Privacy Policy

ECS Credit Privacy Policy

Welcome to ECS Credit. This is our Privacy Policy Page.

1. Introduction

ECS Credit values the privacy, confidentiality, and security of each customer's personal information. We take care to protect your details when you visit our website at www.ecscreditsloan.com or reach out to us about financial services. This Privacy Policy explains how we collect, use, store, share, and keep your information safe.

We understand how sensitive and important your personal information is to you. The Information Technology (Regulations on Reasonable Security Practices and Procedures related to Sensitive Personal Data or Information) Rules of 2011, the Information Technology Act of 2000, and other relevant laws are just a few examples of the laws we make every effort to ensure compliance with. We also follow global best practices for maintaining accessible and unaltered data.

2. Definitions

Referenced in this Privacy Policy:

Personal Information
Includes any details that can be used to recognize you, either directly or through some other means. This includes your complete name, home address, phone number, PAN, government-issued ID, Aadhaar (masked), email address, and banking details.
Non-personal Information
Data that can't be used by itself to find out who you are. Examples include things like the browser you use to visit our site, your device identifier, your IP address, location information if you allow it, and data about your online activity.
KYC (Know Your Customer)
The process of checking a user's identity and financial history as required by law.
Service Providers
The third parties that we engage to deliver services include banks, NBFCs, credit bureaus, analytics partners, and IT service providers.
Cookies
Small text files that are saved on your browser or device and track usage habits to improve your online experience.

3. Information We Collect

We collect various information to enable our services and comply with the law. The information could comprise, inter alia:

a. Personal Information

  • Full name, gender, marital status, and birthdate.
  • Contact information: Includes the home address, the phone number you want, the email address, and the cell phone number.
  • Financial data: Account number, IFSC code, proof of income, pay stubs, and tax certificates.
  • Identification: Voter ID, driver's license, passport, PAN card, and Aadhaar (blurred).
  • Employment details: Includes years of employment, employer name, company sector, and proof of income.

b. Non-Personal Information

  • Type of device, operating system, and browser version.
  • Usage behavior of websites, including pages visited, duration of visit, and clickstreams.
  • Referring website or third-party URL under which you accessed our Website.

c. Third-Party Data

  • Credit report and credit score by prominent credit bureaus like CIBIL.
  • KYC confirmation reports of regulated KYC authorities.
  • Other information procured from our banking and NBFC peers based on the lending process.

4. Purpose of Collection

We collect your data only for legitimate purposes and maintain its purpose as per the reasons specified below:

  • To authenticate identity: For KYC, impersonation avoidance, and regulatory needs.
  • To rate creditworthiness: Credit scoring and establishing your creditworthiness for the usage of products.
  • For extending services: For loan release, repayment monitoring, and customer care.
  • For legislative and regulatory compliance: Including anti-money laundering (AML), tax compliance, RBI regulations, and prevention of funding of terrorism (PFT) standards.
  • To improve user experience: Personalizing the service, suggesting appropriate products, and enhancing Website usability.
  • For communication: Notifying transactional notices, service alerts, policy changes, or promotions through email, SMS, or WhatsApp (where deemed appropriate).
  • For resolving disputes: Resolving complaints, disputes, or service problems.
  • For security: Fraud detection, unauthorized transactions, or suspicious activity.
  • For research and analysis: Analysis of customer behavior for better financial product design.
  • For business continuity management: For facilitating mergers, acquisitions, restructuring or complying with requirements.

We never collect and process information that is irrelevant or is not for those purposes.

5. Use and Disclosure of Information

Collection, use, and disclosure of your personal information at ECS Credit are handled with care and in compliance with the laws and industry practices governing such use and disclosure. Your non-personal and personal information is never exchanged, sold, or rented to unrelated third parties for profit. We utilize and disclose it only as necessary to provide you with financial services, to comply with laws, and for other reasons in order to build a better experience on our Website.

We categorize usage and disclosure into two broad categories: (a) Internal Use and (b) Third-Party Disclosure.

a. Internal Use

Your data is utilized extensively within ECS Credit and its controlled group of affiliates. Key applications include:

  • Authentication and Verification: Your documents of identity and credentials are utilized to verify that you are the applicant. This prevents fraud, impersonation, and identity theft. Example: Verifying a PAN number against government records.
  • Credit Risk Assessment: Your submitted financial data and work history are evaluated to assess your creditworthiness. This includes debt-to-income ratio calculations, payment history, and risk scores to make intelligent decisions regarding credit grants.
  • Customer Service Support and Relationship Management: Contact details are employed for notification of loan application status, reminders, or providing solutions to enquiries. Individual accounts are viewable only by authorized customer service representatives to ensure accountability.
  • Research, Analysis, and Service Improvement: Aggregated and anonymized data is examined for insights into user behavior, improving risk models, and creating better loan products.
  • Regulatory Compliance: Utilizing internal data guarantees that ECS Credit complies with RBI regulations, anti-money laundering (AML) laws, and data protection statutes. Transaction and communication records are preserved as mandated by law.

b. Third-Party Disclosure

In certain cases, your personal information is shared with approved external entities. Sharing is always restricted, specific to purpose, and under confidentiality agreements:

  • Financial Partners (Banks and NBFCs): Essential for loan disbursement, repayment management, and co-lending models. Example: Sharing data with a partner NBFC that disburses the approved loan.
  • Credit Bureaus: ECS Credit collaborates with providers such as CIBIL or Experian to assess your payment history and associated risk, avoiding frivolous lending.

6. Technology and Infrastructure Partners

Secure cloud hosting, IT infrastructure, payment gateway, SMS/email delivery, and fraud detection systems service providers may have temporary access to your information.

Example: Delivery of OTP makes you give your phone number to an SMS gateway provider under tight security protocols.

8. Business Transactions

Where there is a merger, acquisition, joint venture, or corporate reorganisation, your data may be transferred along with business assets.

In case such a transfer happens, the new organisation will be held to this Privacy Policy or an equivalent up-to-date policy with similar or improved protection.

9. Third Party Site Usages

These are given only for your convenience and do not imply endorsement by ECS Credit.

10. Independent Privacy Practices

Once you have clicked on a third-party link, you are subject to their terms of service and privacy policies, which could be totally different from ours. We do not have control over the information that is collected, shared, or used by these third parties about you.

Examples of Third Party Sites:

  • Transaction processing payment gateways.
  • Credit bureau websites that offer credit score information.
  • Government portals used for identity verification.

11. User Responsibility

If you are visiting any third-party websites, we strongly advise you to carefully review their privacy policies. Data that you submit on these websites is provided by you voluntarily, and ECS Credit does not have any control over their practices.

12. Information Disclosure to Third Parties

ECS Credit is dedicated to being transparent on when, why, and to whom your personal information can be revealed to third parties. Revelation is never indiscriminate, but only to that extent where it is purely necessary for our business processes or as the law requires.

a. Financial Institutions and Lending Partners

Your personal information may be shared with banks, NBFCs, and regulated financial institutions for lending, repayment of loans, and credit reporting.

Example: Your salary information can be shared with a co-promoter NBFC, which steps in for underwriting the loan.

b. Technology Service Providers

We have specialist vendors providing services like cloud storage, payment processing, fraud scoring, SMS/email delivery, and IT infrastructure. These suppliers have contractual obligations to provide confidentiality and have no right to utilize your data for anything other than as agreed upon.

c. Regulatory Authorities

Information shall be shared with the regulatory authorities, tax authorities, courts, or regulators on proper legal requests, audits, or statutory inspections, according to Indian laws, and to protect financial services from being misused.

d. Professional Advisors

ECS Credit sometimes has the ability to disclose limited information to the auditors, the legal advisors, or the compliance, business restructuring, or dispute resolution consultants.

Business and Corporate Transactions

In the event that ECS Credit undergoes a merger, acquisition, restructuring, or business transfer, your personal information may be disclosed or transferred to the acquiring party as part of the business assets.

All such transfers are conducted with the assurance that the new entity will be bound by this Privacy Policy or an equivalent policy providing the same or an improved level of privacy protection.

Revelation to Third Parties

ECS Credit will share your personal information with third parties in very specific, limited situations only, always within the framework of Indian law and industry best practices. We are committed to ensuring disclosures are lawful, necessary, and respectful of your trust.

  • a. Financial Partners: We disclose information to banks and NBFCs to facilitate processing, underwriting, disbursal, and repayment of loans. This is essential for providing the core services you have subscribed to.
  • b. Data Analytics and Technology Vendors: Third-party providers are granted access to data for analyzing platform performance, tracking user behavior, and improving service quality. These providers are strictly bound by contractual terms and confidentiality agreements.
  • c. Government and Regulatory Authorities: Data may be provided to public authorities, statutory regulators, and law enforcement agencies to:
    • Meet court orders or statutory audits.
    • Aid criminal investigations into fraud or abuse of financial services.
  • d. Corporate Transactions: If ECS Credit is being reorganized, merged, acquired, or a business transferred, your information will be disclosed to the acquiring party. The acquiring party will enjoy the same or even greater level of privacy protection.
  • d. Fraud Detection and Risk Management: This information may be shared with fraud watch groups or credit reporting agencies for financial crime prevention and the safeguarding of users.

    Observation: Your Aadhaar number, biometric information, and very private data are never divulged to unauthorised parties at any point in time.

10. Changes to this Privacy Policy

This Privacy Policy may be updated, modified, or amended to reflect changes in laws, rules, technology, or business procedures.

a. Notice of Changes

We will provide any updates to the Privacy Policy on our Platform.

Where material circumstances, for example, changes to information-sharing practices, make it not reasonably practicable to notify you by email, SMS, or in-app notification, we may also inform you in such alternative manners.

Effective Date of Changes

All changes take effect immediately upon being posted unless otherwise indicated. Your use of our services after we make changes will show that you agree to the updated Privacy Policy.

User Responsibility

We encourage you to review this Privacy Policy occasionally so that you are informed about how we obtain and use your information.

11. Collection of Your Information / Contacting ECS Credit

ECS Credit is an open business and we are allowing you access rights to update, modify, or remove the information that you have submitted to us.

a. Deleting or Changing Information

You can ask for changes to your information if it is wrong or no longer up to date.

You are free to withdraw consent to process or release your data.

Withdrawal Consequence: Be aware that withdrawal of certain data may restrict our ability to provide services, including money lending or access to accounts.

b. Verification Process

Any such cancellation or amendment request must be supported by the required documents to be verified and ensure the safety and integrity of the system.

c. Contacting Us

You may contact our designated Grievance Officer or Data Protection Officer (DPO) in the event of data processing issues, correction, or cancellation. Contact details of the officer will be provided on our site from time to time.

12. Enhanced Security Measures

Data security is important to us. ECS Credit implements a multi-layered security that comprises administrative, technical, and physical controls to ensure data confidentiality, integrity, and availability.

a. Data Encryption

Personal information is secure during transmission by using SSL/TLS protocols, which is the default industry level of encryption.

Secure Indian servers encrypt data while it's at rest.

b. Access Controls

The personal data are only accessible to permitted employees who have a legitimate business reason to see them

Such access is governed by strict contractual confidentiality obligations and role-based access solutions.

c. Authentication and Verification

Authentication can be done using 2 steps or factors for more control over data (for example, OTP verification) is used for sensitive actions such as login and disbursal of loan.

This limits the possibility of anyone else accessing your account.

d. Monitoring and Auditing

Our infrastructure is constantly monitored for any unusual activity.

To adhere to international security requirements, vulnerability scans and independent audits are conducted on a regular basis.

e. Certifications and Compliance

ECS Credit is ISO 9001 and ISO 27001 compliant, indicating adherence to global best practices in quality management and information security.

f. Incident Response

In the case of a very remote data breach, ECS Credit has an organized incident response plan addressing:

  • Immediate suspension of the breach.
  • Vulnerability analysis and mitigation.
  • Notice to the users who are impacted and to the relevant authorities as required by law.

Non-Disclosure of Aadhaar

We solemnly assure that Aadhaar numbers shall never be disclosed, retained, or shared with unauthorised agencies as prescribed by Indian data protection law.

14. Data Retention Policy

ECS Credit has an appropriate data retention practice. User data collected on an individual basis is retained for the time period adequate to accomplish the purposes under this Privacy Policy or to meet regulatory, legal, and business requirements. For instance, loan application information or KYC authentication might be stored up to a maximum of seven years to meet Reserve Bank of India (RBI) regulation, the Information Technology Act, and other relevant laws.

We ensure redundant or stale information is safely removed, anonymized, or archived for long-term preservation. When data is no longer needed for our business, legal, or regulatory reasons, it is completely removed from our systems forever. The policy assures users' information will not be stored indefinitely and is always subject to the rules of minimization and accountability.

GRIEVANCE OFFICER

As per Information Technology Act, 2000 and the rules thereunder, the following given name and contact details of the Grievance Officer are mentioned for reference purposes:

Contact Number :
+91 84479 52841

Email Address:
grievance@yakshinfinlease.com