The personal information (including sensitive personal data or information) collected by PinCap includes:
- PAN card number
- Driver’s license number
- Bank Account number
- Passport number
- Email Address
- Aadhaar Card
- Account statement
- Any other personal information (including sensitive personal data or information) received by PinCap for processing, stored or processed by PinCap under lawful contract or otherwise.
PinCap values the personal information entrusted to it and the NBFC is committed to collecting, using, retaining and disclosing personal information in a fair, transparent and secure way by adhering to the following key principles:
A. Collection Limitation: Personal information shall be collected by fair, lawful and transparent means. PinCap shall be open with individuals about how the NBFC will use their personal information, with whom it will be shared and where it may be sent.
- Consent shall be taken in writing or electronically from the provider of the sensitive personal data or information regarding purpose of usage before collection of such information.
- While collecting the personal information directly from the concerned person, PinCap shall take reasonable steps to ensure that the provider of information is aware of the following aspects:
- The fact that personal information is being collected
- The purpose for collecting such information
- The intended recipients of such information
- The name and address of entities who are collecting and retaining such information.
The provider of information shall, at any time while availing the services or otherwise, also have an option to withdraw its consent given earlier to PinCap. Such withdrawal of the consent shall be sent in writing to PinCap on address (Pinnacle Capital Solutions Private Limited, 2nd Floor, Plot No. 100, Sector-43, DLF Phase 5, Gurugram, Haryana- 122009) or through email- firstname.lastname@example.org. In case the provider of information withdraws his / her consent in relation to personal information, PinCap shall evaluate the request and take appropriate action. If an individual does not provide their personal information or subsequently, withdraws consent in relation to personal information, PinCap shall have the option not to provide services for which the said information was sought. PinCap may retain some data to meet its obligations under applicable law.
B. Data Minimization: Only personal information required for authorized business activities shall be collected from the information provider. Personal information shall not be made available to anyone (including internal staff) who is not authorized, or does not have a business need to know the information.
C. Purpose of collection: As per regulatory requirement we collect personal information for performing KYC of the customer, bank account statements are collected to establish credit worthiness of the customer, bank account details are collected for collection of dues/loan repayment. Other information’s are collected for the purposes of background verification etc.
D. Use Limitation: The personal information shall be used for the purpose for which it has been collected. The privacy risks shall be taken into consideration, before the collection, use, retention or disclosure of personal information, such as in a new system or as part of a project
E. Security: There shall be adequate protection for the personal information collected, used, retained and disclosed to support our business activities by following the relevant usage, technical and organizational policies, standards and processes:
- PinCap has comprehensive documented information security program and information security policies that contain managerial, technical, operational and physical security control measures.
However, PinCap will not be responsible for any loss, unauthorized access or any harm caused to the information provider by any misuse of his or her personal information. The information provider hereby acknowledges that PinCap will not be responsible, in particular, for any third party action or action on the part of the information provider leading to loss, damage or harm to such information provider or any other person.
F. Access, Correction and Update: Processes shall be defined to enable the providers of information, as and when requested by them, to review the information they had provided and ensure that any personal information or sensitive personal data or information found to be inaccurate or deficient shall be corrected or amended as feasible. PinCap shall not be responsible for the authenticity of the personal information or sensitive personal data or information supplied by the provider of information. PinCap shall ensure that the data provided by customers is correct through verification of documents submitted by them as per process laid out in the ‘ KYC Policy’.
- To review, correct or update their personal information, customers can write to us email@example.com or reach out to us on our address at Pinnacle Capital Solutions Private Limited., 2nd Floor, Plot No. 100, Sector-43, DLF Phase 5, Gurugram 122009 HR.
G. Retention: Sensitive personal data or information shall be retained no longer than required, to support a specific business activity or legal or regulatory requirement.
H. Disclosure: The personal information (including sensitive personal data or information) collected or stored by PinCap, may be disclosed to comply with applicable law, directions from Government agencies mandated under law for prevention and investigation of offences, or to comply with an order issued by a competent court.
I. Transfer of Personal Information to Third-Parties: Adequate protection mechanism shall be provided for personal information in case it is transferred outside PinCap’s network.
PinCap may transfer sensitive personal data or information to any other entity or person located in India or any other country that ensures the same level of data protection that is adhered to by PinCap.
Transfer of information shall be allowed only if it is necessary for the performance of lawful contract entered into between PinCap or any person on its behalf and the information provider or where the information provider has consented to such transfer.
Personal information, including sensitive personal data or information, may be disclosed or transferred to insurance providers, credit bureau, verification agencies, collection partner, Regulatory & legal authorities (Credit information agencies, law enforcement agencies, judicial agencies), affiliates and business partners.
Reasonable due diligence activities shall be conducted to ensure that the third party has appropriate security & privacy controls in place prior to sharing of any personal information (including sensitive personal data or information).
J. Marketing and Promotional Activities: Marketing and promotional communications shall be sent to providers of information / customers only after obtaining required consent from them in adherence to obligations under applicable law.