in order to provide the Services and new product offerings to you. We have detailed the manner in which we share the collected data below.
a. Sharing of Information with Third Parties:
- Service Providers: To trusted partners who work on behalf of or with us under confidentiality/non-disclosure agreements. You understand that in order to provide the Services, we may share your information with third parties, including entities/organizations that provide the loans / credits availed through the App or otherwise in connection with the Services (and other functionalities of the App) and you explicitly agree to such User information being shared. These entities may use your Information which shall inter alia include one or more of the following services: for performing marketing services, help or enable you to avail of loan or other financial products from regulated entities, administering promotions; analysing transaction behaviour and cashflows via your SMSs, bank statements, goods and services tax returns, salary and income statements, income tax returns, basis which your loan offer is generated; data validating and authenticating the official verification documents provided by you; processing credit/debit card payments; E-signing/ Digital signing of the User Loan Agreement or Sanction Letter, populating the User Loan Agreement or the Sanction Letter (the information shared with these service providers is retained for auditing of the agreement); analysing customer behaviour and to automate our marketing and outreach efforts; Detection and flagging of fraud; Cloud Services; gathering of additional information regarding your bank account and statement detail in case adequate information has not been provided by you or through the other service providers we work with; operating the Service or providing support and maintenance services for the same; for collection and recoveries of any sum owed by you to lending Partner; validating and authenticating your employment status, employment information and employment duration; and/ or providing customer service. We work with third party service providers to execute various functionalities of the App. Your information may be shared with such service providers to facilitate/enhance/complete the Services offered to you.
- Third Party Services: We may share your information with third parties that will help or enable you to avail of loan or other financial products from regulated entities. The App may allow you to connect with other websites, products, or services that we don’t have control over. In the event you are directed to a third-party website and if you choose to access them (or avail of such third party’s offerings), we will not be responsible for such third-party websites or applications. Please note that in case you share any data or information with such third parties, you will be bound with their respective privacy policies and/or terms of use/service. since usage of such third-party services is subject to their privacy policies and not within our control. We recommend that you have a look at their privacy policies before agreeing to use their services.
- Affiliates and Group Companies: Subject to applicable law, we may share any data we have collected or collect from you with our affiliates and group companies for product research and development, advertising relevant products to you, and to tailor the products for your benefit.
- Link to Third-Party SDK: The application has a link to a registered third party SDK which collects data on our behalf and data is stored to a secured server to perform a credit risk assessment. We ensure that our third party service provider takes security measures in order to protect your personal information against loss, misuse or alteration of the data.
- The list of Lending Service Provider, as updated from time to time is available at “https://www.digitsathi.co.in/lsp-dla”.
In some cases, we may be required to disclose personal information without consent.
- Specific instances include where: A warrant or notice issued by a court requires us to produce records or documents held by us. We may share the information with the government authorities or courts, pursuant to applicable laws and directives, for any investigation for offenses in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of various terms and conditions or our policies.
- Sharing of your information is required as per statutory or regulatory requirement.
If you decline to submit information to us, then we will unfortunately not be in a position to provide the Services to you.
4. Data Security Practices including Standards for handling Security Breach and Data Destruction:
The security of your Personal Information is very crucial to us. It is our endeavour to protect your Personal Information against any type of unauthorized usage. To do this we take all reasonable steps to ensure personal information is protected from misuse, loss and unauthorized access, modification or disclosure in accordance with statutory requirements. This includes having security measures and controls in place to protect personal information including limiting access, cryptography, physical and environmental security and audit monitoring.
A. We take security procedure and technical and organizational measures to safeguard your Personal Information. In order to maximize the protection of data within our control, the following industry aligned best practice information security controls is implemented:
- Information Security Management System certified to an international standard
- Firewalls on the network perimeters
- Data Loss Prevention (DLP), Encryption, limited access, use of passwords, for better safety of the information given by you
- Secure-System Development Lifecycle (s-SDLC) controlling the internal developments
- Log Management and monitoring
- Monitoring of Vendor Alerts
- Penetration Tests and Vulnerability Assessments
- Anti-virus protection with regularly updated virus-definition data
- Application of available patches through regular patching cycles.
B. Measures for the Protection of Your Information: As cited above amongst others we take the following technical, administrative, and physical measures to prevent the loss, theft, leakage, external attacks on and hacking of information, and aims to have the highest level of security in relation to the processing of the personal information of the Users.
a. Minimizing the number of managers processing personal information: We minimizes the number of managers processing personal information.
b. Encryption of personal information: Password of User is managed and stored in encrypted manner. Confirming and changing password is only possible by the User who knows correct password.
c. Technical measures against hacking, etc.: We use anti-virus solutions and inspects the solution on regular basis to prevent damages from computer viruses and hacking. We also use technical and physical measures including installation of systems with limited external access.
d. Promoting Awareness among the staff: Staff will be trained on the privacy policy and its implications. At the time of appointment, each staff will be made to sign a non-disclosure/confidentiality clause, thereby agreeing to protect us and our clients’ data.
e. Managing IDs and passwords: ID and password of a User can be used by the Authorized User only. We will not be responsible for personal information leakage by negligent act of the User or accidents from inherent weakness of the Internet.
f. Due Diligence & Security: Data security is our priority. In order to prevent unauthorized access, we have the required procedures and firewalls (both electronic and physical) to safeguard your data.
We use requisite technical and organizational security measures to ensure a level of protection for personal data appropriate to the nature, scope and purpose of processing personal data. The transfer of personal data between your end device and us is generally carried out via best-in-class encryption protocols. If you communicate with us by e-mail, access by third parties cannot be ruled out. In the case of confidential information, we recommend using the mail, i.e., post or encrypted email communication (PGP)
5. Your Rights regarding the Data: Users have the right, at any time, to know whether their personal information has been stored and can consult us to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for transformation into anonymous format or to block any data. It is important for us that you remain in control of your data. Please write to us at support@digitsathi.co.in if you wish to exercise any of your rights under the Policy. You shall have the following rights:
A. Right to rectification: In the event that any personal data provided by you is inaccurate, incomplete or outdated then you shall have the right to provide us with the accurate, complete and up to date data and have us rectify such data at our end immediately. We urge you to ensure that you always provide us with accurate and correct information/data to ensure your use of our Services is uninterrupted.
B. Right to withdraw consent: You have the right to withdraw your consent to this policy by uninstalling the App. However, if you have availed any loans from lending partner through us, we shall have the right to continue processing your information till such loan has been repaid in full, along with any interest and dues payable to Lending Partner. We hold your information in electronic form and will destroy or de identify personal information when it is no longer required or when we are no longer required by law to retain it (whichever is the later).
C. Right to opt-out:
Marketing opt-outs: We may email and notify you from time to time about our latest offerings and updates. You may opt out of receiving such promotional emails from us by writing to us. You may also opt out of receiving emails and other messages from us by following the unsubscribe instructions in those messages. However, even if you have opted out of receiving information from us, we will still send non-promotional communications, such as receipts for amount remittance etc
Push Notifications: You can opt out of receiving push notifications through your device settings. Please note that opting out of receiving push notifications may impact your use of the App.
We process your Information only when we have obtained your consent in the manner provided hereunder. By setting up a DigitSathi account you agree to our and the Lending Partner’s processing, storage, usage, and sharing of the data provided by you pursuant to this Policy. For any purposes, where, as per applicable laws of India, a specific consent is required, we will seek such specific consent from you from time to time.
n relation to information obtained by third parties or group entities, we rely on the consent taken by these parties on their respective platforms in our favour for us to process the information.
you may, of course, decline to share certain information with us. If you do not agree with any of the terms of this Policy or the Terms or wish to restrict disclosure of your information to third parties, make the app delete/ forget your data or revoke any consent you have provided to us and, please write to us at support@digitsathi.co.in. However, please note that if you wish to revoke any mandatory permissions or revoke the consent to process and store information such as your DigitSathi Account data, Financial and KYC Information and/or any other information needed to facilitate your loan amounts, in which case we may not be able to provide to you some or all of the features and functionalities of the Websites/ Apps. This may also affect our ability to process your Personal Information and may therefore lead to the non-availability or discontinuation of the services for which such Personal Information are to be used or was being used, at our sole discretion.
6. Data Retention: We shall retain the information you provide to facilitate your smooth and uninterrupted use of the App, and (i) to provide, improve and personalize the Services; (ii) to contact you about your account and give customer service; (iii) to personalize our advertising and marketing communications; and (iv) to prevent, detect, mitigate, and investigate fraudulent or illegal activities. We do not retain your personal data for longer than required for the purpose for which the information may be lawfully used. For any other information, we may entertain your request for deletion, however, you may not be able to use our Services at all after such deletion.
We may store your Personal Information for as long as the same is required for the fulfillment of purposes for which we collected it. The retention of Personal Information by us is determined by considering compliance with legal (contractual, statutory or regulatory requirements), accounting and compliance reporting requirements.
7. Minors: Our Services are not directed to children, and we do not knowingly solicit or collect personal information from persons under the age of 18 (eighteen). If we find out that a child has given us personal information, we will take steps to delete that information and terminate the relevant DigitSathi Account.
8. Changes to Privacy Statement and Your duty to inform us of Changes: This Privacy Statement may change or be amended over time. The recent version of this Privacy Statement is published on our Website or App, as the case may be. Please revisit this page periodically to stay aware of any changes to this Privacy Statement. We will notify you of any material changes to this Privacy Statement by publishing the same on our Website or App as applicable. Your continued use of our services confirms your acceptance of this Privacy Statement, as amended. If you do not agree to the terms and conditions as contained in our Privacy Statement, as amended, you must stop using our services and notify us.
It is very important that any Personal Information we hold about you is up to date and correct. Please inform us of any changes to your Personal Information.
9. Communication From us: We may from time to time contact you via calls, SMS, emails, and other communication channels to provide you with information pertaining to our Services, notifications on updates vis-à-vis our Services (when we consider it necessary to do so), educational information and promotions. We may also notify you if we need to temporarily suspend the App for maintenance, and keep you informed on security, privacy, or administrative-related communications. By setting up an account on DigitSathi, you consent to us contacting you via call, SMS, push notifications, or through any other communication channel, as we may deem fit.
10. Grievance Redressal: We are happy to address any of your queries, concerns or questions relating to processing (including storing and using) of your information which you can raise by writing to us at grievance@digitsathi.co.in.
You may address any complaints or discrepancies in relation to the processing of your Personal Information to:
– 8-2-268/K/35, Plot #35, Navodaya Colony, Road #2 Banjara Hills, , Hyderabad, Telangana, India - 500034
11. Updates to this Notice We may occasionally update this, Policy. Use of our Services after an update constitutes consent to the updated notice to the extent permitted by law. Please take the time to periodically review this Policy for the latest information on our privacy practices.
12. By agreeing to our Privacy Policy, you hereby consent to agree to the Privacy Policy of our Lending partners as mentioned hereunder:
- DigitSathi: “ Privacy and Data Storage Policy”