Epifi Technologies Private Limited (epiFi or Company) is a fintech company providing financial solutions and services.
We believe that our customers (You) deserve a ‘No Shenanigans’ approach to their personal data.
By and large, this policy has minimized the usage of legal jargon – unless absolutely required on a lawful basis – and explains how we treat your information.
We aim for the highest standards of safety, security and confidentiality when using your data, and this policy describes how we collect and use your information and discusses this in detail in the below mentioned sections:
We'll only use your data for legitimate purposes while safeguarding your privacy concerns.
For purposes of this Policy, Personal Data refers to any piece of information that we, as a Company, can use to verify you as a real-life human being. For example, an e-mail ID linked to your social media accounts. Sensitive Personal Data translates to any highly confidential information – i.e. records not available in the Public Domain – that you provide to us. This data is stored and processed by us, with the utmost care, for lawful purposes alone. Collectively, both these terms become ‘personal data’ or ‘information’ throughout this Policy.
For additional reference -
Personal data means any information which relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with a body corporate, is capable of identifying such a person.
Sensitive personal data or information means such confidential details relating to:
Besides these, any information that is freely available, accessible in the public domain, furnished under the Right to Information Act, 2005 or any other law for the time being in force – shall not be regarded as sensitive personal data or information.
We intend to provide services and features that meet your needs. To do so, when you use our website, we collect personal data required by law from time to time. Wherever possible, epiFi will indicate which of these data fields are either required or are optional. However, if you are unable to provide the information we need, we may not be able to provide you with the product or service you have requested.
For your reference, we would collect the following data from You -
epiFi primarily collects your personal data to provide you with a secure, smooth, and efficient experience on our website. Not only does this help us personalize and improve your experience, but the additional information also helps prevent illegal acts. Provided that we get your consent, we may also use your personal data for other lawful purposes which we will tell you about. By way of example, some of the uses of your personal data would include -
Your personal data is only accessible to those with a legitimate need-to-know clearance. All such information remains safeguarded as per the Data Protection Rules, and ISO norms. If you would like to know more details regarding whom all we share your personal data with, please feel free to email us at email@example.com.
For further insight, we will be sharing your information with the following -
We take care to allow your personal data to be accessed only by those who really need it in order to perform their tasks and duties and to third parties who have a legitimate purpose for accessing it and with your consent. Personal data will be transferred only to a third party that ensures the same level of data protection that is mandated under the Information Technology Act 2000 (IT Act) and the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 (Data Protection Rules).
If we go through a corporate sale, merger, reorganization, dissolution or similar event, personal data we gather from You may get transferred in connection with such an event. Any acquirer or successor of the Company may continue to use the information as described in this Policy. The aforementioned successor remains bound by appropriate agreements or obligations and may only use or disclose your personal data in a manner consistent with the use and disclosure provisions of this Policy, or unless you consent otherwise.
As long as you have an account with us, your personal data remains safeguarded by us. Upon permanent account deactivation, the information remains retained for 12-24 months before deletion, anonymization or archival. For your reference -
Where we have no continuing legitimate business need to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
We are dedicated to guarding the security of your information. We use several industry-standard security technologies and procedures devised to help protect your data from unauthorized access, use, or disclosure. For specifics, please read below -
The information contained in our records must be both accurate and current. If you wish to update data about you which is inaccurate or incorrect, we shall provide self-help tools for you to directly review or update certain aspects of your personal data in our records.
In addition to being able to update and correct your personal data, you may also have other Data Protection Rights. This revolves around what you can let us do (or not do) with your information.