Privacy Policy

Vyaparavijayam Trades & Agencies

 

Last Updated: 18/11/2025

 

Vyaparavijayam Trades & Agencies ("we", "our", or "the Company") is committed to protecting the privacy, confidentiality, and security of all personal and financial information entrusted to us. This Privacy Policy has been updated to align with the relevant requirements of the Reserve Bank of India (RBI) for NBFCs, including the IT Framework, Outsourcing Guidelines, and Customer Data Confidentiality norms.

1. Information We Collect

We may collect and process the following types of information:

A. Personal Information

  • Name, address, contact number, email ID
  • Identification details (Aadhaar, PAN, voter ID, etc.)
  • Date of birth, gender, occupation

B. Financial Information

  • Bank account details
  • Loan and repayment details
  • Transaction records
  • Payment information

C. Digital & System Information

  • Login credentials used for company systems
  • Device information, IP address, access logs
  • Official communication metadata

D. Additional Information

  • Information provided voluntarily in forms or interactions

2. Purpose of Data Collection & Use

Information collected may be used for the following purposes:

  • Providing NBFC financial services and customer support
  • Identity verification and KYC compliance
  • Internal audits, regulatory reporting, and statutory compliance
  • Risk management, fraud prevention, and security monitoring
  • Processing payments, settlements, and loan-related operations
  • Communicating service updates, reminders, and account information

3. Data Storage, Security & Protection

We ensure the confidentiality, integrity, and availability of data by implementing:

  • Encrypted storage and secure servers
  • Role-based access control (RBAC) and authentication
  • Privileged user monitoring and periodic access reviews
  • Regular IT security audits and compliance checks
  • Logging and monitoring of system activities

Access to personal data is restricted strictly on a "need-to-know" basis as per RBI guidelines.

4. Data Sharing & Third-Party Access

We do not sell or rent customer data. Information may be shared only with:

  • RBI, auditors, regulatory bodies, or legal authorities
  • Authorized service providers (IT, payment processing, verification partners)
  • Legal consultants for compliance purposes

Outsourcing Compliance (As per RBI Guidelines)

  • All service providers are bound by confidentiality agreements.
  • Data remains the property of Vyaparavijayam Trades & Agencies.
  • Service providers must maintain data security even after termination.
  • RBI or its authorized entities may inspect outsourced operations and records.
  • Service providers are regularly monitored for compliance and security.

5. Customer Rights

Customers may request:

  • Access to their personal information
  • Correction or updating of records
  • Clarification on how their data is used
  • Raising concerns or complaints regarding privacy

All requests must be submitted through authorized channels.

6. Data Retention & Disposal

Data is retained only for:

  • The period necessary for service delivery
  • The duration mandated by laws and regulations
  • Audit, compliance, and legal requirements

After the retention period, data is securely deleted or anonymized in a manner that prevents reconstruction.

7. Employee Responsibilities

Employees with access to customer or system data must:

  • Maintain strict confidentiality
  • Follow company and RBI-mandated IT security guidelines
  • Use only authorized systems and official communication channels
  • Report any suspicious activity or potential data breach immediately

8. Data Breach & Incident Reporting

In the event of:

  • unauthorized access,
  • data leakage,
  • loss of data, or
  • security breach,

The Company will:

  • Immediately initiate incident-response procedures
  • Notify the Reserve Bank of India (RBI) as required
  • Inform affected customers when necessary
  • Take corrective measures to prevent recurrence

This is aligned with RBI’s breach-reporting requirements for NBFCs.

9. Website, Email & Digital Communication

  • Official email IDs must be used only for authorized communication.
  • Customer data will not be shared via personal email or unauthorized platforms.
  • Digital systems may collect logs solely for security and compliance purposes.
  • We do not track personal browsing activity unrelated to company functions.

10. Policy Changes & Updates

This Privacy Policy may be updated periodically to comply with:

  • Changes in RBI regulations
  • IT system upgrades or process improvements
  • Internal policy modifications

Revised versions will be circulated through official communication channels.

11. Contact Information

For privacy-related queries, concerns, or complaints, contact:

Vyaparavijayam Trades & Agencies
Thrissur

By engaging with our services, you acknowledge that you have read, understood, and agree to this Privacy Policy.