Privacy Policy

The domain name www.leo1.in (hereinafter referred to as "Website") is owned by Gajju Technologies Private Limited, a company incorporated under the Companies Act, 2013 with its registered office at LEO1 HO, Plot No. 169, RSC II S.N. 120, Versova, Andheri (W) Mumbai – 400053. This Privacy Policy is published in compliance of the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011, Guidelines dated 02.09.2022 on Digital Lending by Reserve Bank of India (RBI) and other applicable law as amended from time to time. This Privacy Policy covers how Gajju Technologies Private Limited (“LEO1” or “Company”) uses any information that you give when you visit the Company’s Website or mobile application (“Application”) (Website and Application collectively referred to as “Platform”). The Privacy Policy describes what information we collect from you, how we collect this information and what we do with it after we collect it. By using our Platform, you give consent to the use of your Personal Information (as defined below) by Company in accordance with the terms set out in this Privacy Policy. We may make changes to the Privacy Policy from time to time. We will notify you of any material changes to the Privacy Policy by sending you a notification.

The privacy policy covers how Gajju Technologies Private Limited (www.leo1.in) uses any information that you give when you visit the LEO1 platform. The policy describes what information we collect from you, how we collect this information and what we do with it after we collect it. By using our website, you give consent to the use of your Personal Information by LEO1 in accordance with the terms set out in this Privacy Policy. We may make changes to the Privacy policy from time to time. We will notify you of any material changes to the privacy policy by sending you a notification

INFORMATION COLLECTED

Personal Information: We collect personal information which includes but is not limited to name, mailing address, phone number, pan number, Aadhaar number (masked data), etc. bank account number, passport details, ITR, bank statements, purpose of loan and other financial information for the purpose of effectively providing products and services of the Company (“Personal Information”). We may ask you to provide additional information about yourself, if required for the purpose of rendering our services.

Company may collect your Personal Information or data from a variety of sources, including:

  1. Online and electronic interactions via the Application, text messaging programs or applications on third party social networks.
  2. Offline interactions via collecting post-dated cheques (PDCs) (if required), National Automated Clearing House (NACH) mandate.

Non-personal information: We can also collect non-personal information such as IP address, browser type, operating system, and the URL of the previous website you visited.

If you believe that any information you have provided to us is either incomplete or incorrect, please write to us at support@leo1.in to request any changes. We never publicly disclose any Personal Information related to financial or payment activities or any government identification numbers.

You specifically agree and consent to Company and its partners for collecting, storing, processing, transferring, and sharing information including Personal Information (“Consent”) related to you in the manner set out in this Privacy Policy.

All information, including Personal Information, disclosed by you shall be deemed to be disclosed willingly and without any coercion. No liability pertaining to the authenticity/ genuineness/ misrepresentation/ fraud/ negligence, etc. of the information disclosed shall lie on Company nor will Company in any way be responsible to verify any information obtained from you.

MANNER OF COLLECTION OF INFORMATION:

You understand that the information collected by the Company, may be collected including but not limited to under the following methods:

  1. When you register with Company on either its Website or Application by setting up a user account.
  2. Through your transactions with any of the Company partners.
  3. Directly through user input.
  4. Through your usage of the services.
  5. Through automatic tracking of your usage of the Platform.
  6. Through access you provide Company with Application on your smartphone or tablet.
  7. Through the use of cookies and other tracking technologies.
  8. Company uses analytics tools to improve customer experience to track user activity, page content, click/touch, movement, ease of use of site interface, scroll on the Website.

The collection of information / data may in most cases be automatic. While registering through Application, a one-time access will be taken for camera, microphone, location or any other facility necessary for the purpose of on-boarding/ KYC requirements with the explicit Consent of the user. Further, while using Company’s Platform, no biometric data (such as retina print, fingerprints, Face ID) is collected by Company, unless permitted under extant statutory guidelines. We shall not access your mobile phone resources like file and media, contact list, call logs, telephony functions.

USE OF INFORMATION
  1. We use the information to understand your credit profile and provide you with a better service. We also might send you promotional emails about new products, special offers or any other information which might be of relevance to you.

  2. Subject to the grant of explicit Consent from you, we will share your information with our consultants, affiliates, agents, contractors, business partners, associates, subsidiaries, investors, merchants, service providers, and other persons including but not limited to such entities as mentioned in the Table A below (“Third Parties”) for provision of services on the Platform. We will share your information with Third Parties only in such manner as described below:
    1. We disclose and share your information including Personal Information with the Third Party lending partners for facilitation of a loan or facility or line of credit;
    2. We share your information with our Third Party partners in order to conduct data analysis in order to serve you better and provide services on our Platform;
    3. We may disclose your information, without prior notice, if we are under a duty to do so in order to comply with any legal obligation or an order from the government and/or a statutory authority, or in order to enforce or apply our terms of use or assign such information in the course of corporate divestitures, mergers, or to protect the rights, property, or safety of us, our users, or others.
    4. We will disclose the data / information provided by a user with other Third Party technology partners to track how the user interact with the Platform on our behalf.
    5. We and our affiliates may share your information with another business entity should we (or our assets) merge with, or be acquired by that business entity, or re-organization, amalgamation, restructuring of business for continuity of business. Should such a transaction occur than any business entity (or the new combined entity) receiving any such information from us shall be bound by this Privacy Policy with respect to your information.
    6. We will disclose the information to our Third Party technology and credit partners to perform credit checks and credit analysis like Credit Bureaus or Third Party data source providers;
    7. We will share your information under a confidentiality agreement with the Third Parties and restrict use of the said information by Third Parties only for the purposes detailed herein. We warrant that there will be no unauthorised disclosure of your information shared with Third Parties.
    8. We will share user information, including user account details, financial and transactional history with banks, payment facilitator partners, identity verification service providers, and credit reference agencies and other agencies to identify and verify users and limit exposure to criminal activity and financial risk for the protection of Company’s financial interests and avoidance of money laundering or fraudulent activities. In order to prevent money laundering activities and comply with applicable regulations, Company may, without prior intimation to user, report suspicious transactions to law enforcement agencies and also suspend or block user account, during the period of investigation.
      When conducting the audit/checks, the relevant Third Parties may retain information regarding Company query and user information and may share this information with other fraud prevention agencies.
    9. By using the Platform, you hereby grant your Consent to Company to share/disclose your Personal Information with the governmental authorities, quasi-governmental authorities, judicial authorities and quasi-judicial authorities, in accordance with applicable laws of India.

  3. In case we use or disclose your information for any purpose not specified above, we will take your explicit Consent.

  4. Company shall not be liable for disclosure of the Personal Information when done in accordance with this Privacy Policy or after otherwise obtaining users’ prior permission in this regard.
Table A
Third Party Name / TypeAction
Lending PartnersBureau Report Pull, Credit Assessment and Underwriting, eNACH, eAgreement, Fund Disbursement.

Karza Technologies Private Limited

DeskNine Private Limited

PayU Payments Private Limited

eKYC verification, eNACH registration and presentation and eAgreement execution.
Scienaptic Systems Inc.Bank Statement Analysis software
Tata AIG Health InsuranceIssuance of Insurance Policy on the facility offered.

REVOCATION OF CONSENT

Subject to the provisions of this Privacy Policy, you may revoke or restrict your Consent any time by notifying Company in writing at support@leo1.in of your intention to do so. You understand that your request to revoke or restrict Consent will be processed within 7 business days. You understand that if you revoke or restrict your Consent, then, Company, in its sole discretion, may limit, restrict, or terminate your Company Account. You understand that neither your revocation or restriction of Consent, will affect the legal effectiveness or validity of any electronic communication provided while your Consent was in effect.

RIGHT TO BE FORGOTTEN

Notwithstanding anything to the contrary contained herein, the user shall have the right to obtain from Company the erasure of Personal Information concerning him or her without undue delay and the Company shall have the obligation to erase Personal Information without undue delay where one of the following grounds applies:

  1. the Personal Information is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  2. where there is no other legal ground for the processing of Personal Information;
  3. the Personal Information has been unlawfully processed;
  4. the Personal Information has to be erased for compliance with a legal obligation in Union or State law to which Company is subject;


However, above right to be forgotten shall not apply to the extent that processing is necessary:

  1. for exercising the right of freedom of expression and information;
  2. for compliance with a legal obligation which requires processing by applicable law to which the Company is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in Company;
  3. for reasons of public interest;
  4. for the establishment, exercise or defence of legal claims.

DATA RETENTION
  1. We shall retain the information you provide to facilitate your smooth and uninterrupted use of the Platform, and (i) to provide, improve and personalize our services; (ii) to contact you about your account and give customer service; (iii) to personalize our advertising and marketing communications; and (iv) to prevent, detect, mitigate, and investigate fraudulent or illegal activities.
  2. Except as permitted by applicable law, the information / data stored, retained, processed and transmitted pursuant to this Privacy Policy shall reside at a data storage centre within the geographical territories of India.
  3. The information / data retained shall exclude the data mentioned in Data Destruction clause hereinbelow.
DATA DESTRUCTION

Subject to the exceptions to ‘Right to be Forgotten’ as provided hereinabove, we do not retain your Personal Information for longer than required for the purpose for which the information may be lawfully used. To ensure that Personal Information is kept for no longer than necessary, Company shall delete the KYC documents like PAN, Aadhaar and other OVD Documents of the user possessed for processing their loan application within 48 (Forty Eight) hours from date of disbursement or rejection of the application.
For any other information, we may entertain your request for deletion, however, you may not be able to use our services at all after such deletion.

COOKIES USAGE

A cookie is a small file placed on the hard drive of your computer. Most websites use cookies. We use cookies to track your use of the Website and provide you with a more personalized user experience. You can choose either to accept or decline cookies. Most web-browsers automatically accept cookies, but you can change your browser settings to decline cookies as well.

DATA MINIMISATION

The Organisation shall ensure that personal data are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are possessed.

ARCHIVING / REMOVAL

To ensure that personal data is kept for no longer than necessary, the organisation shall delete the KYC documents like PAN, Aadhar and other OVD Documents of the user possessed for processing their loan application within 48 hours from date of disbursement or rejection of the application. The user can also reach the organisation to delete his account and information by mailing us at support@leo1.in subject to closure of all the ongoing services.

DUE DILIGENCE & SECURITY

Data security is our priority. To prevent unauthorised access, we have the required procedures and firewalls (both electronic and physical) to safeguard your data including Personal Information. We use requisite technical and organizational security measures to ensure a level of protection for Personal Information or data appropriate to the nature, scope and purpose of processing Personal Information or data, the risks associated with such processing, and the likelihood and severity of the harm that may result from such processing. The transfer of Personal Information or data between your end device and us is carried out via best-in-class encryption protocols. If you communicate with us by e-mail, access by third parties cannot be ruled out. In the case of confidential information, we recommend using the mail, i.e., post or encrypted e-mail communication.

In the event of a circumstance that resulted in unauthorized access to or disclosure or use of information data, Company will report such incident of security breach to the concerned law enforcement agency and investigate the incident, undertake the steps for handling such incident of security breach as provided hereinbelow and cooperate fully with the law enforcement agency’s investigation of and response to the incident as soon as practicable.

As a user of the services, you also have the responsibility to ensure data security. You should use the services offered responsibly. Do not share your username or password with any third person. You are solely responsible for all acts done under the username you are registered under.

However, given the nature of internet transactions, Company does not take any responsibility for the transmission of information over the internet including user’s information shared and collected. Any transmission of user information on the internet is done at your risk. Company does not take any responsibility for you or any third party circumventing the privacy settings or security measures it has in place or those provided to you during the use of the services.

While Company will use all reasonable efforts to ensure that the user information and other information submitted by you is safe and secure it offers no representation, warranties or other assurances that the security measures are adequate, safe, fool proof or impenetrable.

THE WARRANTIES OF THE COMPANY WRT THE WEBSITE, APPLICATION AND THE SERVICES STATE AT OUTSET THAT EACH OF THESE ANY RELATED THERETO ARE ALL PROVIDED ON “AS IS” BASIS.

Company reserves the right to conduct a security review at any time to verify user identity/details. User consents to provide Company all the information that Company requests for the security review. If user fails to comply with any security request, Company reserves the right to terminate /suspend access to/use of user account, and/or prohibit user access to the Platform.

STEPS FOR HANDLING SECURITY BREACH
  1. Move quickly to secure the systems and fix vulnerabilities that may have caused the breach.
  2. Switch off the servers and change the access code to prevent additional data loss.
  3. Mobilize the breach response team right away to prevent additional data loss.
  4. Additional security required will be placed.
  5. Securely delete personally identifiable information (PII) and other sensitive data when it no longer needed for business purposes.

will report security breaches to concerned authorities & stakeholders in a timely manner.

OTHER SITES LINKS

We provide links to other websites within our Website. Once you use these links to leave our Website, you should understand that we cannot guarantee the privacy of any data that you may have divulged on these websites. You should exercise caution and read the privacy policy of the concerned website before sharing any data.

CHILDREN’S PRIVACY

Our services are not directed to children, and we do not knowingly solicit or collect Personal Information from persons under the age of 18 (eighteen). If we find out that a child has given us Personal Information, we will take steps to delete that information and terminate the relevant Company Account.

PHISHING

“Phishing” usually occurs when users of a website are induced by an individual/entity into divulging sensitive personal data by using fraudulent websites and/ or e-mail addresses. In the event you provide information to a website or respond to an e-mail which does not belong to us or is not connected with us in any manner, you will be a victim of Phishing.

SEVERABILITY AND EXCLUSION

We have taken every effort to ensure that this Privacy Policy adheres with the applicable laws. The invalidity or unenforceability of any part of this Privacy Policy shall not prejudice or affect the validity or enforceability of the remainder of this Privacy Policy. This Privacy Policy does not apply to any information other than the information collected by Company through the Platform. This Privacy Policy shall be inapplicable to any unsolicited information you provide us through the Platform. This includes, but is not limited to, information posted in any public areas of the Platform. All unsolicited information shall be deemed to be non-confidential and Company shall be free to use and/ or disclose such unsolicited information without any limitations.

GOVERNING LAW AND DISPUTE RESOLUTION

This Privacy Policy shall be governed by and construed in accordance with the laws of the Republic of India. The courts at Mumbai, Maharashtra, India shall have exclusive jurisdiction in relation to any disputes arising out of or in connection with this Privacy Policy.

NO WAIVER

The rights and remedies available under this Privacy Policy may be exercised as often as necessary and are cumulative and not exclusive of rights or remedies provided by law. It may be waived only in writing. Delay in exercising or non-exercise of any such right or remedy does not constitute a waiver of that right or remedy, or any other right or remedy.

COMMUNICATIONS

WhatsApp option - 'By Signing Up, the user agrees to receive communication from Company via WhatsApp, Email, Messaging or any other communication channel.

CHANGES IN PRIVACY POLICY

Our Privacy Policy might change from time to time, and Company will provide notice of it on your email address linked to your Company Account or can be seen by you on our Platform.

CONTACT US

If you have questions, concerns, or grievances regarding this Privacy Policy, you can email us at our grievance email-address: support@leo1.in or reach out to our Grievance Officer mentioned below:



Officer Name: Ms. Akanksha Jain

Officer Email: akanksha.jain@leo1.in

Phone Number: 9899107818



Lending Partner Grievance Officer Details can be checked on –
https://www.leo1.in/grievance-officer-details/

The Grievance Officer can be contacted between 09:30 a.m. to 6:00 p.m. from Monday to Friday except on public holidays.