Last Updated on: March 09, 2022
Privacy Notice
BillMart FinTech Private Limited headquartered in India, together with its affiliates ( “BillMart” or “Company,” “we”, “us” and “our”) are committed to protecting the privacy of persons who interact with us, such as our customers, business partners and other end users (“Users” / “You”). We put significant efforts in making sure that the personal data processed by us is safe and used properly, and that our data practices are properly communicated to You. This Privacy Policy generally explains the different ways in which the Company collects, stores, uses and shares User Information (defined hereunder) from our Users in connection with their deployment of the service offered by the Company via its websites, web application, mobile applications and other applications including www.billmart.com (“Platform”). This Privacy Policy has been duly framed considering requirement under the provisions of the Information Technology Act, 2000 of India (“Indian IT Act”).
The abovementioned Privacy Notice may be supplemented by just-in-time notices, or other disclosures contained within or in connection with the provision of Platform which may describe in more detail our collection, use and sharing practices or provide You with additional choices about how we process your data.
Please read this Privacy Policy carefully and make sure that you fully understand and agree to it.
By using the Platform, you agree to abide by the terms and conditions pertaining to collection, retention and use of information set forth in this Privacy Policy. If you do not agree to the Privacy Policy, you may exit and cease to use the Platform.
For the purposes of this Privacy Policy, “User Information” is any information as disclosed by the User or collected by Us relating to an identified or identifiable person and includes User Data, Application User Data and Website Data.
It is also important to understand the distinguished roles for processing User Information as per certain data protection laws and regulations including the Indian IT Act:
I. WHAT INFORMATION WE COLLECT AND HOW WE COLLECT IT
1. Information we collect
1.1. “User Data”
1.1.1. User Information collected which we analyze, process, and manage are a part of
the service provided by the Platform. This data is proprietary to the User and includes (a)
registration details, (b) financial information, (c) KYC details, (d) either or combination
of the aforesaid or information through independent / third party agencies/entities requisite for
the offering of services; (e) all other data as may be required from time to time in order for
smooth offering of services through the Platform.
1.1.2. You understand that the User Information qualifies as ‘sensitive personal data’
under the Indian IT Act, and consents sharing of the same with the Platform.
If You reside or are using the Platform in a territory governed by privacy laws under which
“consent” is the only or most appropriate legal basis for the processing of personal data as
described herein, Your acceptance of our Terms and Conditions and this Privacy Policy will be deemed as Your
consent to the processing of Your personal data for all purposes detailed in this Privacy Policy.
1.1.3. Accordingly, the User is solely responsible for determining whether and how they
wish to use the Platform and such features, and to ensure that all individuals using the Platform
on their behalf or at their request have given their informed consent to these practices,
and that all legal requirements applicable to the collection, recording and use of data through
the Platform are fully met by them, including specifically in the context of an employment relationship.
1.1.4. Accordingly, to the extent that the Indian IT Act or any similar laws apply:
(a) Our Users would be deemed to be the ‘data controller’ or the ‘data fiduciary;’ as used under relevant data protection laws.
(b) The Company and any Third Party Service Provider would be deemed to be the ‘data processor’ or ‘service provider’ when processing such data.
1.2. Information collected via use of the Platform (“Application User Data”)
1.2.1. We collect personal data directly from our
Users and their users in connection with the provision of the Platform.
Depending on the context, such information may include:
(a) Usernames and contact details such as email address, phone number etc.
(b) user IDs and passwords.
(c) activity data from the devices on which the Platform is installed / used ( “Activity Data”)
and includes technical information with limited individually identifying information such as usernames,
machine names, IP/MAC address of the user’s device and identifiers and may include without limitation:
(i) Performance Data: Data relating to how the Platform is performing. Examples include
metrics of the performance and scale of the Platform and details about the response times for user
interfaces.
(ii) Service Logs: Service logs are automatically generated by the Platform recording events during the operation of the Platform.
(d) other information that Users provide to the Company in connection with the provision of the Platform.
1.2.2. The Company processes such Application User Data for the purposes, as described below.
1.3. “Website Data” – Data relating to our Users, visitors of our website ‘www.billmart.com’ and any other prospective customer or partner who visits or otherwise interacts with any of our websites, content or emails or communications under our control ( “Sites”).
II. HOW WE USE THE INFORMATION
2. Use of the data collected
2.1. Use of User Data
2.1.1. The Company processes User Data, and the personal data contained in it including any voice prints generated via such communications towards the service offered by us vide the Platform.
2.2. Use of Application User Data
2.2.1. The Company processes Application User Data, and the personal data contained in it as necessary for the performance of the Platform, with our legal and contractual obligations, and to support our legitimate interests in maintaining and improving our Platform.
2.2.2. The Company does not sell User Information
2.3. Use of Website Data
2.3.1. The Company processes Website Data in the manner provided in clause 2.2.1. above.
2.4. More specifically, User Data, Application User Data and Website Data are used for the following purposes:
(a) To facilitate, operate and provide our service through the Platform.
(b) To authenticate the identity of our Users, and to allow them access to our Platform.
(c) To provide our customers and users with assistance and support.
(d) To train our staff.
(e) To gain a better understanding on how individuals use and interact
with our website and Platform, and how we could improve their and others’ user experience,
and continue improving our products, offerings, and the overall performance of our Platform.
(f) To facilitate and optimize our marketing campaigns, ad management and sales operations,
and to manage and deliver advertisements for our products and services more effectively, including on other
websites and applications. Such activities allow us to highlight the benefits of using the Platform,
and thereby increase Your engagement and overall satisfaction with the Platform.
(g) To support and enhance our data security measures, including for the purposes
of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity.
(h) To create aggregated statistical data, inferred non-personal data, or anonymized or
pseudonymized data (rendered non-personal and non-identifiable), which we or our Users may use to provide
and improve our respective services, or for any other purpose; and
(i) To facilitate the evaluation of the credit facilities and processing of the credit facilities,
sharing of such information and data with the other users of the Platform to the extent required and with other third-party agencies and other regulatory authorities, as and when required.
(j) To comply with applicable laws and regulations.
III. HOW WE SHARE YOUR INFORMATION
3. Sharing of data
3.1. The Company takes caution to allow User Information to be accessed only by those who really need access to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it.
3.2. In exceptional circumstances, we may disclose or allow government and law enforcement officials access to Your User Information in compliance with the applicable law. Such disclosure may occur if we believe in good faith that (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect our legitimate business interests, including the security or integrity of our products and services.
3.3. We may share User Information with third parties in the following circumstances:
3.3.1. Service Providers –
(a) We may engage third party companies and individuals to perform services complementary to our own services including data security, hosting,
communication credit insights, fraud detection and prevention services, analytics,
e-mail distribution and monitoring services, performance measurement, data optimization and marketing services,
support and customer relation management systems, and our legal, financial and compliance
advisors (each such engagement a “Third Party Service Provider”).
(b) Service Providers may have access to the Application User Data and Website Data; and they may also have access to User Data – depending on their specific roles and purposes in facilitating us and may use it for such limited purposes as determined in our agreements with them
3.3.2. Third Party Websites and Services –
(a) Our Platform may include links to third party websites, and integrations with third party services. Such websites and third-party services, and any information you process, submit, transmit or otherwise use with such websites and third-party services, are governed by such third party’s terms and privacy practices and policies, and not by this Privacy Policy. We encourage you to carefully read the terms and privacy policies of such website and third-party services.
3.3.3. Subsidiaries and Affiliated Companies–
(a) We may share your User Information with our subsidiaries and/or affiliates for the purposes described in this Privacy Policy.
(b) In addition, should the Company or any of its subsidiaries or affiliates undergo any change in control or ownership, including by means of merger, acquisition, or purchase of substantially all or part of its assets, User Information may be shared with or transferred to the parties involved in such an event.
(c) If we believe that such change in control might materially affect Your User Information stored with us, we will notify You of this event and the choices You may have via e-mail or prominent notice on the Platform.
IV. HOW LONG DO WE RETAIN DATA
4. Retaining Data
4.1. Retaining User Data, Application User Data and Website Data
4.1.1. We retain User Data, Application User Data and Website Data for as long as it is reasonably necessary in order to maintain and expand our relationship and provide You with our offerings i.e. the Platform; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy.
4.2. Please note that except as required by applicable law or our specific agreements with you, we will not be obligated to retain your User Information for any particular period, and we are free to securely delete it or restrict access to it for any reason and at any time, with or without notice to you. If you have any questions about our data retention policy, you may contact us by email at care@billmart.com.
V. Data Location
5. General
5.1. We and our authorized Service Providers maintain, store and process Personal Data in India, as reasonably necessary for the proper performance and delivery of the Platform, or as may be required by law, provided that User Data may only be processed in such locations as permitted under this Privacy Policy.
5.2. While privacy laws may vary between jurisdictions, the Company and its affiliates and Service Providers are each committed to protect User Information in accordance with this Privacy Policy and customary industry standards, regardless of any lesser legal requirements that may apply in their jurisdiction.
5.3. BillMart FinTech Private Limited is headquartered in India, which is not considered by the European Commission to be offering an adequate level or protection for the Personal Data of EU Member State residents as of the date when this Privacy Policy was last updated.
VI. Cookie Policy
6. Use of cookies
6.1. Cookies are packets of information sent to your web browser and then sent back by the browser each time it accesses the server that sent the cookie. Some cookies are removed when you close your browser session. These are the “Session Cookies.” Some last for longer periods and are called “Persistent Cookies.” We use both types.
6.2. We and our Service Providers use cookies and other technologies for performance, tracking, analytics, and personalization purposes. We may share non-identifiable / aggregated extracts of such information with our partners for our legitimate business purposes.
6.3. We use Persistent Cookies to remember your log-in details and make it easier for you to log-in the next time you access the platform. We may use this type of cookies and Session Cookies for additional purposes, to facilitate the use of the services’ features and tools.
VII. Your Privacy Rights and Choices
7. This clause covers the rights available to You if any data that we access as per clause 1 concerns you
7.1. Rights generally available
7.1.1. Right to rectification or update User Information
If You would like to correct or update personal information that You have provided to us, please contact us at care@billmart.com to receive instructions to update your profile.
7.1.2. Right not to provide consent or withdraw consent
We may seek to rely on Your consent to process certain personal data. Where we do so, You have the right not to provide Your consent or to withdraw Your consent at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.
7.1.3. Right to access
You may have the right to access the User Information that we hold about You.
7.1.4. Right of erasure
In certain circumstances, You may have the right to the erasure of User Information that we hold about You (for example if it is no longer necessary for the purposes for which it was originally collected).
7.1.5. Right to object to or restrict processing
You may have the right to request that we restrict processing of Your User Information in certain circumstances (for example, where You believe that the User Information, we hold about You is not accurate).
7.1.6. Right to opt out
You may have the right to opt out from the promotional email/SMS/call services, upon which all communications pertaining to new products, features, launches and other materials will not be sent to You.
7.2. Exercise of the rights
7.2.1. If you would like to exercise any of the above rights, please contact care@billmart.com so that we may consider Your request under applicable law. To protect Your privacy and security, we may take steps to verify Your identity before complying with the request.
7.2.2. Please note for all the information and data sought by the Company, in case you do not wish provide certain such data or seek to withdraw Your consent or information/data already provided, or wish to opt out from a particular service or wish to erase certain information / data or seek restriction in processing of certain such information / data, in such cases, the Company may not be in a position to continue provisioning of its services and shall have the right to de-register / debar You from the use of the Platform, until such time the requisite data/information and the consents are provided.
VIII. HOW DO WE SECURE YOU DATA
8. Data Security
8.1. The Company would maintain reasonable physical and technical safeguards to prevent unauthorized disclosure of or access to any data, minimize the risks of theft, damage, or loss of information, in accordance with the industry standards
8.2. However, although we make efforts to protect your privacy, we cannot guarantee that our Platform will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
IX. HOW TO DELETE YOUR ACCOUNT
9. Account Deletion Request
9.1. You may choose to delete Your account at any point of time by making such choice through Site/Platform or you can send an email to care@billmart.com from your verified email id.
The account shall not be deleted till the time any transactions are open on the platform.
We may retain Your Transaction Data in accordance with applicable laws and regulations post the deletion of your account.
In the event of the pendency of any legal, regulatory and/or statutory proceeding or receipt of any legal and / or regulatory direction to that effect, we may be required by the law to retain your Personal Data for longer periods.
Subject to above, all your personal details submitted, financial data submitted etc. shall be deleted or de-identified so that it is anonymous and not attributable to You, within reasonable time, not exceeding 90 days.
You will not be able to retrieve / access the account and related data in future once the account is deleted basis your request.
X. ADDITIONAL NOTICES AND HOW TO CONTACT US
10. The following are to be read in conjunction with the Privacy Policy.
10.1. Updates & Amendments
We may update and amend this Privacy Policy from time to time by posting an amended version on the Platform. The amended version will be effective as of the date it is published. We will provide prior notice if we believe any substantial changes are involved via any of the communication means available to us or via the Platform. After such notice period, all amendments shall be deemed accepted by You.
10.2. Data Protection Officer
The Company has appointed a Data Protection Officer ( “DPO”), for monitoring and advising on the Company’s ongoing privacy compliance and serving as a point of contact on privacy matters for data subjects and supervisory authorities. If You have any comments or questions regarding our Privacy Policy, if You have any concerns regarding your Privacy, or if You wish to make a complaint about how Your User Information is being processed by the Company, You can contact care@billmart.com or our DPO at compliance@billmart.com.
10.3. Questions, concerns, or complaints
If You have any comments or questions regarding our Privacy Policy, or if You have any concerns regarding Your User Information held with us, please contact the Company’s support at care@billmart.com.
