Privacy Policy

This privacy policy has been prepared by Baba Lease and Investment Private Limited (“Taplend” “We”, “Our”, “Us”), a private limited company incorporated in India (CIN U65929DL1986PTC249297), having its registered office at House No-17, Basement Floor, BLK-F-11, Model Town, Delhi-110009. Baba Lease and Investment Private Limited is a Non-Systemically Important Non-Deposit Taking Non-banking Financial Company registered with the Reserve Bank of India (“RBI”). Taplend provides you loans through websites, digital lending applications (“DLAs”) and platforms which are either owned and operated by itself or belong to its Lending Service Providers (“LSPs”) or.

The purpose of this Privacy Policy is to give you, the user, (“You”, “Your” or “User”) information on how Taplend collects, stores, uses, discloses, transfers and processes your personal information (defined below) when: (a) You use our websites https://babalease.com(“Websites”), (b) “Taplend” android and iOS application (“Mobile Application”) and

You are advised to read this Privacy Policy along with the terms of use and other information on the website/ Mobile applications. Users please take note that any statements made on Taplend website/ Mobile applications shall not be construed as an offer or promises for grant of any financial services.

This Privacy Policy has been prepared in compliance with:

(i) Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011;

(ii) Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021

(iii) Guidelines on Digital Lending issued by the Reserve Bank of India (RBI), 2022;

(iv) other applicable acts, regulations and rules which requires the publishing of a privacy policy for handling of or dealing in personal information including sensitive personal data or information and all applicable laws, regulations, guidelines provided by applicable regulatory authorities including but not limited to the RBI.

1. USE OF OUR WEBSITE OR SERVICES:

This Privacy Policy is incorporated into and at all times is subject to and is to be read in conjunction with the Terms of Use of the Website/Mobile Application.

2. CONSENT:

You hereby expressly consent to provide below mentioned information to us for the purpose of providing the Services to you. If you disagree with any of the terms mentioned herein, please do not proceed with the usage of the Services.

For the users consenting to continue accessing the Website /Mobile Application and avail the Services, this Privacy Policy explains our policies and practices regarding the collection, use, and disclosure of your information.

3. COLLECTION OF INFORMATION

3.1. Information we collect from you:

i. User Personal Information: The data points we collect from you for providing the Services include, inter alia, Your full name, DOB, email id, PAN, Aadhar Number, address, mobile number, postal code.

How we use this information: We use this data for identifying you, preventing unauthorised access and providing the Services to uniquely identify, register and enable you to use the Website/Mobile Application.

ii. Economic Profile Information: In order to provide the Services, we may require certain economic profile information such as age/DOB, occupation details, income details, bank details, salary statements, income tax returns.

How we use this information: We shall use this information to assess your creditworthiness and eligibility for the products offered to You.

iii. SMS Information: Taplend collects, transmits, syncs and stores SMS Data to enable us to provide you OTP auto read feature and in identifying the various bank accounts that you may be holding, cash flow patterns, and description and amount of the transactions for the purpose of performing a credit risk assessment. This credit risk assessment enables us to perform a quicker loan disbursal. This data may be collected even when the app is closed or not in use.

The credit risk assessment enable us to perform a quicker loan disbursal. The data may be collected even when the app is closed or not in use.

Note: – We do not collect or store the personal SMS from your inbox.

How we use this information: We use this data to provide for credit risk assessment which enable us to perform a quicker loan disbursal. The data may be collected even when the app is closed or not in use.

iv. Device Information and Installed Apps data: We additionally collect certain device information provided herein for our Services. Information the Website/Mobile Application collects, and its usage, depends on how you manage your privacy controls on your device.

• Device Information: When You access or install the Website/Mobile Application, we store the information we collect with unique identifiers tied to the device You are using. We collect information from the device when You download and install the application and explicitly seek permissions from You to get the required information from the device. Additionally, we also collect Your Log information/Meta Data (via the domain server through which the User accesses the App Search queries, IP address, crashes, date etc) for the purpose of improvising the Website/Mobile Application functionality. In addition to the above, we also track and collect the data related to the performance of the Website/Mobile Application and other diagnostic data for identifying and resolving any technical glitches that may be identified from such data and also for improving the overall functionality of the Website/Mobile Application.

How we use the information: We collect information about your device to provide automatic updates and additional security so that your account is not used in other people’s devices. In addition, the information provides us valuable feedback on your identity as a device holder as well as your device behaviour, thereby allowing us to improve our products interaction, quality of services and provide an enhanced customized user experience to you. We further collect other identifiable information such as your transactions history on the Website/Mobile Application when you set up an account with us.

• Installed Application Data: Taplend collects, transmits, syncs and stores Installed Application and Metadata information to enable us to assess your credit worthiness and provide you with pre-approved customized loan offers. The data includes the application name, package name, installed time, updated time, version name and version code of each installed application. The data is collected through Finbox SDK and is transmitted to FinBox for Credit Worthiness Analysis.

How we use this information: We use this information to provide you with various customised offers for Services.

v. Location, Camera Access: We will collect your device location and request camera access for providing the Services in accordance with applicable laws.

How we use this information: We shall collect your device location information for verifying your address, for the know your customer (KYC) and onboarding process for the Services.
We may request camera access to scan and capture the required KYC documents in accordance with applicable laws.

3.2. Information we collect about you from third parties:

For making the Services available to you, we may collect credit information in accordance with applicable laws, from certain third parties such as credit bureaus or credit rating companies. In order to provide Loan products to you, we may receive certain information pertaining to document verification, repayment status etc from certain third parties including NSDL, payment gateway providers. We may further collect your bank account numbers or UPI payment information for collection and repayment of loans.

How we use this information: We shall collect and use this information on a need basis for the provision of Services and for performing due diligence and verification of your application.

3.3. Information you give us about you

In due course of using our Services, You are required to submit data to enable our Services. We use this data to create your profile and provide you with the best available services. We shall collect the following information from you:

i. Data provided by you by filling in forms on the Website/Mobile Application.

ii. Data provided by corresponding with us (for example, by e-mail or chat).

iii. Data and information you provide when you register to use the Website, download or register on our mobile application, subscribe to any of our Services (such as applying for a loan), search for a Service, and when you report a problem with our Website, our Services, or any of our Sites.

iv. Data including Your name, address, gender, date of birth, e-mail address, phone number, username, password and other registration information,

v. PAN Card, Aadhaar Card, financial information such as employer name, monthly salary, bank account no., bank statements, credit information, copies of identification documents for the onboarding of your application to avail the services.

vi. Data generated by your usage of our Website/Mobile Application.

This data helps us create your profiles, complete mandatory KYC to offer you the Services, unlock and approve loans and provide you with customized support in case of issues.

Wherever possible, we indicate the mandatory and the optional fields. You always have the option to not provide any information by choosing not to use a particular service or feature on the Website.

4. STORAGE OF INFORMATION:

We shall store your information at servers located within India.

We do not collect any biometric data belonging to you. In case, if any of our representatives ask for the same from you, we request you to kindly refrain from doing the same and address this concern to our Grievance Officer (the details of the same have been provided below).

We will retain any data or information provided by you till the time we render our services towards you. Our data retention policy is restricted to the provision of our services towards you. You can request for the deletion of your information from us at any stage. Our data retention and deletion policy is in consonance with the applicable laws and guidelines of the RBI.

5. USE OF INFORMATION COLLECTED BY TAPLEND:

The information collected from you will be used by Taplend for the following:

i. To provide Services you have requested;

ii. To establish identity, conduct KYC and verify the same in compliance with the applicable laws;

iii. To resolve disputes and help investigate violations of our terms of use or to defend against legal claims;

iv. To disclose the information under special circumstances such as compliance with the applicable local law, court summons, court orders, requests/order from legal authorities or law enforcement agencies requiring such disclosure;

v. To assess your creditworthiness for providing the Services;

vi. To get in touch with you when necessary and contact You by email, SMS, letter, telephone or in any other way about our products and Services;

vii. To identify, prevent, detect or tackle fraud, money laundering, terrorism and other crimes;

viii. To identify, develop or improve products, that may be of interest to you;

ix. To perform other administrative and operational purposes including the testing of systems;

x. To recover any payments you owe to us or our partners;

xi. To undertake filing of records with the relevant governmental authorities in compliance with the applicable laws;

xii. Comply with our regulatory obligations;

xiii. To maintain records under applicable law or a may apply to pursuant to agreements executed by Taplend;

xiv. To carry out, monitor and analyse our business, carry out audits, market research, business, and statistical analysis and also direct our efforts for product improvement; and

xv. To design and offer customized products and services.

We collect all data and other necessary information under this Privacy Policy or otherwise on a need basis required for the above intended purposes in compliance with applicable laws.

6. DISCLOSURE OF INFORMATION

We will share the information only in such manner as described below:

i. We disclose and share your information with our LSPs, partner banks or NBFCs and other third party partners for facilitation of a loan or facility or line of credit or purchase of a product.

ii. To enable our third party partners to contact you or to respond to your queries / comments, for promotional offers or to resolve service issues to serve you better.

iii. We will disclose the data or information provided by a user with other technology partners to track how you interact with the Website/Mobile Application on our behalf.

iv. We and our affiliates may share your information with other business entity should We (or Our assets) merge with, or be acquired by that business entity, or re-organization, amalgamation, restricting of business for continuity of business. Should such transaction occur than any business entity receiving any such information from us shall be bound by this Privacy Policy with respect to your information.

v. We may share your personal information upon request, order or under any duty or as a part of Our legal obligations and as per applicable laws with the governmental authorities, quasi governmental authorities, judicial authorities and quasi-judicial authorities. By accepting this Privacy Policy, you hereby provide your consent to disclose your personal information for the above-mentioned purposes.

vi. Any disclosure to third parties is subject to the following:

(i) If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request, we shall not seek your explicit consent however we shall reasonably endeavour to notify the same to you accordingly as the case may be;

(ii) We shall take your express consent in the event we share your personal data with
third parties;

(iii) We shall share your information with third-party only on a need basis and only for the purpose stated hereunder, as per the applicable laws.

(iv) We shall additionally seek express consent through a separate consent for at appropriate stages of data collection, if so required under applicable laws.

(v) Usage of your information by such third parties is subject to their privacy policies. We share limited information with them, strictly to the extent required. We recommend you to have a look at the privacy policies of such third parties.

7. SECURITY:

7.1. The Website/Mobile Application intends to protect your information and to maintain its accuracy as confirmed by you. We implement reasonable physical, administrative and technical safeguards to help us protect your information from unauthorized access, use and disclosure. For example, we encrypt all information when we transmit over the internet/Mobile Application. We also require that our registered third party service providers protect such information from unauthorized access, use and disclosure.

7.2. Our Website/Mobile Application has stringent security measures in place to protect the loss, misuse and alteration of information under control. We endeavour to safeguard and ensure the security of the information provided by you. We use Secure Sockets Layers (SSL) based encryption, for the transmission of the information, which is currently the required level of encryption in India as per applicable law.

7.3. We blend security at multiple steps within our products with the state of the art technology to ensure our systems maintain strong security measures and the overall data and privacy security design allow us to defend our systems ranging from low hanging issue up to sophisticated attacks.

7.4. We aim to protect from unauthorized access, alteration, disclosure or destruction of information we hold, including:

(i) We use encryption to keep your data private while in transit;

(ii) We offer security feature like an OTP verification to help you protect your account;

(iii) We review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems;

(iv) We restrict access to personal information to our employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations;

(v) Compliance & Cooperation with Regulations and applicable laws;

(vi) We regularly review this Privacy Policy and make sure that we process your information in ways that comply with it.

(vii) Data transfers;

(viii) We ensure that Aadhaar number is not disclosed in any manner.

7.5. Data protection laws vary among countries, with some providing more protection than others. We also comply with certain legal frameworks relating to the transfer of data as mentioned and required under the Information Technology Act, 2000, rules and the amendments made thereunder.

7.6. When we receive formal written complaints, we respond by contacting the person who made the complaint. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of your data that we cannot resolve with you directly.

8. CHANGES IN PRIVACY POLICY:

Our Privacy Policy might change from time to time, and Taplend will provide notice of it on your email address linked to your Account or can be seen by you in our Website/Mobile Application. We encourage you to periodically review the Website/Mobile Application for the latest information on our privacy practices. Users are bound by any changes to the Privacy Policy when they access, visit, or use the Website after such changes have been first posted.

9. COOKIES:

The Website/Mobile Application uses temporary cookies to store certain data that is used by us for maintenance of the Website/Mobile Application and its features as well as research and development. We do not store personally identifiable information in the cookies.

10. THIRD PARTY SDKS AND OTHER SITES

10.1. The Website/Mobile Application has a link to registered third party SDKs, Application Programming Interface (API) integrations, redirections which collects data on our behalf and data is stored to a secured server. We ensure that our third party service provider takes extensive security measures in order to protect your personal information against loss, misuse or alteration of the data as required under the applicable laws.

10.2. Our third-party service provider employs separation of environments and segregation of duties and have strict role-based access control on a documented, authorized, need-to-use basis. The stored data is protected and stored by application-level encryption. They enforce key management services to limit access to data.

10.3. Furthermore, our registered third party service provider provides hosting security – they use industry leading anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, and application control solutions.

10.4. We don’t allow unauthorized access to your non-public personal contacts or financial transaction SMS data with any third party in relation to Lending Services other than our Lending Partners. However, for Non-Lending Services (Value Added Services), we may allow third parties to access your non-public personal contacts or financial transaction SMS subject to your explicit consent.

10.5. Our Website/Mobile Application links to other websites that may collect information about you. We are not responsible for the privacy practices or the content of those linked websites. With this Policy we’re only addressing the disclosure and use of data collected by us. Their data collection practices, and their policies might be different from this Policy and We do not have control over any of their policies neither do we have any liability in this regard.

11. YOUR RIGHTS

Modifying or rectifying your information: In the event that any personal information provided by you is inaccurate, incomplete or outdated then you shall have the right to provide us with the accurate, complete and up to date data and have us rectify such data at our end immediately. We urge you to ensure that you always provide us with accurate and correct information/data to ensure your use of Our Services is uninterrupted. In case of modification of personal information, You will be required to furnish supporting documents relating to change in personal information for the purpose of verification by Taplend.

11.1. Your Privacy Controls: You have certain choices regarding the information we collect and how it is used:

(i) Your device may have controls that determine what information we collect. For example, You can modify permissions on your Android/iOS device or Browser to remove any permissions that may have been given. However, Website/ Mobile Application does not provide a guarantee of Services if any such controls are exercised.

(ii) Delete the App from your device

(iii) You can also request to remove content from our servers in accordance with Clause C.

11.2. Withdrawal/Denial of consent: You acknowledge that the Website/Mobile Application has duly collected the information with your consent and you have the option to not provide such information, or deny consent for use of specific information or revoke the consent already given. However, any withdrawal of such personal information will not be permitted in case any Service availed by you is active. Where a consent has been withdrawn the Website/ Mobile Application does not guarantee or be liable for providing such Service. You shall have the following rights pertaining to your information collected by Us.

(i) Deny Consent: You shall have the right to deny consent for use of specific data, restrict disclosure to third parties, data retention, revoke consent already granted to collect personal data and if required, make the App delete/ forget the data. However, any such denial will not prejudice our right to retain any data in relation to the loans availed by you. Further, in case of a denial of a consent, the Website/Mobile Application does not provide a guarantee or will not be liable towards the continued facilitation of the Services if any such controls are exercised.

(ii) Withdraw Consent: You may withdraw your consent to contact you, for the continued collection, use or disclosure of your information, at any time, or request for deletion of Your Login account by raising a request on the Website or by mailing Us at help@taplend.in. However, Website/Mobile Application does not provide a guarantee of Services if any such controls are exercised. Further, We shall have the right to continue processing your information till such credit facility has been repaid in full, along with any interest and dues payable and/or for such period as may be allowed under applicable law. However, We shall not retain your data and information if it is no longer required by us and there is no legal requirement to retain the same. Do note that multiple legal bases may exist in parallel, and We may still have to retain certain data and information at any time to comply with applicable law. Also, the information may still be used for execution of any outstanding or termination activity of any Services.

11.3. Report an issue: You have a right to report a security incident to the grievance redressal officer (details mentioned herein below). You are entitled shall be entitled to prevent unauthorised suchusage of your information by our personnel/agents by informing us, within 10 days of being informed of the proposed use, that you do not wish to disclose such information. You can also exercise the right at any time by contacting us at help@taplend.in.
11.4. Notwithstanding anything to the contrary stated above, the following are specific scenarios listed below which may have consequences to your withdrawal of consent:

(i) Marketing and Communication: The consent for this information be withdrawn if you write an email to the email address provided under clause 12.

(ii) Information/data deletion may not be implemented for ongoing Services including loan, insurance policy.

12. Contact:

12.1. For any information regarding the Privacy Policy, please contact help@taplend.in. In case you have grievance relating to collecting receiving, possessing, storing, dealing or handling of Personal Information provided by You may contact our Grievance Officer on the following address or write an email:

Name: Vipin Kumar
Email: grievance@taplend.in
Baba Lease and Investment Private Limited
House No-17, Basement Floor,
BLK-F-11, Model Town, New Delhi-110009
Time: Mon – Sat (10:00 – 19:00)