The Data Privacy Policy sets out the requirements for ensuring that Ratnaafin Capital Private Limited (RCPL/we) collect, use, retain and disclose personal information in a fair, transparent and secured way. This Data Privacy Policy is applicable to the personal information (including sensitive personal data or information) of:
This Data Privacy Policy is not applicable to independent data held by third-parties, but will continue to be applicable to:
By accessing or using this website or services provided by RCPL, you agree to be bound by the terms described herein and all the terms incorporated by reference. If you do not agree to all of these terms, do not use this website or services provided by RCPL.
This Data Privacy Policy provides guidance on processing of personal information, which includes, but is not limited to, collecting, using, retaining/storing, accessing and/or disclosing such information by RCPL as often as is necessary. RCPL is committed in respecting the individual’s privacy rights and expectations and in protecting the individual’s personal information collected by RCPL from unauthorized access, use, retention/storage and/or disclosure. Meeting this commitment is a primary management objective and collective responsibility of all RCPL employees as well as third parties conducting business with or on behalf of RCPL.
The Data Privacy Policy contained in this document has been established to cover information and information systems such as software, hardware, firmware, storage, transmission media and computer networks (collectively referred to as ‘Information Assets’) used by RCPL. RCPL employees, senior professionals, and third-party vendor/contractor etc., shall ensure compliance with the obligations outlined in this policy document. Compliance with this Data Privacy Policy shall be ensured by:
Any violation of this Data Privacy Policy is subject to disciplinary action. The specific disciplinary action depends upon the nature of the violation. Violations will be handled as per the existing HR processes and could range from a verbal reprimand to termination of employment/contract and/or legal action.
If a department or function is unable to comply with any requirements detailed within this Data Privacy Policy, an exception shall be obtained. Such exceptions shall be documented, indicating the rationale for the exception and the related risks.
All RCPL employees shall comply with Indian IT Act of 2000 (including IT Amendment Act of 2008 and IT Rules of 2011) for privacy and protection of personal information and sensitive personal data or information of customers, employees, contractors and third party vendors or any other persons or entities that are associated with RCPL for any business related transactions / communications – verbal or implied.
The Data Privacy Policy represents the minimum standards that RCPL has set with respect to data privacy. It aligns with (and in some cases exceeds) the requirements of applicable laws and regulations (i.e. Indian IT Act of 2000, IT Amendment Act of 2008 and IT Rules of 2011).
Personal information refers to any information that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with RCPL, can identify such person. Personal information includes sensitive personal data or information. The personal information (including sensitive personal data or information) collected by RCPL includes:
RCPL values the personal information entrusted to it and the NBFC is committed to collecting, using, retaining and disclosing personal information in a fair, transparent and secure way by adhering to the following key principles:
Collection Limitation: Personal information shall be collected by fair, lawful and transparent means. RCPL shall be open with individuals about how the NBFC will use their personal information, with whom it will be shared and where it may be sent.
Data Minimization: Only personal information required for authorized business activities shall be collected from the information provider. Personal information shall not be made available to anyone (including internal staff) who is not authorized or does not have a business need to know the information.
Purpose of collection- As per regulatory requirement, RCPL collect personal information for performing KYC of the customer, bank account statements are collected to establish credit worthiness of the customer, bank account details are collected for collection of dues/loan repayment. Personal Information of employees is collected for the purposes of background verification, salary payment, insurance etc.
Use Limitation: The personal information shall be used for the purpose for which it has been collected. The privacy risks shall be taken into consideration, before the collection, use, retention, or disclosure of personal information, such as in a new system or as part of a project
Security: There shall be adequate protection for the personal information collected, used, retained and disclosed to support RCPL business activities by following the relevant usage, technical and organizational policies, standards and processes:
RCPL has comprehensive documented information security program and information security policies that contain managerial, technical, operational and physical security control measures.
However, RCPL will not be responsible for any loss, unauthorized access or any harm caused to the information provider by any misuse of his or her personal information, unless it is a direct and foreseeable consequence of negligence and non-compliance on the part of RCPL only. The information provider hereby acknowledges that RCPL will not be responsible, in particular, for any third party action or action on the part of the information provider leading to loss, damage or harm to such information provider or any other person.
Access, Correction and Update: Processes shall be defined to enable the providers of information, as and when requested by them, to review the information they had provided and ensure that any personal information or sensitive personal data or information found to be inaccurate or deficient shall be corrected or amended as feasible. RCPL shall not be responsible for the authenticity of the personal information or sensitive personal data or information supplied by the provider of information. RCPL shall ensure that the data provided by customers is correct through verification of documents submitted by them as per process laid out in the ‘AML / KYC Policy’.
To review, correct or update their personal information, customers can write to us at- grievance@ratnaafin.com or reach out to us on our registered address at 201-202, Shilp Aperia, Near Landmark Hotel, Iscon-Ambli Road, Ahmedabad – 380052, Gujarat.
Retention: Sensitive personal data or information shall be retained no longer than required, to support a specific business activity or legal or regulatory requirement.
Disclosure: The personal information (including sensitive personal data or information) collected or stored by RCPL, may be disclosed to comply with applicable law, directions from Government agencies mandated under law for prevention and investigation of offences, or to comply with an order issued by a competent court.
Transfer of Personal Information to Third-Parties: Adequate protection mechanism shall be provided for personal information in case it is transferred outside RCPL network.
RCPL may transfer sensitive personal data or information to any other entity or person located in India or any other country that ensures the same level of data protection that is adhered to by RCPL under the IT Rules of 2011. Transfer of information shall be allowed only if it is necessary for the performance of lawful contract entered into between RCPL or any person on its behalf and the information provider or where the information provider has consented to such transfer.
Personal information, including sensitive personal data or information, may be disclosed or transferred to insurance providers, credit bureau, verification agencies, collection partner, Regulatory & legal authorities (Credit information agencies, law enforcement agencies, judicial agencies), affiliates and business partner
Reasonable due diligence activities shall be conducted to ensure that the third party has appropriate security & privacy controls in place prior to sharing of any personal information (including sensitive personal data or information)
Marketing and Promotional Activities: Marketing and promotional communications shall be sent to providers of information / customers only after obtaining required consent from them in adherence to obligations under applicable law.
The grievances or discrepancies reported by provider of information with respect to processing of personal information shall be addressed in a time bound manner by the designated ‘Grievance Officer ’. Customers can write to us at grievance@ratnaafin.com or reach out to us on our registered address at 201-202, Shilp Aperia, Near Landmark Hotel, Iscon-Ambli Road, Ahmedabad – 380052, Gujarat.
Grievance Officer Details: Mr. Bhavesh Patel
Registered Address: 201-202, Shilp Aperia, Near Landmark Hotel, Iscon-Ambli Road, Ahmedabad –
380052, Gujarat
Email: grievance@ratnaafin.com
RCPL’s website and services may contain links to third party services, and give the user the ability to access such third-party websites, products, and services. Customer / borrower to proceed to use such third party website or service at r own risk. RCPL will not be held liable for any outcome or harm arising as a result of such use of such third party websites or services. Please read the privacy policies of any third party before proceeding to use their websites, products, or services.
RCPL may periodically revise or update this Data Privacy Policy. Continued use of RCPL’s website and / or services after the effective date of the Data Privacy Policy means that the user accepts the revised Data Privacy Policy. If the user does not agree with any such revised terms, please refrain from using RCPL’s website and / or services.