Back to Home

Data Policy

Our commitment to responsible data handling, processing, and protection in accordance with global data protection standards.

Last updated: December 1, 2023 | Compliant with GDPR, CCPA, and Indian Data Protection Act

Quick Navigation

Data Collection
Data Usage
Data Protection
Your Rights

Data Collection Principles

We follow strict data minimization principles, collecting only what is necessary for providing our EMI reduction services. Our data collection practices are transparent and lawful.

Lawful Basis for Processing

All data processing is based on legitimate business needs, contractual requirements, or explicit user consent.

Purpose Limitation

Data is collected for specific, explicit, and legitimate purposes only.

Types of Data We Collect

Personal Data
  • • Name & Contact Details
  • • Identification Numbers
  • • Demographic Information
Financial Data
  • • Income Information
  • • Employment Details
  • • Bank Account Data
Technical Data
  • • IP Address & Device Info
  • • Usage Analytics
  • • Cookie Data

Data Usage & Processing

We process your data responsibly and only for the purposes you've consented to. Here's how we use your information:

Primary Processing Activities

Service Delivery

Processing loan applications, EMI calculations, and financial assessments.

Security & Verification

Identity verification, fraud prevention, and security monitoring.

Analytics & Improvement

Service optimization, user experience enhancement, and product development.

Communication

Service updates, important notifications, and marketing communications (with consent).

Data Processing Partners

We work with trusted partners who help us deliver our services. All partners are bound by strict data protection agreements:

Partner Type Data Shared Purpose Location
Banking Partners Financial Information Loan Processing India
Credit Bureaus Identification Data Credit Assessment India
Cloud Services Encrypted Data Data Storage India/US
Analytics Providers Anonymous Data Service Improvement Global

Data Protection & Security

We implement robust security measures to protect your data throughout its lifecycle, from collection to deletion.

Encryption & Security

  • • AES-256 Encryption at Rest
  • • TLS 1.3 Encryption in Transit
  • • Multi-factor Authentication
  • • Regular Security Audits

Access Controls

  • • Role-based Access Control
  • • Principle of Least Privilege
  • • Regular Access Reviews
  • • Audit Logs & Monitoring

Data Retention Schedule

We retain data only as long as necessary for the purposes collected, in compliance with legal requirements:

Data Type Retention Period Basis Disposal Method
Application Data 7 years after account closure Legal Requirement Secure Deletion
Financial Records 10 years Regulatory Compliance Secure Deletion
Marketing Data 3 years after last activity Business Purpose Anonymization
Technical Logs 2 years Security Monitoring Secure Deletion

Your Data Rights

You have comprehensive rights regarding your personal data. We are committed to honoring these rights and providing easy mechanisms to exercise them.

Right to Access

Request a copy of all personal data we hold about you, including processing purposes and categories.

Response Time: 30 days

Right to Rectification

Request correction of inaccurate or incomplete personal data without undue delay.

Immediate Action

Right to Erasure

Request deletion of personal data when it's no longer necessary or consent is withdrawn.

Subject to Review

Right to Portability

Receive your data in a structured, machine-readable format for transfer to another service.

Standard Formats

Exercising Your Rights

To exercise any of your data rights, you can:

  • Use our self-service portal in your account settings
  • Email our Data Protection Officer at dpo@1emi.com
  • Call our dedicated privacy helpline
Privacy Helpline
+91 1800 123 4567

Incident Response & Breach Notification

Our Commitment to Transparency

In the unlikely event of a data breach, we are committed to:

  • Immediate investigation and containment
  • Notification to regulatory authorities within 72 hours
  • Direct communication with affected individuals
  • Implementation of corrective measures
24/7 Security Operations

Dedicated team monitoring for security incidents

Contact & Compliance Information

Data Protection Officer

Email

dpo@1emi.com

Direct Line

+91 22 1234 5678

Response Time

Within 48 hours for privacy inquiries

Regulatory Compliance

Registered Office

1EMI Financial Services Pvt. Ltd.
Mumbai, Maharashtra

Certifications

ISO 27001:2022
SOC 2 Type II Compliant

Jurisdiction

Laws of India
Mumbai Courts

Questions About Your Data?

Our Data Protection Team is here to help you understand and exercise your data rights.