Privacy Policy - NeoGrowth - Lending simplified. Growth amplified.

Introduction

We at NeoGrowth are committed to protecting your privacy when dealing with your personal information. This privacy policy is intended to provide an overview of the information we collect, how we use it and how we protect it. While information is the cornerstone to provide our service, at the same time NeoGrowth ensures that the information provided to us for availing our services are kept secure and used only for legitimate and committed business us as consented by our upholding all our applicable legal and regulatory obligations.

NeoGrowth through the privacy framework ensures the following:

1. Safeguard, according to strict standards of security and confidentiality, any personal information shared with us

2. Limit the collection and use of personal information to the minimum required to deliver superior service, which includes advising our customers about our products, services, and other opportunities, and to administer our business.

3.Permit only authorized employees, who are trained in the proper handling of customer information, to have access to that information.

4. Not to reveal any personal information to any external organization unless required by NeoGrowth to deliver the services, and authorized by the information owner, or are required by law. Provided that certain information may be provided to the affiliates, vendors, or regulators of NeoGrowth that have legitimate business reason and/or mandated by regulatory and legal obligations.

5. Maintain integrity of the information provided to NeoGrowth.

This page (“Privacy Policy” or “Policy”) provides overview of our policies and proceduresfor collecting, using, and disclosing the personal/customer information and outlines the security measures we’ve put in place to protect such information collected while delivering services by NeoGrowth including information collected through this web site, and any othersoftware orservices offered by NeoGrowth in connection with such services (the “Services”). By using these Services, you consent to the collection, transfer, processing, storage, disclosure, and other uses of your information described in this Privacy Policy.

What information does NeoGrowth collect and store?

When expressing an interest in obtaining additional information about the Services or registering to use the Services, NeoGrowth requires you to provide your personal contact information, such as your name, company name, gender, address, phone number, and email address, geographical information etc. (to be referred as ‘Contact Information’).

When availing the Services, NeoGrowth requires you to provide financial, billing information, KYC (know your customer) and organization detailssuch as account information, financial information such as bank account details, profit loss statement, company PAN Card, balance sheets, GST, , COI, Aadhar card, name and address, credit history, bank mandates, NACH information among others required to be able to serve our customers and required to maintain our legal and regulatory obligations (referred as ‘Customer Information’).

Along with this information NeoGrowth maintains the consent by the information owner while collecting the information

Using NeoGrowth services, you will be able to create, upload, store and share information such as Contact and Customer Information (this is collectively referred as ‘Data’). This information will be stored and maintained by NeoGrowth in both physical and digital medium. If you run into technical errorsin the course of using the Services, NeoGrowth may request obtain some additional information like account details, transaction information etc. (“Diagnostic Information”). Such information may contain information regarding customer information, account information, transaction information etc. Additionally, certain login information may be maintained in a cookie stored locally on your computer (i.e., not on a server) in order to streamline the login process (“Login Information”) depending on the services used.

As you navigate NeoGrowth website and use our Services (and/or applications), NeoGrowth may also collect information through the use of frequently used information‐gathering tools, such as cookies and Web beacons (“Website Navigational Information”). Further to improve our service NeoGrowth utilize the truncated information stored and/or processed at NeoGrowth end for data analytics. Collectively, this information is referred to as “Analytics Information.”

What does NeoGrowth do with the information it collects?

NeoGrowth uses the information it collects in the following ways:
1. Personal Contact Information – We use this information primarily to administer our Services to you and provide you with updates and product announcements. We may use some of your information for marketing purposes.
2. Customer Information – NeoGrowth stores this information to continue its services to the customer and information is retained at NeoGrowth as per NeoGrowth’s Retention / Preservation Policy, unless otherwise required under law.
3. Data, Diagnostic Information and Login Information – We use this information solely for the purpose of administering and improving our Services to you.
4. Analytics Information – NeoGrowth may use your Analytics Information in conjunction with an analytics service to monitor and analyse use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user‐friendliness, and to verify users have the authorization required for the Services to process their requests.

Sharing & Disclosure of Personal/Customer Information

Marketing and Publicity

Per our Privacy and Conditions, you agree to permit NeoGrowth to identify you as a customer and to use your name and/or logo website and marketing materials.

Sale of Personal Information

NeoGrowth does not sell, rent, or trade your private information to any third parties in any way.

Service Providers and Business Partners

NeoGrowth may use certain trusted third‐party companies and individualsto help us provide, analyse, and improve the Services (including, but not limited to, KYC verification, Credit Rating, data storage, maintenance services, database management, analytics, payment processing, and improvement of the Services’ features). These third parties may have access to your information strictly for the purposes of performing these tasks on our behalf and under obligations similar to those in this Privacy Policy.

Non‐Private or Non‐Personal/Non‐Customer Information

We may disclose your non‐private, aggregated, or otherwise non‐personal information, such as usage statistics of our Services, in our discretion.

Our Use and Disclosure of Information

NeoGrowth will not disclose any personal/customer information except as set forth in this Privacy Policy. This applies to information about our customers and information our customers provide to us about their customers. We are not limited in any way in our use of non‐personal information that does not permit direct association with any specific customer or non‐identifiable aggregate information about our users (such as the number of customers who use our services, the geographic distribution of our users, the amount of information located and/or removed, etc.).

Internal Uses of Your Personal/Customer Identifiable Information

1. We collect, store, and process your personal/company information on servers and physical located in the within boundaries of India. This includes the following:
a.NeoGrowth and its trusted partners Offices
b.Data Centre Maintained inhouse at NeoGrowth office
c.Cloud Service Provider (Amazon Web Services Mumbai, India region only)
2. Due to the unpredictable nature of Internet routing, your information may passthrough other countries while in transit to our servers.
3. We use the information we collect about you in order to:
a. Deliver our services
b. Process your transactions
c. Provide customer service and manage your account
d. Improve our products, services, and marketing.
e. Maintain Legal and Regulatory obligations on NeoGrowth
4. We provide access to personal/customer information about our customers only to those who require it for the above purposes.
5. NeoGrowth will not sell or rent any of customer information to third parties. NeoGrowth will not share any of your personal information with third parties except in the limited circumstances described below.
a. We share information with service providers under contract who help with our business operations such as payment and order processing, fraud investigation, verification, and information management and analytics. These third parties are obligated to protect your information and are contractually prohibited from using your personally identifiable information for any other purpose. They are never permitted to share your information with any third parties. They are authorized to use your personal information only as necessary to provide these services to NeoGrowth.
b. We disclose information in response to a circular, subpoena, warrant, court order, levy, attachment, order of a court‐appointed receiver or other comparable legal process, including subpoenas from private parties in a civil action. If the subpoena seeks information about an identified subscriber or limited group of subscribers, we will make reasonable business efforts to contact the information owners before providing information to the party that requests it. We cannot guarantee that we will be able to do so in all cases, whether due to a time limit, court order, inability to effectively contact a subscriber, or other circumstances.
c. We are under Regulatory and Legal obligations so some of the information is shared with Legal and Regulatory bodies as a part of our due diligence and periodic mandatory fillings
d. We disclose information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).
e. We share information with companies that provide public relations and marketing services for us. Such information will only be shared by us to customize, measure, and improve our products,services, and advertising. It will not be shared with third parties for their marketing purposes. These third parties are contractually obligated to protect your information and are prohibited from using your personal information for any other purpose.
f. The delivery of our Services, by its very nature, may require using your Personal information to locate other information about you. Such use may include, but not be limited to, using your information to search the publicly accessible resources, Internet sites as well as searching private information databases and sites and market feedbacks.
g. The delivery of our Services, by its very nature, may require revealing your personally identifiable information to the partners (Banks, Credit Agencies etc.), regulators etc. For example, we may have to disclose your information in such cases. This occurs with your express permission for a specific, given purpose.

Information provider’s rights

a. All sensitive personal data or information provided by you has been voluntarily provided to us. You have the right to withdraw your consent at any time in writing by sending an e‐ mail to us at helpdesk@NeoGrowth.in, in accordance with the terms of this privacy policy. However, please note that withdrawal of consent will not be retrospective in nature and shall be applicable prospectively. In case you do not provide your information or consent for usage ofsensitive personal data or information orsubsequently withdraw your consent for usage of the sensitive personal data or information so collected, we reserve the right to discontinue the services for which the said information was sought.
b. You may write to us at helpdesk@NeoGrowth.in to access, review, modify or correct your sensitive personal data or information or withdraw your consent to provide sensitive personal data or information. However, we are not responsible for the authenticity of the sensitive personal data or information provided by you.

Security Practices and Procedures

We use reasonable security measures, at the minimum those mandated under applicable laws, as amended from time to time to safeguard and protect your sensitive personal data or information.

We have implemented best practices and information security controls as applicable for ISO 27001:2013 standards across our internal process & information assets.

Data Retention

We will retain your information for as long as your account is active or as needed to provide you the Services. If you wish to deactivate your account or request that we no longer use your information to provide you the Services, you may request for the same after fulfilling all contractual obligations and clearing out on the dues. Upon request while we try to delete your Data from our servers if there is any legal and regulatory obligation that prevents us from doing that, we shall retain the data as per our obligation. Please be aware that there may be a delay from the time you delete your Data to the time that your Data is removed.

Changes To Privacy Policy

1. If we decide to make material changes to our Privacy Policy, we will notify you by e‐mail through the primary e‐mail address specified in your account and/or post those changes to this Privacy Policy on the Website homepage prior to the changes taking effect as deemed feasible by us at the time of change. You are responsible for ensuring we have an up‐to‐date
access to the privacy policy.
2. You are also responsible for regularly reviewing the Privacy Policy. We reserve the right to modify this Privacy Policy at any time. No amendment to or modification of this Policy will be binding unless in writing and signed by a duly authorized representative of NeoGrowth or posted to the Site by a duly authorized representative of NeoGrowth.
3. The applicability of this policy shall remain only if the same has been approved and posted by the authorized person appointed by NeoGrowth management.

Data Privacy Principles

In addition to the principles, practices and policies set forth above in this Privacy Policy, NeoGrowth has adopted the following principles to govern its collection and processing of Personal Data:
1. Personal/Customer Data shall be processed lawfully, fairly, and in a transparent manner.
2. The Personal/Customer Data collected will only be those specifically required to fulfil NeoGrowth obligations to deliver the services.
3. Personal/Customer Data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are collected and/or processed. Personal/Customer Data shall be accurate and, where necessary, kept up to date as feasible.

Applicable Regulatory and Legal Obligations w.r.t to Data Usage

Compliance to RBI Guidelines on Digital Lending

NeoGrowth ensures the following:

1. NeoGrowth does not share any personal/customer information with RE/DLA unless required for fulfilment of their commitments to NeoGrowth and as permitted by RBI. All RE/DLA are bound by Agreements not to store any customer data unlessrequired to fulfil its business case and limited to allowed data elements. NeoGrowth ensures that all engaged third parties by NeoGrowth are in compliance with NeoGrowth Privacy Policy
2. The borrower is provided with an option to give or deny consent for use of specific data, restrict disclosure to third parties, data retention, revoke consent already granted to collect
personal data and if required, make the app delete/ forget the data during onboarding.
3. Explicit consent of the borrower is taken during data collection with details like sharing of personal information with any third party and it’s intended use

Indian IT Act, 2000 and related amendments

NeoGrowth ensures all obligations w.r.t. Indian IT Act of 2000 and subsequent obligations to NeoGrowth and complied to without any deviations.

RBI Data Localization Guidelines

NeoGrowth ensures all (including copies) personal and financial data of its customer (including its vendors) resides within boundaries of India.

RBI Master Direction ‐ Information Technology Framework for the NBFC Sector

NeoGrowth has implemented the Information Technology Framework and Cyber Security Practices in line with RBI Master Direction ‐ Information Technology Framework for the NBFC Sector.

Information Security Framework as per ISO 27001:2013

NeoGrowth has implemented its Information Security and Cyber Security Framework for protecting its customer data as per the guidelines laid under ISO 27001:2013.

Questions, Complaints and Contacts

If you have any questions / escalations / complaints / queries regarding this Privacy Policy, please contact us at:.

Mr. Nitin Ramwani, Grievance Officer

Questions, Complaints and Contacts

349, Business Point, 7th floor, Western Express Highway,

Email ID: grievanceofficer@NeoGrowth.in

Contact no.: 022 ‐ 68489999