We, CapFront Technologies Private Limited, with our registered office at No. 1, Second Floor , Old Airport Road, Domlur Layout, Near Domlur Post Office , Bangalore - Karnataka 560071, India (hereinafter shall be referred to as "Capfront" or "Us" or "We" or “Our”) are the operator of the Platform for our group NBFC Vaibhav Vyapaar Private Limited(RBI registration number N-05.06869) also referred as VVPL to offer lending and other various financial services.
User shall mean any person/ persons, who visits, uses, deals with and/ or transacts through the website / app or avails our services and includes a browser.
This policy does not apply to third-party websites/ applications that are connected via links to the platform.
If you do not agree to this Policy or any part thereof, please do not use/ access/ download or install the Platform or any part thereof.
This policy is a part of the platform terms & conditions located at https://www.loanfront.in/terms-conditions.html and all capitalized terms under this policy that have not been specifically defined herein shall have the meaning as ascribed to it under the platform terms & conditions.
We may update this policy from time to time. while we will always endevour to notify you, you must periodically review the policy for the latest information on our privacy practices.
1. COLLECTION OF INFORMATION
When you use our Platform, we collect and store your information which is provided by you from time to time by explicitly seeking permissions from YOU to get the required information. Our primary goal in doing so is to provide you a safe, efficient, smooth and customized experience and Services. This allows us to provide services and features that meets your needs, and to customize our Platform to make your experience safer and easier and to improve the Services provided by us. More importantly, we collect personal information from you that we consider necessary for achieving the aforementioned purpose.
In general, you can browse the Website or App without providing us any personal information. However, to create an account on the Platform, you must provide us with certain basic information required to provide customized services. The following information we collect from you:
- Full name
- Phone number
- Email Address
- Current and Permanent address
- Family and Friend contact details
- Education details
- Identity details (PAN/Aadhaar/Voter)
- Employment details
- Income details
- Information from credit bureaus and customer service providers
- Your Aadhaar Number on behalf of the financial lending partners, at your sole discretion
- Other information that You provide when You write directly to Us (including by e-mail) or provide Us over telephone or while filling out any applications on the Platform.
The Non-Personal Information:
We automatically track certain information about you based upon your behavior on our Platform. We use this information to do internal research on our users’ demographics, interests, and behavior to better understand, protect and serve our users and improve our services. This information is compiled and analyzed on an aggregated basis. We also collect your Internet Protocol (IP) address and the URL used by you to connect your computer to the internet, etc. This information may include the URL that you just came from (whether this URL is on our Website or not), which URL you next go to (whether this URL is on our Website or not), your computer browser information, and your IP address.
If you send us personal correspondence, such as emails or letters, or if other users or third parties send us correspondence about your activities or postings on the Website, we collect such information into a file specific to you.
- The Personal Information: Is collected by Us after You explicitly provide us consent or is shared by You with Us pursuant to a clear disclosure - such as name, address, phone number, email address etc as mentioned in section 1. We will collect your personal information when you:
- Register on our Website or App.
- Applying for a loan product or facility through our Platform.
Information that You provide to Us
Mobile number is required as a part of registration process to access our Service. We further collect other identifiable information on the Platform when you set up an account with us as further detailed below.
While you can browse our Platform without being a registered member as mentioned above, certain activities (such as availing of loans from the third-party lenders on the Platform) require registration and for you to provide the above details. The Platform will clearly display the personal information it is collecting from you, and you have the option to not provide such personal information. However, this will limit the services provided to you on the Platform.
Our App also collects mobile number for verification to check the active SIM status on the device, uniquely identify you and prevent frauds and unauthorized access.
As a part of our Video Know Your Customer (Video KYC) process, collection of your personal information has become mandatory to ensure the completion and authentication of your KYC. In this regard, permissions for microphone, camera will be mandatorily required.
The key information collected from the device is further detailed below:
COLLECTION OF SMS INFORMATION
Our app collects and transmits to LoanFront servers, your SMS data which helps us in identifying the various bank accounts that you may be holding, cash flow patterns, description and amount of the transactions for the purpose of performing a credit risk underwriting and assessment. This credit risk assessment enables us to perform a speedy loan disbursal. This data may be collected even when the app is closed or not in use.
Our app collects and transmits to LoanFront servers, metadata information which includes the application name, package name, installed time, updated time, version name and version code of each installed application on your device. This data may be collected even when the app is closed or not in use. This helps us to assess your credit worthiness and provide you with customized or pre-approved loan products.
PHONE (DEVICE INFORMATION)
Our app collects and transmits to LoanFront servers, specific information about your device including your hardware model, build model, RAM, storage, unique device identifiers such as IMEI, serial number, SSAID, AAID; SIM information that includes number of SIMs, network operator, roaming state, MNC and MCC codes, WIFI connection name and other information which includes MAC address and mobile network information to uniquely identify the devices and prevent unauthorized devices acting on your behalf to minimize frauds. This data may be collected even when the app is closed or not in use. This also helps us in enriching your credit profile and assessing your credit worthiness.
Our app collects and transmits to LoanFront servers, the information about the location of your device to provide serviceability of your loan application, to reduce the risk associated with your loan application. This also helps us to verify the address, perform quicker KYC process to make a better credit risk decision.
USER PERSONAL INFORMATION
Our app collects and transmits to LoanFront servers, user account data which includes email address, user public profile information like name, photo, ASID depending on the platform used by you to log-in to the app. This information is required as a part of registration process to access services offered by us and it is also used to auto-populate relevant fields in the course of the interface of our app. Our app also collects mobile number for verification through OTP to check the active SIM status on the device, uniquely identify you and prevent frauds and unauthorised access.
We require camera access so that you can easily scan or capture required KYC documents and save time by allowing us to auto-fill relevant data or to initiate an audio/video call for KYC purpose, which may be stored for future verification purpose. This ensures that you are provided with best user experience while using the application.
We require microphone permission to initiate two-way audio communication as a part of KYC journey. This may be stored for future verification purposes.
Our app requires storage permission so that your KYC and other relevant documents required for verification of your Loan application (income/employment proof i.e. pay-slip, bank statement etc.) can be easily uploaded from your device. This also helps in easy download of Loan agreements onto device post loan disbursal. This ensures faster processing of loan application and aids in better user experience.
From Third Parties
We also collect your credit reports and credit data on your behalf or on behalf of our financial partner in the event you have applied for a loan / facility to the said financial partner. In this regard, You:
- Authorize Us, to request and receive Your credit score / report from credit information companies, now and on a periodic basis, at its discretion until such time You communicate in writing to Us to discontinue such requests.
- Further fully understand that the purpose of this credit score / report is to enable Us to make informed lending decisions effectively and enable faster processing of credit applications to help provide speedier access to credit through our Platform.
- Also understand that We may apply for the credit score / report either ourselves directly or through any of their partner tie ups who are members of credit information companies, and fully authorize Us to share my details with such partner.
LINK TO THIRD-PARTY SDK
The App has a link to a registered third-party SDK which collects data on our behalf and data is stored to a secured server to perform a credit risk assessment. We ensure that our third-party service provider takes extensive security measures in order to protect your personal information against loss, misuse or alteration of the data.
Our third-party service provider employs separation of environments and segregation of duties and have strict role-based access control on a documented, authorized, need-to-use basis. The stored data is protected and stored by application-level encryption. They enforce key management services to limit access to data.
Furthermore, our registered third-party service provider provides hosting security – they use industry-leading anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, and application control solutions.
- Any other information that Capfront is required to collect as per specific mandate from any financial lending partners or as a requirement under applicable law.
- Information from You electronically - like the pages viewed, how You navigate through the Website / Platform and interact with webpages, etc.
- We might also use other technology to track how You interact with Platform and employ some third-party agencies to use the data on Our behalf. The information We collect about You will depend on the products and services We offer or You avail, on an ongoing basis. The information collected from You will be used in order to effectively provide Services to You. If You do not allow Us to collect all the information We request on the Platform, We may not be able to deliver all of these services effectively.
2. PURPOSE, USE AND DISCLOSURE OF INFORMATION
We will use and retain Your information for such periods as necessary to provide You the services on our Platform, to comply with our legal obligations, to resolve disputes, and enforce our agreements with you or the financing partners who have advanced a loan to You.
Use of Information:
We use data collected to support our Product, Capfront, as a platform assists You to reach and select diversity of third-party financial partners, along with their products, and technically help you accomplish transaction with these third-party financial partners. We may use the information provided by You in the following ways:
- To establish identity and verify the same.
- Monitor, improve and administer our Platform.
- Design and offer customized products and services offered by our third-party financial partners.
- Analyze how the Platform is used, diagnose service or technical problems and maintain security.
Send communications notifications,You or process queries and applications that You have made on the
Manage Our relationship with You and inform You about other products or services We think You might find of some use.
- Conduct data analysis in order to improve the Services provided to the User.
- Use the User information in order to comply with country laws and regulations.
- To conduct KYC for our third-party lending partners based on the information shared by the User for the provision of Services.
- Use the User information in other ways permitted by law to enable You to take financial services from our lending partners.
Disclosure of Information
We may share Your information with third parties including our regulated financial partners for provision of
services on the Platform and/or for facilitation of a loan / facility to a User. We may also share Your
information with third parties under a confidentiality agreement for provision of services which inter alia
restricts such third parties from further disclosing the information unless such disclosure is for the
purpose as detailed under that confidentiality agreement.
We will share Your information with third parties only in such manner as described below:
- We may disclose Your information to the financial service providers, banks or NBFCs and Our third-party partners for providing the Services as detailed under the Terms & Conditions.
- We may share Your information with our third-party partners in order to conduct data analysis in order to serve You better and provide Services on our Platform.
- We may also share the data / information with our technology service providers to perform credit and know your customer checks to facilitate a loan for the User through regulated financial partner.
- We and our affiliates may share Your information with another business entity should we (or our assets) merge with, or be acquired by that business entity, or re-organization, amalgamation, restructuring of business for continuity of business.
3. STORAGE OF INFORMATION
We store and process Your personal information on secure AWS cloud servers and other cloud service providers within India. Some of the safeguards We use are firewalls and encryption using SSL, and information access authorization controls. We use reasonable safeguards to preserve the integrity and security of Your information against loss, theft, unauthorized access, disclosure, reproduction, use or amendment. To achieve the same, We use reasonable security practices and procedures as mandated under applicable laws for the protection of Your information. Information You provide to Us may be stored on Our secure servers located within or outside India.
However, You understand and accept that there’s no guarantee that data transmission over the Internet will be completely secure and that any information that You transmit to Us is at Your own risk. We assume no liability for any disclosure of information due to errors in transmission, unauthorized third party access to our Platform and data bases or other acts of third parties, or acts or omissions beyond Our reasonable control and You shall not be entitled to hold Capfront responsible for any breach of security.
4. ACCESSING YOUR INFORMATION / CONTACTING US
At any point of time Users can choose to edit/modify or delete/withdraw any Personal Information shared for use of the Platform. Please note that deleting or withdrawing information may affect the Services we provide to you. In case of modification of Personal Information, Users will be required to furnish supporting documents relating to change in Personal Information for the purpose of verification by the Company.
5.YOUR PRIVACY CONTROLS
You have certain choices regarding the information we collect and how it is used:
- Device-level settings: Your device may have controls that determine what information we collect. For example, you can modify permissions on your Android device for access to Camera or Audio permissions.
- Delete the App from your device
6. SECURITY PRECAUTIONS
The Platform intends to protect your information and to maintain its accuracy as confirmed by you. We implement reasonable physical, administrative and technical safeguards to help us protect your information from unauthorized access, use and disclosure. For example, we encrypt all information when we transmit over the internet. We also require that our registered third-party service providers protect such information from unauthorized access, use and disclosure.
Our Platform has stringent security measures in place to protect the loss, misuse and alteration of information under control. We endeavour to safeguard and ensure the security of the information provided by you. We use Secure Sockets Layers (SSL) based encryption, for the transmission of the information, which is currently the required level of encryption in India as per applicable law. We blend security at multiple steps within our products with the state of the art technology to ensure our systems maintain strong security measures and the overall data and privacy security design allow us to defend our systems ranging from low hanging issue up to sophisticated attacks.
In addition, the Website and App have been certified for the following security certifications:
- ISO 9001: being the international standard that details requirements for a quality management system (QMS). Organizations use the standard to demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements with the requisite security protections.
- ISO 27001 (formally known as ISO/IEC 27001:2005): is a specification for an information security management system (ISMS) and is the suggested level of certification required under the Information Technology Act, 2000. An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organization’s information risk management processes.
We aim to protect from unauthorized access, alteration, disclosure or destruction of information we hold, including:
- We use encryption to keep your data private while in transit;
- We offer security feature like an OTP verification to help you protect your account
- We review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems.
- We restrict access to personal information to our employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations
- Compliance & Cooperation with Regulations and applicable laws
- Data Transfers
- We ensure that Aadhaar number is not disclosed in any manner.
We or our affiliates maintain your information on servers located in India. Data protection laws vary among countries, with some providing more protection than others. We also comply with certain legal frameworks relating to the transfer of data as mentioned and required under the Information Technology Act, 2000 and rules made thereunder.
When we receive formal written complaints, we respond by contacting the person who made the complaint. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of your data that we cannot resolve with you directly.
7. THIRD PARTY WEBSITES
With this Policy We’re only addressing the disclosure and use of data collected by Us. If You visit any websites through the links on the Capfront Platform, please ensure You go through the privacy policies of each of those websites. Their data collection practices and their policies might be different from this Policy and Capfront does not have control over any of their policies neither does it have any liability in this regard.
"Phishing" usually occurs when users of a website are induced by an individual/entity into divulging sensitive personal data by using fraudulent websites and/ or e-mail addresses. In the event You provide information to a website or respond to an e-mail which does not belong to Us or is not connected with Us in any manner, You will be a victim to Phishing. We do not send e-mails requesting a user for payment information, user name or passwords. However, We may verify the user name, password etc. provided by You from time to time.
9. SEVERABILITY AND EXCLUSION
We have taken every effort to ensure that this Policy adheres with the applicable laws. The invalidity or unenforceability of any part of this Policy shall not prejudice or affect the validity or enforceability of the remainder of this Policy. This Policy does not apply to any information other than the information collected by Capfront through the Platform. This Policy shall be inapplicable to any unsolicited information You provide Us through the Platform or through any other means. This includes, but is not limited to, information posted in any public areas of the Website / App. All unsolicited information shall be deemed to be non-confidential and the Company shall be free to use and/ or disclose such unsolicited information without any limitations.
10. NO WAIVER
The rights and remedies of available under this Policy may be exercised as often as necessary and are cumulative and not exclusive of rights or remedies provided by law. It may be waived only in writing. Delay in exercising or non-exercise of any such right or remedy does not constitute a waiver of that right or remedy, or any other right or remedy.
11. YOUR CONSENT
12. GREVIANCE OFFICER
Name: Mr. Satya M.
Address: #No.1, Old Airport Road, Domlur Layout, Near Domlur
Post Office, Bengaluru, Karnataka - 560071.
Time: MON - SAT : 10:00 AM - 06:30 PM
The Company is a company based in India. By browsing/using the Platform, You hereby acknowledge that the Company is not responsible or liable in any manner to comply with any local laws of Your territory except India.