Privacy Policy

1. Introduction

NidhiRaksha is a cloud-based Finance CRM operated under the laws of India. This Policy is issued in accordance with:

• • The Digital Personal Data Protection Act, 2023 (DPDP Act)
• • The Aadhaar Act, 2016
• • The Information Technology Act, 2000

By using NidhiRaksha, you agree to this Privacy Policy.

2. Role of the Company

• • We act as a Data Fiduciary for platform users.
• • We act as a Data Processor when processing customer data on behalf of Credit Partners.

Credit Partners are responsible for obtaining lawful consent from their customers before submitting data into the Platform.

3. Personal Data We Collect

A. Identity Information

• • Full name
• • Mobile number
• • Email address
• • PAN (if submitted)
• • Aadhaar number (if submitted by Credit Partner)

B. Financial Information

• • Credit amount
• • Repayment records
• • Collection history
• • Default information

C. Technical Information

• • IP address
• • Device information
• • Login timestamps
• • Audit logs

4. Aadhaar Data Handling

• • Aadhaar data is processed strictly for identity verification purposes.
• • We comply with the Aadhaar Act, 2016.
• • Aadhaar data is not used for profiling or marketing.
• • Access is restricted to authorized personnel only.

Credit Partners must obtain explicit consent before submitting Aadhaar information.

5. DigiLocker / API Integrations

Where verification services are enabled through APIs (e.g., Protean eGov Technologies Limited), data may be transmitted strictly for verification purposes.

• • We do not store DigiLocker documents.
• • We only process necessary verification responses.
• • Consent must be obtained before initiating verification.

6. Purpose of Processing

• • Credit lifecycle management
• • Customer onboarding & verification
• • Reporting & analytics
• • Subscription billing
• • Security & fraud prevention
• • Legal compliance

We do not sell personal data.

7. Legal Basis for Processing

• • Explicit consent
• • Contractual necessity
• • Legal obligation
• • Legitimate use permitted under law

8. Data Retention

Data is retained while the subscription remains active and as required by applicable financial or regulatory laws. Upon termination, data may be deleted within a reasonable period unless legally required to retain it.

9. Data Sharing

• • Authorized Credit Partners
• • Payment gateways (e.g., Razorpay)
• • API verification providers (e.g., Protean eGov)
• • Government authorities when legally required

We do not commercially trade or sell personal data.

10. Security Measures

• • Encrypted transmission (HTTPS/TLS)
• • Role-based access control
• • Audit logging
• • Server-level protection
• • Continuous monitoring

No system is completely secure. Users must safeguard login credentials.

11. Data Principal Rights

Under the DPDP Act, individuals have the right to:

• • Access information
• • Request correction or erasure
• • Withdraw consent
• • Nominate a representative
• • File grievances

12. Grievance Officer

PROSEBA SERVICES PRIVATE LIMITED
Email: support@nidhiraksha.com

We aim to respond within 30 days.

13. Cross-Border Data Transfer

Data is primarily stored within India. Any cross-border processing will comply with applicable Indian laws.

14. Children’s Data

NidhiRaksha is not intended for individuals under 18 years of age. We do not knowingly process children's data.

15. Updates to This Policy

We may update this Policy periodically. Continued use constitutes acceptance.