We are committed to safeguarding your privacy, and this privacy policy explains how and why FPL Technologies Pvt. Ltd. (“We”, “Us”, “FPL”) collects and uses any personal information or data when someone (“You”, “Your”, “User”, “Cardholder/Cardmember”), uses the OneCard App or website.
Information provided by you
To avail certain services on our OneCard Mobile Application / Website, you are required to provide some personally identifiable information for the registration process, which includes but is not limited to the following:
• Your name
• Email address
• Mobile number
• Permanent Account Number (PAN)
• Date of Birth
• Gender
• Address
We may require you to provide additional details, as and when required, in order to comply with any applicable regulatory requirement or for additional services/products via the App/Website, as and when offered, and may also utilise data lawfully obtained from third party service providers authorised by you, including but not limited to data pertaining to your credit score, to provide the App services/Website services to you, subject to the terms of this Privacy Policy.
Express Consent
While providing your details/documents via the App/Website, including but not limited to personal information as mentioned herein above, you expressly consent to FPL (including its marketing channels and business partners) to contact you through SMS, call and/or e-mail and to follow up with regard to the services provided through the App/Website, for imparting product knowledge, offering promotional offers running on the App/Website & various other offers/services by our business partners.
The App/Website requires you to provide consent for keying in or uploading your personal information, as may be necessary to process your application. Any personal information which requires to be keyed in or uploaded is required for enabling hassle free, faster and paperless (to the extent possible) processing of applications for financial products so opted or availed of by you. You hereby give your consent to FPL to obtain your KYC details from CERSAI CKYC portal.
Information obtained from Credit Information Companies on your behalf
We obtain your Credit Information Aggregates from Credit Information Companies (CICs) on your behalf. By viewing your credit information on the App/Website you hereby consent that we are authorised to share your personal information with Credit Information Companies. By availing your credit information report through our App/Website, you agree that FPL shall be entitled to rely on your authorisation and consent granted by you to us for a period of 12 months from the date on which you avail your credit information report through us.
We may analyse and profile your credit information in order to assist you in being better informed about, understand and manage your credit score/rating, identify and inform you of other credit products that are likely to be suited to your circumstances, to identify whether you may benefit from additional guidance concerning your credit score and steps you can take to improve your score and credit history etc.
Information automatically collected while using the app or website
We strive to keep automatically tracked information to a minimum by obtaining no permissions from the App / Website, unless absolutely necessary to enable proper functioning of the App / Website. However, we may collect information relating to your use of our App / Website such as your IP address, browser type, mobile operating system, manufacturer and model of your mobile device/computer, access time and time spent. We may also collect information about the screens/pages you view within our App / Website and other actions you take while using our App / Website.
We may use third party services for such automatic collection, however no personally identifiable information will be shared with such third parties, unless required under applicable laws.
Use of Personal Information
We shall not transmit, sell or rent the Credit Information Aggregates to any other person and the same cannot be copied or reproduced other than as agreed herein. Credit Information Aggregates provided to FPL are solely the property of you and Credit Information Companies. We may use the information collected for offering some of our credit products and services.
However, we do not share any information with third parties for soliciting products and services offered by them. Information automatically tracked while using the App or Website allows us to collect statistics about your usage, allowing us to deliver a more effective and personalized experience.
Information Sharing
We do not share any of your personal information with any third parties except when it is requested or required by law or by any court or governmental agency or authority to disclose, for the purpose of verification of identity, or for the prevention, detection, investigation including cyber incidents, or for prosecution and punishment of offences.
We may need to share limited personal information with our partners who perform services for us (eg. KYC / documents collection, card delivery, Collection Agencies and other related partners, etc) and help us operate our business. We require our partners to safeguard this information and only use your personal information for the purposes we specify.
Information Security
We implement reasonable security practices and procedures including the International Standard IS/ISO/IEC 27001:2013, Payment Card Industry Data Security Standard (PCI-DSS v 3.2.1), and RBI Cyber Security Framework.
We take appropriate security measures to protect against unauthorised access. These include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorised access to systems where we store personal data. All information gathered on our App / Website is securely stored within a controlled database. Access to the servers is password protected, controlled, and is strictly limited.
The Credit Information Aggregates shared by you, or received on your behalf shall be destroyed, purged, erased or returned to the Credit Information Companies promptly either when you expressly seek to do so and/or seek to revoke the consent or if it is mandated or intimated by regulators.
Data Retention
We will retain your information for as long as it is necessary for providing you the services available on the App or Website or your request for termination of your account with us, whichever is later. Post termination of your account, we may continue to use your anonymised data aggregated or in combination with anonymised data of other users.
We use this aggregated anonymised data for data analysis, profiling and research purposes. We may keep your contact information along with your application details (if any) for fraud prevention purposes and for the exercise/ defense of a legal claim or for providing evidence in legal proceeding(s) if required.
If you wish to review, correct or rectify your sensitive personal information or withdraw your consent for processing your sensitive personal information, you may submit a request at onecard.privacy@fplabs.tech. However, we will continue to retain sensitive personal information as per the applicable laws.
Log Files
This information may include Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may use the collected log information about you to improve services offered to you, to improve marketing, analytics, or App / Website functionality.
Confidentiality of your account
You are solely responsible for maintaining the security of your account and must not provide these credentials including the Personal Identification Number (PIN) assigned to you for the App or the OneCard itself to any third party. We are not responsible or liable if someone else accesses your account through the credentials they have obtained from you or through a violation by you of this Privacy Policy.
Cookies and Do Not Track / Incognito mode settings
The OneCard website uses Google Analytics, a web analytics service provided by Google. This software uses cookies that are text files containing small amounts of information which are downloaded to your device when you visit a website, in order to provide a personalised browsing experience. These cookies help Google identify unique users, unique sessions, gather information and store information. No personally identifiable information is retrieved or stored.
Cookies allow users to navigate between pages efficiently, remembering their preferences, and generally improving their browsing experience. These cookies collect information analytics about how users use a website, for instance, often visited pages, time spent on each page etc. All information collected by third party cookies is aggregated and therefore anonymous. By using the OneCard website, the user agrees that these types of cookies can be placed on his / her device. The user is free to disable/ delete these cookies by changing his / her web browser settings. FPL and its affiliates are not responsible for cookies placed in the device of Users by any other website and information collected thereto. For more details, you can view our Cookie Policy.
Use of the OneCard App / Website shall be deemed to mean that the User has read this Privacy Policy and that the User authorises FPL to exchange, share, part with all information related to the details and transaction history of the Users to the Bank, its affiliates, banks, financial institutions, Credit Information Companies (CICs), agencies, participation in any telecommunication or electronic clearing network as may be required by law, customary practice, credit reporting, statistical analysis and credit scoring, verification or risk management and shall not hold FPL liable for use or disclosure of this information.
Grievance Redressal Policy
If you have any grievance or complaint, questions, comments, concerns or feedback in relation to the processing of information or regarding this Privacy Policy or any other privacy or security concern related to the App / Website, you can send an email to Ketan Kulkarni on grievances@fplabs.tech.