This Privacy Policy applies to both the App and the Website, which is operated by Pee Dee Financial Services Limited, a Non‑Banking Financial Company (NBFC) registered with the Reserve Bank of India ("RBI").
Rupee Lake recognizes the importance of your privacy and is committed to protecting the confidentiality and security of your personal information. We value the trust you place in us. This Privacy Policy explains how we collect, store, use, disclose, transfer, and otherwise process your personal information, including sensitive personal information, when you access or use our App or Website.
We encourage you to read this Privacy Policy carefully before using our services. By accessing or using the App or Website, you confirm that you have read, understood, and agreed to the terms of this Privacy Policy.
By accepting this Privacy Policy, you expressly consent to the collection, retention, analysis, use, and disclosure of your personal information by Rupee Lake, in accordance with applicable laws and this Privacy Policy.
1. INFORMATION AND PERSONAL DATA WE COLLECT
With your consent and in accordance with applicable laws, we may collect, store, use, disclose, transfer, and otherwise process your information and personal data as described below:
i. Personal Information
This may include, but is not limited to, your name, address, phone number, PAN card details, date of birth, and photograph. We collect this information to provide our services, verify your identity and eligibility, facilitate communication, prevent fraud, and comply with legal and regulatory requirements.
ii. SMS Data
With your explicit consent, we may collect limited SMS data stored on your mobile device, specifically financial-related SMS messages from the past six months. We apply technical filters to ensure that only SMS messages related to financial transactions are accessed, while excluding personal or irrelevant communications.
This data is used to enhance your user experience, conduct fraud prevention checks, analyze financial behavior, and assess credit risk. SMS analytics may be used to identify transaction patterns, cash flow trends, and repayment capacity, enabling more accurate risk assessment and service eligibility decisions. We do not access or process non-financial or personal SMS content.
iii. Device Information
We may collect information about your device, including device name, model, operating system, region and language settings, unique device identifiers, hardware and software attributes, and usage patterns. This information is used to enhance account security, prevent fraud, improve service performance, and analyze application stability.
iv. Installed Applications Information
When you use our services, we may collect limited information about applications installed on your device, such as app names and installation or update timestamps. This information helps us identify potentially harmful or unverified applications that could pose security risks, and supports fraud detection, credit risk assessment, and system integrity checks. We do not access the content or data within your installed applications.
v. Camera Access
With your one-time permission and explicit consent, we may access your device's camera to capture and upload photographs for Know Your Customer (KYC) verification, identity authentication, and security purposes. Camera access is used solely for KYC compliance, service processing, user support, and feedback-related activities.
vi. Location Information
With your permission, we may collect location information to verify your current location and address, confirm service availability, detect unusual activity, and prevent fraudulent or suspicious transactions. Location data is collected only when location permissions are enabled on your device and is processed strictly for legitimate business and security purposes.
2. USE OF PERSONAL DATA AND PURPOSES
i. Loan Assessment and Decision-Making
We collect and use your personal data to assess your eligibility for a loan. Factors such as income, employment status, creditworthiness, and other relevant information are considered when determining whether to approve or decline your loan application.
ii. Verification, Validation, and Authentication
The personal data you provide is verified and validated to ensure its accuracy and authenticity. This includes Know Your Customer (KYC) evaluations, risk assessments, and cross-checking with relevant authorities. Supporting documents may also be validated to confirm your identity and other necessary details.
iii. Internal Risk Management
We use your personal data to assess the level of risk associated with loan offerings. This is essential to improve our services, reduce fraud, build risk models, and maintain a secure lending environment.
iv. Product and Service Improvement Research
We use your personal data to research market trends, enhance our understanding of customer needs, and improve our products and services. This enables us to develop technologies and strategies to better serve our users and improve the overall user experience.
v. Legal and Regulatory Compliance
Your personal data may be processed to comply with applicable legal and regulatory obligations, including but not limited to Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements. This may involve sharing information with regulatory authorities or conducting required reporting.
3. YOUR PERSONAL DATA SECURITY COMMITMENT
Rupee Lake is committed to safeguarding your personal data with the highest levels of security.
Technical Safeguards
We employ robust technical measures to protect your personal data, including end-to-end encryption for data transmission, advanced firewalls, and regular security updates to address emerging threats. Your information is securely stored in cloud solutions that comply with international data protection standards, ensuring that your data is protected at all times.
Administrative Safeguards
We conduct regular security audits and provide ongoing employee training on data protection practices. Employees with access to personal data undergo background checks and are bound by strict confidentiality agreements. We limit access to personal data to only those employees who need it to perform their job duties, in line with the principle of least privilege.
Incident Response and Data Breach Protocol
In the unlikely event of a data breach, we have a rapid response plan in place. We will immediately investigate the situation, take appropriate containment measures, and notify affected users and relevant regulatory authorities in accordance with applicable laws and timelines.
User Responsibility
While we take extensive measures to protect your data, no system can be entirely immune to risks. We recommend that you take precautions to protect your personal information, such as using strong, unique passwords and avoiding sharing sensitive data over unsecured networks.
4. DATA RETENTION
Rupee Lake will retain only the minimum necessary Personal Information and Sensitive Personal Information for operational purposes. The retention period for such data by Rupee Lake and our Partner Lenders is determined based on legal, contractual, statutory, and regulatory requirements, as well as accounting and compliance reporting obligations.
In accordance with your rights and the restrictions outlined in this Privacy Policy and applicable laws, Rupee Lake will retain your Personal Information and Sensitive Personal Information for a maximum period of 5 years, after which the data will be securely disposed of unless further retention is required by law or for legitimate business purposes.
5. SHARING OF INFORMATION
We do not sell, rent, or lease your personal data to third parties for commercial purposes.
We may share your personal information in the following specific scenarios, with appropriate security measures in place:
i. Government or Regulatory Authorities:
When required by applicable laws, regulations, legal proceedings, or official requests (e.g., court orders) to fulfill our legal obligations.
We ensure that all third parties who receive your information comply with this Privacy Policy and applicable data protection laws.
6. HOW WE UPDATE AND CHANGE THIS POLICY
We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or regulatory obligations. When this Privacy Policy is updated, the revised version will be posted on our Application. If necessary, we will notify you of significant changes through appropriate channels, such as email, in-app notifications, or other methods.
We encourage you to review this Privacy Policy regularly to stay informed about how we protect your personal information. Your continued use of our Application following any updates constitutes your acceptance of the updated Privacy Policy.
7. CONTACT US / GRIEVANCE REDRESSAL
If you have any questions, comments, concerns, or suggestions regarding this Privacy Policy or our app, or if you wish to exercise your data subject rights, please contact us via the following methods:
Email: info@pdfsl.in
We will respond to your inquiry and address any concerns within 14 business days.
For unresolved grievances, you may escalate the matter to the Grievance Redressal Officer ("GRO") of Rupee Lake at the following coordinates:
Name: Grievance Redressal Officer
Email: grievance@pdfsl.in