Apply for Loan EMI Calculator
Give us a Missed Call Pay EMI

Privacy Policy

1.       Purpose

The privacy policy ensures that the personal information shared by customers, employees, and vendors with Vridhi Home Finance Limited (VHFL) is protected and not misused. This policy outlines the collection, use, storage, sharing, processing, and protection of such information in accordance with the data privacy regulation. The Board will review the Privacy Policy annually to ensure compliance with legal standards, reflect best practices, and address emerging privacy

2.       Scope

This Privacy Policy applies to all personal and confidential information pertaining to employees, customers, and vendors. VHFL collects information during various processes such as loan applications, employment, and vendor engagements.

3.       Objective

The objective of this privacy policy is to:

  • The objective of the policy is to:
    • Protect data/information that is confidential or
    • Ensure effective procedures are in place to prevent the loss of confidential and confidential information.
  • This policy applies to
    • All staff and employees of VHF
    • All contractors, suppliers, and other people working on behalf of VHF.
    • All the Customer who has taken a loan from Vridhi Home Finance
  • Employee: Individuals employed by VHFL.
  • Vendor: Third-party service providers engaged by VHFL.
4. Definitions
  • Customer: Members who have taken a loan from Vridhi Home Finance, including those with current loans and those who have dropped out of the program.
  • Information/Data: Financial and personal data collected from members at the time of loan application.
  • Financial Information: Data regarding businesses, income, expenses, loans outstanding, repayment history, guarantors, or collateral.
  • Sensitive Personal information: Financial information such as bank account details, credit card, debit card details or any payment mode details, Bank or account passwords, Sexual orientation, Biometric details.
  • Personal Information: Data about family, health, consumption behavior, personal preferences, attitudes, beliefs, or living conditions.
  • Records: Tangible objects or digital information.
  • Records Management: Practice of maintaining records from data collection to disposal, including classification, storage, securing, and destruction or archival preservation.
  • Credit Bureau: Independent organization compiling information from credit grantors and other sources regarding individuals’ credit applications and payment behavior.
  • “Data Subject” refers to the identified or identifiable individual whose Personal Data is processed by the Organisation.
  • “Privacy by Design” refers to the approach to embedding data protection principles into the design of systems, processes, and technologies from the outset.
  • “Sensitive Personal Data” refers to special categories of Personal Data which require higher levels of protection. This includes information about an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data (when used for identification), health data, and data concerning a person’s sex life or sexual orientation.
5.       Principles of Policy Design

The privacy policy ensures that personal information shared by customers is protected and not misused. The following principles are adhered to:

Implementation Details

  • Information Collected at Origination:
    • The data collection process must be transparent and fair in nature.
    • The data collection must be purpose driven, specified, explicit and lawful.
    • The data must be kept safe and The confidentiality, integrity and availability of the data must be maintained.
    • Ensure the data must be kept accurate, relevant, and not excessive.
    • Only required documents as per KYC norms for identity and address proof will be collected.
    • Photos collected for records and identification; written permission required for marketing use.
    • Retain for no longer than necessary.
6.       Processing of Sensitive/Personal Data

Personal data of customers/employees will be securely stored, in manual or electronic form, and in accordance with the IT Act. In addition, data collected for a specific purpose, product, or service may be stored at VFH with other information.

  • Data transfer:  VFH shall not disclose an individual’s personal/sensitive data outside the VFH office except:
    • When VFH has express consent to do so, or in circumstances as explicit consent of the customer, or basis legitimate use between VFH and an individual. The consent obtained shall be free, specific, informed, and unambiguous.
    • The Consent notice must be defined as per DPDPA, and DPDP
    • When necessary, to our regulatory bodies and auditors.
    • When VFH is required or permitted to do so by law
    • Fraud prevention agencies were required.

In case the data is processed/shared with third parties, for any purpose, including cross-selling and cross-marketing, the specific purpose is required to be disclosed in the consent notice.

7.       Procedures and Guidelines for Data Privacy

VHF MUST maintain physical, technological, and procedural safeguards and security that comply with the IT Act and privacy law. Below are some of the steps that VFH should take to ensure customer/ employee data privacy:

  • Access to sensitive/personal data should be provided strictly based on the need to know, including the access to application, server files, database, Sharedrive etc.
  • Backups should be kept in a safe and secure environment.
  • Sensitive personal data should be shared with proper authorization as required.
  • Logs of the systems should be taken periodically and reviewed to identify the user access to the applications and servers containing sensitive personal data.
  • In addition, training procedures should be in place for all employees of VFH, to ensure ambitious standards of data protection.
Action Principle
Internal Collecting information: Discretion and adherence to RBI regulations.
Using customer information: Protection of customer interest from misuse internally.
External Sharing information with third parties: Any sharing will be with customer’s explicit consent.
In other circumstances, customer information will be shared only if directed by the customer or with written permission.
8.       Data Subject Rights

Under the provisions of data privacy, Data Principal, also known as Data Subjects, are additionally entitled to:

  • The right to erasure of Personal Data.
  • The right to obtain information regarding all data fiduciaries with whom Personal Data has been shared, inclusive of the categories of Personal Data shared, consolidated in one location.
  • The right to seek initial redressal of grievances from the data fiduciary, followed by recourse to the Board; if necessary.
  • The right to designate an individual to exercise the Data Principal’s rights in events of the Data Principal’s death or incapacity.
  • Review, update, modify, or withdraw consent for Personal Information, and to exercise the above stated rights, Data Subjects should contact the Data Protection Officer (“DPO”) at dpo@vriddhihome.com.
9.       Data Classification
  • Electronic Records: Data stored in digital formats such as databases, emails, and system-generated files.
  • Physical Documents: Data stored in tangible formats such as paper files, printed records, and physical media.
10.     Data Disposal Methods
  • Electronic Records:
    • Overwriting: Replacing existing data with random characters multiple times to ensure recoverability
    • Degaussing: Using strong magnetic fields to erase data from magnetic media
    • Cryptographic Erasure: Encrypting data and then deleting the encryption key.
    • Physical Destruction: Shredding, crushing, or incinerating electronic media.
  • Physical Documents:
    • Shredding: Cutting paper documents into small pieces to prevent reconstruction
    • Incineration: Burning documents to ensure complete destruction
    • Pulverization: Crushing documents into fine particles
11.     Data Disposal Monitoring and Confidentiality
  • Monitoring: Regular audits and monitoring of data disposal activities to ensure compliance with data privacy regulation.
  • Confidentiality: Maintaining confidentiality during the disposal process to prevent unauthorized access
  • Verification: Verifying that data has been destroyed completely and maintaining audit trails
12.     Incident Response
  • Initial Assessment: The IRT will conduct an initial assessment to determine the nature and severity of the incident.
  • Containment: Immediate steps will be taken to contain the incident and prevent further damage.
  • Investigation: A thorough investigation will be conducted to identify the root cause and impact of the incident.
  • Notification: Relevant stakeholders, including affected individuals and regulatory authorities.
13.     Data Breach Notification
  • Timeliness: Notifications must be made promptly, within the period specified.
  • Content: Notifications must include details of the breach, potential impact, and measures taken to mitigate the breach
  • Communication Channels: Notifications will be communicated through appropriate channels, such as email, phone, or official website.
14.     Roles and Responsibilities
Role Responsibilities
Senior

Management

 Senior Management must hold the ultimate responsibility for ensuring adherence to legal requirements concerning data privacy.
Data Protection Officer (DPO) –  Ensure Data privacy compliance

–  Conduct privacy impact assessments

–  Handle data protection queries and complaints

–  Monitor data processing activities

–  Report data breaches
Incident Response Team –  Identify and assess data breaches

–  Implement containment and remediation

–  Document and report incidents

–  Conduct post-incident reviews
Data Disposal Officer –  Ensure compliance with disposal policies

–  Authorize and verify data disposal

–  Maintain disposal records

–  Monitor disposal activities
IT Security Team –  Implement security measures

–  Conduct security audits

–  Monitor data access

–  Provide technical support
Human Resources (HR) –  Manage employee data

–  Conduct privacy training

–  Handle data access requests

–  Ensure secure storage and disposal of records

 

Role Responsibilities
Customer Service Team –  Manage customer data

–  Inform customers of privacy rights

–  Handle data access requests

–  Ensure secure storage and disposal of records
Vendor

Management Team

 –  Ensure vendor compliance

–  Include data protection clauses in contracts

–  Monitor vendor activities

–  Conduct vendor audits
Internal Audit Team –  Conduct privacy audits

–  Identify non-compliance

–  Recommend improvements

–  Ensure corrective actions
All Staffs/ Employees Employees must understand and adhere to the data privacy policy.
15.     Remediation
    • Corrective Actions: Steps will be taken to rectify the vulnerabilities that led to the incident.
    • Recovery: Efforts will be made to restore affected systems and data to their normal state.
    • Documentation: All actions taken during the incident response will be documented for future reference and compliance audits

 

16.     Training Employees, Vendors and Customers in Privacy Policy

Customers are made aware of their privacy rights and responsibilities before receiving Responsibilities include understanding the privacy clause, keeping information updated, informing Vridhi Home Finance of misuse, and keeping financial data confidential.

17.     Channel for Complaints

Customers can contact the customer complaint number available on the website to record complaints. Staff who have proven to have breached the privacy policy will face penalties as stated in the HR policy.

  • Promoting Awareness Among Staff
    • Staff will be trained in the privacy policy during induction and refresher training. At the appointment, staff will sign a non- disclosure/confidentiality clause to protect Vridhi Home Finance’s and clients’ data.
  • Monitoring
    • Regular monitoring of policy adherence by employees is conducted by the Internal Audit team during branch audits, with reports for corrective measures.
18.     Information Security Mechanisms and Records Management
  • Vridhi Home Finance maintains physical and electronic safeguards to protect customer information. Mechanisms include:
  • Records Management and Physical Data Security: Safe storage of physical files at branches, authorized access, and engagement of third-party service providers under SLAs.
  • Information/IT Security Mechanisms: Controlled data access and modification, individual usernames and passwords, periodic backups on cloud servers, and authorization for database changes.

 

 

 

Terms & Conditions

 1.  Definitions

Vridhi Finserv Home Finance Limited , formerly Vridhi Finserv Limited , ( hereinafter referred to as “Vridhi”, “Company”, “we”, “us”, etc ) ,  is a Company registered under the Companies Act, 2013   having its Registered Office at C101, East Crest, Salarpuria Sattva, Budigiri Cross, Kondasapura Bengaluru 560049 Karnataka and Corporate Office at 2nd Floor, No. 38, GKR Sapthagiri Vaishtadhama 12th Cross, Off CBI Road, Ganganagar, Bangalore – 560032 and having corporate identity number U65999KA2022PLC156307, is governed by the National Housing Bank Act, 1987.

“User” refers to any individual, legal entity or representative who uses SERVICES of Vridhi.

“SITE” refers to websites, mobile websites and mobile applications, physical application forms or other such media through which User interacts with SERVICES of Vridhi and which are owned and maintained by Vridhi.

“SERVICES” refers to all the services and products provided by Vridhi to the User including but not limited to loan, loan application and their related services, which may be online or offline.

“PASSWORD” is an alphanumeric code entered and confirmed by the User.

“TECHNICAL PROBLEMS” include any problems and difficulties arising due to power and electricity failure, computer errors, virus related problems, programming errors, software or hardware errors, computer breakdown, non-availability of internet connection, communication problems, shutting down of the Vridhi’s server, non-availability of links, corruption of the system software, problems in other Utility Companies extending support to Company, breakdown of infrastructure and
telecommunication network, problems in any other connected telecommunication network and any other technology related problems.

VERIFICATION CODE” An alphanumeric string of characters which can be used one time for a single login or transaction or any related action on Vridhi’s SITE. In this document, all references to the User being referred in masculine gender shall be deemed to include the feminine gender. All terms defined above in uppercase will bear meaning given above. Any other terms not defined above will have general English meaning.

2.   Applicability

These Terms and Conditions form the contract between the User and Company for availing SERVICES. By accessing and using a website, mobile website or mobile app, etc the User acknowledges and accepts all terms of this agreement. The agreement shall remain effective unless terminated by Vridhi or the account is closed and consent is withdrawn specifically by User and confirmed by Vridhi, whichever is earlier. Vridhi shall be entitled at its sole discretion to update or amend the contents of the SITE at any time.

3.   Service Delivery

For the purpose of availing SERVICES, the User would need to have legal and valid access to the internet.

The User cannot claim the SERVICES as a matter of right. Vridhi reserves the right to refuse/withdraw the facility provided to the User without assigning any reasons. Vridhi at its sole discretion may also make additions/deletions to the SERVICES. Vridhi has the right to determine and vary from time to time without prior intimation, the scope and type of SERVICES to be made available including, expanding, modifying or reducing the SERVICES at any time and prescribing and changing the normal service hours during which the SERVICES are available and any daily cut-off time for any type of SERVICES.

Vridhi may advise from time to time the software such as browsers but there will be no obligation on the Company to support all the versions of this software. The User shall be solely responsible for upgrading software, hardware and the operating system at their own cost and from time to time so as to be compatible to avail the SERVICES. The Company shall be at liberty to change, vary or upgrade its software, hardware, operating systems, etc., from time to time.

The Company may need to send a VERIFICATION CODE via sms/email to User. User acknowledges that delivery of sms are dependent on the infrastructure, connectivity and services provided by the phone/network service providers. The Company shall not be responsible for non-receipt or delay of the sms, error, loss or distortion in transmission of information and instructions to/from User.

The User unconditionally consents to the Company communicating via sms, phone, internet-based messaging applications like WhatsApp, voice call, email or any other mode of communication, electronic or otherwise.

The User can contact our customer representative cell through e-mail/telephone calls/ sms / WhatsApp messages or other mode of communication for clarifying any of their queries. By accepting these Terms & Conditions, it will be considered that User has given his consent to recording of any tele-conversation between User and Company.

The Company may keep the records of any User actions or events or transactions made in any form. In the event of any dispute, the Company records shall be binding on the User as a conclusive evidence of the actions or events or transactions carried out by him through SERVICES.

4.   Unauthorized Access

The User shall take all necessary precautions to prevent unauthorized and illegal use of the internet and Company SERVICES. User agrees not to a) impersonate an employee or representative of the Company, and/or b) misrepresent identity or affiliation with a person or entity, and/or c) send unsolicited and unauthorized communication, and/or d) attempt to gain access to any portion of the SITE or any SERVICES not offered to the User, and/or e) attempt to interfere with proper working of the SITE or restrict or inhibit any other User from using the SITE.

5.   Internet Access

The User may be allotted an Id and/or PASSWORD for use of SERVICES. It is the responsibility of the User to change the PASSWORD as frequently as possible. The same are strictly confidential and not transferable. The User under any circumstances should not disclose these PASSWORD(s) to any third party. The User shall be responsible for all types of transactions executed using the above PASSWORD. The Company shall have no obligation to verify the authenticity of any transaction received through the SERVICES other than the system verification of Id and/or PASSWORD. The User shall be wholly responsible for the secrecy of the PASSWORD and the Company bears no liability for any use of the SERVICES by an unauthorized person.

The User will be responsible for all transactions done through the internet using his Id and such transactions will be considered as transactions originated by the User and will be binding on the User.

The User agrees and acknowledges that Company shall in no way be held responsible or liable if the User incurs any loss as a result of information being disclosed by Company regarding his Account(s) and the User shall fully indemnify and hold Company harmless and free from any liabilities in respect of the same.

6.   Account Services

The contents of the SITE, either wholly or partially, cannot be printed, distributed, transmitted, modified, displayed or otherwise reproduced without the prior written permission of Vridhi.

The Company at its discretion can levy penal charges accordingly for every breach of Terms and Conditions. If the account is overdrawn inadvertently or due to TECHNICAL PROBLEMS, the User will be obliged to reimburse the overdrawn amount and pay the interest and other charges on the overdrawn amount as decided by the Company.

The report generated by the User through the SERVICES shall not be construed as Company ‘s record of the transactions or actions or events. The Company ‘s own records of transactions or action or events maintained by the Company shall be accepted as conclusive and binding for all purposes.

Company under no circumstances shall be held liable to the User if the SERVICES are not available in the desired manner for reasons including but not limited to TECHNICAL PROBLEMS, natural calamities, flood, browser incompatibility, failure in telecommunication network or any other reason

7.   Charges

Vridhi reserves the right to prescribe fee/charges for the SERVICES after intimating to the User through the SITE or any other mode. The User will have the option to continue availing the SERVICES paying the prescribed fee/charges, if applicable or to discontinue the same.

The User shall be liable to pay all charges, fees, interest, costs wherever applicable, which the Company in its absolute discretion may levy with respect to any of the
SERVICES and the same may be recovered by the Company by a debit to the User account/s.

8.   Accuracy of Information

The User is responsible for the correctness of information supplied to the Company through the use of SERVICES or through any means such as electronic mail or written communication or phone conversation with customer representative(s). A VERIFICATION CODE may be sent to the registered mobile number and/or email. The Company shall accept no liability for the consequences arising out of erroneous information supplied by the User. If the User suspects that there is an error in the information supplied to the Company by him, he shall communicate to the Company at the earliest. The Company will endeavor to correct the error wherever possible on a “best efforts” basis

9.   Liability of The User and The Company

The User shall be liable for losses accrued due to unauthorized transactions or actions in the account(s) if he has breached the Terms and Conditions, and/or contributed, and/or caused the loss by negligent actions such as the following but not limited to: Disclose or fail to take all reasonable steps to prevent disclosure of the Id and/or PASSWORD(s) to anyone including Company staff and/or failing to communicate to the Company of such disclosure within a reasonable time.

Not informing the Company within a reasonable time about unauthorized access to or erroneous transactions in the account(s) through the SERVICES.

The Company shall not be liable for any unauthorized transactions or actions which occur through the internet and the User hereby fully indemnifies and holds Company harmless against any action, suit, proceeding, inquiry, investigation initiated against it or any loss, cost or damage incurred by it as a result thereof.

The Company shall not be liable to the User for any damages whatsoever whether such damages are direct, indirect, incidental, consequential and irrespective of whether any claim is based on loss of revenue, investment, production, goodwill, profit, interruption of business or any other loss of any character or nature whatsoever and whether sustained by the User, if access to SERVICES is not available in the desired manner for reasons including but not limited to TECHNICAL PROBLEMS, natural calamity, floods, fire and other natural disasters, faults in the telecommunication network or internet or network failure, software or hardware error or any other reason(s) beyond the control of the Company.

The Company shall endeavor to take all possible steps to maintain secrecy and confidentiality of its User’s account(s) but shall not be liable to the User for any damages whatsoever caused on account of breach of secrecy/confidentiality due to hacking and/or technological lapses in the system beyond the control of the Company

10.   Indemnification

The User shall indemnify and keep fully indemnified, hold harmless and defend Vridhi or its affiliates, principles, their directors and employees, from and against any/or all third party claims, demands, action suits, proceedings, judgements, orders, damages, costs, losses, interests, charges, liabilities, penalties, taxes imposed and expenses (including reasonable attorney’s fees and disbursements) of any nature whatsoever, which may arise due to or by reason of

a) User making, committing, causing or permitting to be made or committing any default or breach in respect of or no-observance or non-compliance with any of the provisions of this agreement; and/or
b) any representations or warranties or covenants made by User being false or incorrect; and/or
c) any wrongful, negligent, fraudulent, criminal act or concealment and/or violation of any Applicable Law(s) committed by User; and/or
d) breach of any provision relating to protection and non-disclosure of confidential information and/or
e) any immoral/unethical/illegal/unlawful means employed by User or breach of any clause of this agreement.
The User acknowledges that the foregoing indemnities shall survive the termination of this agreement.

11.   Usage and Disclosure of Personal Information Collected

The User agrees that the Company and/or its agents/associates/contractors may hold and process his personal information in connection with SERVICES as well as for statistical analysis, credit worthiness, credit scoring, product pricing and other business decisions. The User also agrees that the Company may disclose, in strict confidence, to other institutions, such personal information as may be reasonably necessary for reasons inclusive of, but not limited to, the following:
A. For participation in any telecommunication, electronic clearing network.
a) In compliance with a legal directive.
b) For fraud prevention purposes.
B. For obtaining a credit report from government mandated credit bureaus.
C. For obtaining consumer report, account statement or usage report from finance
institutions or third-party entities.

12.   Proprietary Rights

The User acknowledges that the Company software using the internet as well as other related software, which are required for accessing SERVICES, is the legal property of the Company or a related vendor or agent.

The permission given by the Company to access SERVICES shall not convey any proprietary or ownership rights in the above software. The User shall not attempt to modify, translate, disassemble, recompile or reverse engineer the software supporting or providing underlying SERVICES or create any derivative product based on the software.

13.   Amendment of Terms and Conditions

The Company has the absolute discretion to amend or supplement any of the Terms and conditions at any time and will endeavor to give prior notice of reasonable time for such changes wherever feasible and/or publish the same in the SITE of the Company. Any such notice published in the SITE shall be construed as reasonable notice to the User and binding on them. The Company may introduce new SERVICES from time to time. By using these new SERVICES, the User agrees to be bound by the Terms and Conditions stipulated by the Company from time to time.

14.   Withdrawal of Consent

User may withdraw consent to this Agreement by contacting customer care of the Company by mailing the Company at the address provided in section 16 of this Terms and Conditions or by any other media provided by Vridhi. The withdrawal of consent shall be effective only after Vridhi has a reasonable period of time to process the withdrawal request and User is not a customer of any of Vridhi’s SERVICES. If User withdraws consent to this Agreement, he will not be able to use SERVICES of the Company.

15.   Non-Transferability
16.   The grant of SERVICES to a User is not transferable under any circumstance and shall be used strictly by the User.
17.   Notices

Notices under these Terms and Conditions may be given by the Company and the User electronically to the mailbox of both party and such notices will be regarded as being in writing or by delivering the written notices by hand or by sending them by post to the User address as per our records and in case of Company to the address mentioned below: Vridhi Finserv Home Finance Limited (Formerly ,  Vridhi Finserv Limited) Regd. Office:  C101, East Crest, Salarpuria Sattva, Budigiri Cross, Kondasapura Bengaluru 560049 Karnataka and Corporate Office at 2nd Floor, No. 38, GKR Sapthagiri Vaishtadhama 12th Cross, Off CBI Road, Ganganagar, Bangalore – 560032 Email: customercare@vridhihomefinance.com.in Company may also publish notices of general nature applicable to all User of SERVICES
and such notices shall have the same effect as a notice served individually to each User.

18.   Governing Laws

By accepting these Terms and Conditions, the User expressly consents and submits to the laws of Republic of India and to be governed by the exclusive jurisdiction of the courts in Bangalore, India only, giving such courts the exclusive power and authority to hear and determine any dispute between the parties of this agreement.

Company accepts no liability whatsoever, direct or indirect, for non- compliance with the laws of any country other than India. The mere fact that a User from a country other than India can access SITE shall not be interpreted to imply that the laws of the said country govern these Terms and Conditions and/or the operations in the accounts of the User through the internet and/or the use of SERVICES.

The User agrees to abide by prevailing laws in respect of the internet applicable in India. It shall be the responsibility of the User to comply with any regulations prevailing in the country from where he is accessing the internet.

19.   General

The clause headings in this document are only for convenience and do not affect the meaning of the relative clause. The User shall not assign this agreement to anybody else. The Company may subcontract and employ agents to carry out any of its obligations under this contract.