SAYYAM INVESTMENTS PRIVATE LIMITED, a Company registered under the Companies Act, 1956, having its registered office at Agyathuri, Chamajali, Amingaon Guwahati Kamrup AS 781031 IN (hereinafter shall be referred to as “Sayyam” or "Company" or "us" or "we") is a Non Banking Financial Company registered with the Reserve Bank of India (“RBI”) and is the Licensed owner of the mobile application named PayRupik ("App") and website at sayyam.in ("Website") (App and Website are hereinafter together referred to as the "Platform").
THIS POLICY DESCRIBES OUR POLICIES AND PROCEDURES FOR THE COLLECTION, USE, STORAGE, PROCESSING, DISCLOSURE AND PROTECTION OF ANY INFORMATION, INCLUDING, BUT NOT LIMITED TO, BUSINESS OR PERSONAL INFORMATION PROVIDED BY YOU AS A USER (“YOU/YOUR” or “USER”) WHILE USING THE PLATFORM. USER SHALL MEAN ANY PERSON/ PERSONS, WHO VISITS, USES, DEALS WITH AND/ OR TRANSACTS THROUGH THE PLATFORM OR AVAILS OUR SERVICES AND INCLUDES A BROWSER.
THIS POLICY CONSTITUTES A LEGAL AGREEMENT BETWEEN YOU, AS THE USER OF THE PLATFORM, AND THE COMPANY, AS THE LICENSED OWNER OF THE PLATFORM. YOU MUST BE A NATURAL PERSON WHO IS AT LEAST 21 YEARS OF AGE.
BY VISITING/ ACCESSING THE PLATFORM, THROUGH THE WEBSITE OR THE APP AND VOLUNTARILY PROVIDING US WITH INFORMATION (PERSONAL AND/ OR NON- PERSONAL) FOR THE PRODUCTS OR OTHERWISE, YOU ARE CONSENTING TO OUR USE OF IT IN ACCORDANCE WITH THIS POLICY. THIS POLICY DOES NOT APPLY TO THIRD-PARTY WEBSITES / APPLICATIONS THAT ARE CONNECTED VIA LINKS TO THE PLATFORM. IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS POLICY, PLEASE DO NOT PROCEED FURTHER TO USE/ ACCESS THIS PLATFORM.
YOUR USE OF THE PLATFORM WILL BE GOVERNED BY THIS POLICY AS APPLICABLE TO THE PLATFORM TOGETHER WITH ALL POLICIES, NOTICES, GUIDELINES, DISCLAIMERS THAT ARE PUBLISHED AND SHARED WITH YOU FROM TIME TO TIME WHICH ARE INCORPORATED HEREIN BY WAY OF REFERENCE INCLUDING BUT NOT LIMITED TO OUR TERMS & CONDITIONS AND SUCH OTHER TERMS AS MAY BE APPLICABLE TO YOU IN YOUR CAPACITY AS A USER OF THE WEBSITE. THIS POLICY SHALL BE ENFORCEABLE AGAINST YOU IN THE SAME MANNER AS ANY OTHER WRITTEN AGREEMENT.
THIS POLICY IS A PART OF THE TERMS & CONDITIONS OF THE PLATFORM AND ALL CAPITALIZED TERMS UNDER THIS POLICY THAT HAVE NOT BEEN SPECIFICALLY DEFINED HEREIN SHALL HAVE THE MEANING AS ASCRIBED TO IT UNDER THE PLATFORM TERMS & CONDITIONS.
IF YOU DO NOT AGREE TO THIS POLICY OR ANY PART THEREOF, PLEASE DO NOT USE/ ACCESS/ DOWNLOAD/ INSTALL THE PLATFORM OR ANY PART THEREOF.
WE MAY UPDATE THIS POLICY FROM TIME TO TIME. YOU MUST PERIODICALLY REVIEW THE POLICY FOR THE LATEST INFORMATION ON OUR PRIVACY PRACTICES.
1. COLLECTION OF INFORMATION
During your use of the Platform, we will collect information and data including but not limited to your personal information and sensitive personal information / data (“SPD & I”) as defined under the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011. The purpose of this is to provide you a secure, efficient, smooth and specialized experience and Services which permits us to provide services and features that meet your needs, and to customize our Platform to make your experience smoother and easier and to enhance the Services provided by us. You hereby provide us explicit consent to collect the following data from you as a data provider which also includes SPD & I:
Collection of Non-Personal Information:
We track certain information about you which we use to do internal research on our Users interests and behavior to better understand, protect and serve our users and to improve our services.
Collection of Personal Information:
Information we collect from your registration and usage of our Services:
1. Your name, address, date of birth, contact information (mail id and contact number), marital status, PAN number, name of the bank where you have your primary account, bank statements, pay slips etc.;
2. Details regarding your employment, including, years of experience, details of income, name of the current employer, details of the office address;
3. Credit-related information that is collected from other sources like the credit bureau;
4. Know Your Customer data such as Valid Address proof, PAN, photo etc.
5. Your unique identifiers such as username and password, preferences information and transaction history;
6. Any other information that is required to be collected as per specific mandate from Reserve Bank of India or as a requirement under applicable law in India;
7. Information from you electronically - like the pages viewed, how you navigate through the Platform and interact with the Platform, etc.
The information collected from You will assist us in providing our Services to You and to personalize, maintain and improve our Services.
Data we collect from your registration and usage of our Services:
We collect and monitor your device geolocation information after you authorize geolocation access request for automated risk assessment of loan applications, security assurance of user lending Services, marketing campaigns and provide serviceability of your loan application.
Data storage of Geolocation: Details of geolocation will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/. No data shared with third parties.
During the usage of the Services after registration, we may collect information about your device including device name, device model, region and language settings, unique device identifier, device hardware and software information, status, usage habits, unique device identifiers (such as IMEI and serial number), which will be used to secure your account, prevent frauds and analyze the stability of the Services, as well as for some marketing campaigns.
Data storage of Device information: Details of device information will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/. No data shared with third parties.
3. Emergency Contacts Information
During the usage of services, you shall be expected to provide emergency/reference contacts to verify your credit and help you through the loan application process. Information collected is needed for risk analysis so that we can test reliable references to assess you and determine your eligibility for loans and reduce credit risk.
Data storage of emergency contacts: Details of emergency contacts will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/.
During the usage of the Services, we will ask you to authorize us camera access for the purpose of taking photos for uploading Know Your Customer (KYC) documents and taking photos of the user for security verification.
Data storage of camera information: Details of camera information will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/.
To conduct KYC, you will authorize us storage access so that your KYC documents can be securely stored on your device and corresponding KYC documents can be uploaded to provide better loan application Service. For the purpose of access and storage of KYC documents we abide by the relevant guidelines and laws issued by the Government of India in this behalf.
Data storage of Storage: Details of storage will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/.
During the usage of Services, we will ask for calendar access to automatically add reminders for loan overdue to avoid decline of Your credit score, and will collect event information in the calendar to assist in the credit risk assessment of the loan review for a faster and better approval process.
Data storage of Calendar: Details of Calendar will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/. No data shared with third parties.
During the usage of the Services, we collect data about the applications currently installed in your device, including the application name, application installation (update) time, and application size. The collected app data is used for credit risk analysis, and identifying frauds, which helps in fast approval of applications and accurately providing the Services.
Data storage of App data: Details of app data will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/. No data shared with third parties.
During the usage of the Services, we collect SMS content from your inbox, including sender number, sender name and SMS content. This financial SMS data also includes historical information, but only financial related information will be used and eligible information will be removed from the server of the Platform after analyzing eligibility and applicability of the users. This data shall be used firstly, to identify and analyze the multiple lending behavior of users and assess customer risk by determining the various banking transactions and cash flow patterns they may have through SMS analysis; secondly, to verify and track user’s financial transactions in the background by analyzing their SMS messages to ascertain correct credit limit decisions based on their spending/cost budgets and ability to pay; thirdly, to help prevent fraudulent collections and transactions by analyzing SMS data. All SMS data will be encrypted by the application and uploaded to the server. Personal and private SMS data will be filtered and deleted from the server.
Data storage of SMS : Details of SMS will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/. No data shall be shared with third parties.
We collect data about your interactions with our application Services during the usage of application. This includes data such as Service access times, logs of app Service crashes, etc. This data is used for customer support and improving the usage experience and automated fraud risk analysis.
Data storage of Usage data: Details of usage data will be encrypted and uploaded to our server through HTTPS https://app-api.payrupik.in/. No data shared with third parties.
10. Battery level
We collect the battery power information of the device when the You use the application to optimize the application performance, reduce the number of good points, and extend the life of user equipment.
Data storage of Battery level: Battery level data will be encrypted and uploaded to our dedicated server through HTTPS https://app-api.payrupik.in/. No data shared with third parties.
11. Network data
We monitor the network status of Your device when You use the application. This data is used to improve the delay of network requests, avoid possible data hazards during use, and provide You with a better user experience.
Data storage of Network data: Network data will be encrypted and uploaded to our dedicated server through HTTPS https://app-api.payrupik.in/. No data shared with third parties.
As detailed above, we also collect your personal information, including financial information, from the registration or other completed forms / questionnaires that You provide to Us. We will also receive your personal information, including financial information, from documents that you may provide to Us and/or from documents like the credit report that You authorize Us to obtain on Your behalf from credit information companies.
The information we collect about You will depend on the products and Services we offer, on an ongoing basis. The information collected from You will be used in order to effectively provide Services to You. If You do not allow Us to collect all the information, we may not be able to deliver the Services effectively. You hereby provide us explicit consent to use the data specified above as per the terms of this Policy.
You further understand and consent to the fact that we may also supplement the information We collect from You with information We receive from other companies or third parties. For example, we may use marketing segments developed by us or other companies to customize certain Services or offer more products to you.
2.USE OF INFORMATION
Personal information of individual users will not be disclosed, sold or otherwise transferred to unaffiliated third parties without your approval at the time of collection.
We agree to restrict our usage of Personal Information and Data as follows:
(i) we may use or disclose in any form for any of our internal business purposes and for the purpose of providing Services to You in our complete discretion;
(ii) we may otherwise only disclose Public Information and Data to a third party in a form that is not anonymized to provide Services to you and for no other purpose.
You hereby provide explicit consent to us for the use of Your information provided (including SPD & I) provided by You to us (as specified above) and to share such information with third parties for the following purposes:
1. Create and update the Loan account.
2. Monitor, improve and administer our Platform
3. Manage our risks including the risk of fraud that may be committed against us or our partners;
4. To analyze loan eligibility and loan parameters.
5. Analyze how the Platform is used, diagnoseService or technical problems and maintain security;
6. Send communications notifications, information regarding the products or Services requested by You or process queries and applications that you have made on the Platform, including marketing and promotion of our Services or our Platform by way of tele-messages or emails or calls;
7. Manage our relationship with you and provide You with or inform you about other products or Services we think you might find of some use;
8. Conduct data analysis in order to improve the Services provided to You;
9. Use the User information in order to comply with country laws and regulations;
10. To conduct KYC based on the information shared by the User for the provision of Services and availing the Product. This would include conducting analysis of your creditworthiness, loan eligibility, KYC documents, current employment verification and the terms of your loans. Company, may directly or through third parties, conduct the KYC on its customers. In the event the KYC as detailed under this clause is being conducted by its third-party Service providers, the Company shall share Your relevant information with such third-party Service providers for availing the said Services in accordance with the applicable rules and guidelines.
11. To provide customer support, including to resolve your concerns from the use of the Services.
12. To market the Platform and our Services which includes sharing your feedback, ratings and screen names for purely promotion and marketing purposes. Such promotion and marketing may be done, inter alia, via calls, SMS, emails and other means.
13. Use Your information in other ways permitted by law.
14. Use the information obtained from Your Device to control risk, detect fraud, and provide better Services to You.
15. We will use and retain Your information for such periods as necessary to comply with our legal obligations, court order, by Government authorities, by law enforcement authorities, resolve disputes, enforce Our agreements, or by other legal processes or where it becomes necessary to do so to protect the rights or property of Company and/or its group companies/affiliates, etc.
3.DISCLOSURE OF INFORMATION
You hereby provide explicit consent to the disclosure of your information (including SPD & I) by us to our Affiliates, employees and to third parties as per the terms of this Policy. You provide us explicit consent to share Your information with third parties only in such manner and for the purpose as described below:
1. We may disclose Your information to other financial Service providers, banks and our third- party partners, Payment Gateways and Aggregators and Service providers for providing the Services and offering the Products as detailed under the Terms & Conditions;
2. We may share the details of the Product and Your information with our third -party partners and Service providers in order to conduct data analysis for the purpose of improving the Services and analyzing Your use of the Platform, and to Service you better;
3. We may share details of Your contact information and loan details with our Lending Service Providers (collection agencies) for the purpose of recovery of loans;
4. We may also disclose Your information to our third-party Service providers for fraud detection, risk assessment and/or for sending promotional tele-messages and email;
5. We contract with third-party advertising networks, publishers and other entities to advertise our Products and Services on Platform which are not affiliated with us and we shall share the information provided by You and the same shall not be used for any purpose other than to assist us in our advertising efforts;
7. We may share Your information with third parties under a confidentiality agreement for provision of Services which inter alia restricts such third parties from further disclosing the information unless such disclosure is for the purpose as detailed under that confidentiality agreement. However, we are not responsible for any breach of security or for any actions of any third parties that receive Your personal information;
8. We shall share your information with third-party only on a need basis and only for the purpose of providing Services to you, as per the applicable laws. We share information with third parties strictly to the extent required for performance of Services.
We will use and retain Your information for such periods as necessary to comply with Our legal obligations, resolve disputes, and enforce Our agreements.
Details of the third parties we share your personal information with are set out below:
Details of the Lending Service Providers engaged in recovery of loans:
4. STORAGE AND SECURITY OF INFORMATION
We store and process onlysuchinformation, including the information received from Your Device as required for the purpose of providing Services and for legal, statutory and regulatory compliances on Amazon Cloud Servers and other secure cloud Service providers.
All information received by us, either directly from You or through Your Device is protected and secured by us. We adopt multiple safeguards to protect the security of the information and data provided by You like firewalls and data encryption using Secure Sockets Layers (SSL), and information access authorization controls.
We value your trust in providing us your information & hence we use reasonable safeguards to preserve the integrity and security of Your information against loss, theft, unauthorized access, disclosure, reproduction, use or amendment. To achieve the same, we use reasonable security practices and procedures as mandated under applicable laws for the protection of Your information. We implement reasonable physical, administrative and technical safeguards to help us protect your information from unauthorized access, use and disclosure. Information You provide to us are stored on our secure servers located in India.
We aim to protect Your information from unauthorized access and/or disclosure by providing security features like an OTP verification to help you protect your account; transmission of data through encryption; review of our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems; compliance with Regulations and applicable laws, restriction of access to personal information to our employees, contractors, and third party service providers only for the purpose to provide the Services. The collection, usage, and sharing of information by us shall be in compliance with the Information Act, 2000 and other applicable rules and laws made thereunder.
However, you understand and accept that there is no guarantee that data transmission over the Internet will be completely secure and that any information that You transmit to us is at Your own risk. While it is always our endeavor to take all reasonable steps to prevent disclosure of information, however, no method of transmission, whether in physical form or over the internet, or method of electronic storage is 100% secure and may be subjected to unintentional risks, due to reasons beyond our control.
5. STANDARDS FOR HANDLING SECURITY BREACH
The security of your Information is of utmost important to us. We take all physical, technical and operational measures to improve the integrity and security of information that we collect and maintain as required by applicable laws.
Our database is limited to a specific IP address and external networks cannot access the database. Further, the database has multiple backup strategies, and supports fast recovery of data in the event of loss of data. We use the basic DDOS protection function provided by cloud vendors, to defend against DDOS attacks of certain traffic. We regularly review this Policy regarding the collection, storage and processing of Your information, to prevent alteration, loss or fraudulent or unauthorized access of Your information.
"Phishing" usually occurs when users of a website are induced by an individual/entity into divulging sensitive personal data by using fraudulent websites and/ or e-mail addresses. In the event of You providing information to a website or responding to an e-mail which does not belong to us or is not connected with Us in any manner, You will be a victim of Phishing. We do not send e-mails requesting a user for payment information, user name or passwords. However, We may verify the user name, password etc. provided by You from time to time.
7.DATA RETENTION AND DESTRUCTION PROTOCOL
We shall store and retain Your information to facilitate fulfilment of Services. The retention period is determined with regard to compliances required under the applicable laws. We also retain data improve and personalize our Services; to provide customer service; to personalize our advertising and marketing communications; and to prevent, detect, mitigate, and investigate fraudulent or illegal activities. We do not retain your personal data beyond period required for compliance with legal obligations and applicable laws. In accordance with applicable laws and as per our policies, you can exercise the following rights by contacting our customer service at the mail id and/or the phone number mentioned on the Platform and this Policy:
1. Review or Rectify your Personal Information: You have the right to request us to rectify your Information which You have provided to us in the time frame as specified under applicable laws.
2. Right to deny consent: You have the option to deny consent for use of specific data and data retention, however, if you exercise this right, it may impair or restrict our ability to provide Services to you.
3. Right to restrict disclosures to Third Parties: You have the right to request for restriction of disclosure to third parties, however, You may not be able to use our Services post such restriction.
4. Right to revoke consent: This enables you to withdraw consent already granted to collect personal data. We shall comply with such request, subject to applicable laws and the terms of the loans sanctioned through the Platform. However, if you exercise this right, it may impair or restrict our ability to provide Services to you.
5. Request the Platform to delete/forget Your personal data: You may request us to delete or remove Your personal data.
These rights may affect our ability to process or enable your Information which may lead to the discontinuation of those Services for which this Personal Information is required, at our sole discretion.
These rights are limited, to the extent wherein we are legally bound to process or retain your Information. We retain required information about you to provide a consistent and ideal experience, to detect, mitigate, prevent, and investigate fraudulent or illegal activities during the course of the Services and to contact you in the event of any grievance. We may also retain and use your basic personal information such as name, contact number, transactional details and address details as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements which shall always be in accordance with applicable laws.
8. SEVERABILITY AND EXCLUSION
We have taken every effort to ensure that this Policy adheres with the applicable laws. The invalidity or unenforceability of any part of this Policy shall not prejudice or affect the validity or enforceability of the remainder of this Policy. This Policy does not apply to any information
other than the information collected by us through the Platform. This Policy shall be inapplicable to any unsolicited information You provide Us through the Platform or through any other means. This includes, but is not limited to, information posted in any public areas of the Platform. All unsolicited information shall be deemed to be non-confidential and the Company shall be free to use and/ or disclose such unsolicited information without any limitations.
9. GOVERNING LAW AND DISPUTE RESOLUTION
This Policy shall be governed by and construed in accordance with the laws of the Republic of India. The courts at Guwahati, Assam, India shall have exclusive jurisdiction in relation to any disputes arising out of or in connection with this Policy.
The rights and remedies available under this Policy may be exercised as often as necessary and are cumulative and not exclusive of rights or remedies provided by law. It may be waived only in writing. Delay in exercising or non-exercise of any such right or remedy does not constitute a waiver of that right or remedy, or any other right or remedy.
11. CONTACT US