Privacy Policy

Introduction

In the process of a user (“You”, “Your”, “User”) using this website https://www.getonecard.app/ (“Website”), the mobile application ‘OneCard’ (“OneCard App”) and/or availing of the existing of future services or facility provided by the Website and / or OneCard App which is operated and managed by FPL Technologies Private Limited and may include its affiliates (“FPL”/ “Company” / “we” / “us” / “our”) , you may be required to furnish information including personal information and / or sensitive personal information and / or any other information that is of confidential nature. You are urged to keep the information current to ensure that the services and facility remain relevant and enable us to reach you. This privacy policy (“Privacy Policy”) explains how and why FPL collects and uses any personal information or data when you visit or use the Website or OneCard App.

Information provided by you

To avail certain services on our OneCard App / Website, you are required to provide some personally identifiable information for the registration process or application, which includes but is not limited to the following:

  • Name
  • Email address
  • Mobile number
  • Permanent Account Number (PAN)
  • Date of Birth
  • Gender
  • Address
  • Photograph by way of selfie
  • CIC bureau data
  • Bank account details

Additionally, FPL shall ask for the following permissions (one time access) for OneCard App’s functionality:

  • SMS and Phone for SIM binding
  • Camera and microphone access
  • Location access for location verification

We may require you to provide additional details, as and when required, in order to comply with any applicable regulatory requirement or for additional services / products via OneCard App / Website, as and when offered, and may also utilise data lawfully obtained from third party service providers authorised by you, including but not limited to data pertaining to your credit score, to provide the OneCard App services / Website services to you, subject to the terms of this Privacy Policy.

Express Consent

While providing your details / documents via Onecard App / Website, including but not limited to personal information as mentioned herein above, you expressly consent to FPL (including its marketing channels and business partners) to contact you through SMS, Whatsapp, push notifications, call and / or e-mail and to follow up with regard to the services provided through OneCard App / Website, for imparting product knowledge, offering promotional offers running on the OneCard App / Website & various other offers / services by our business partners.

OneCard App / Website requires you to provide consent for keying in or uploading your personal information, as may be necessary to process your application. Any personal information which requires to be keyed in or uploaded is required for enabling hassle free, faster and paperless (to the extent possible) processing of applications for financial products so opted or availed of by you.

In order to expand the scope of our services, we may from time to time, seek additional information from you. Any such collection of additional information and documents shall be subject to an explicit and purpose specific consent sought from all users.

Information obtained from Credit Information Companies on your behalf

We obtain your credit reports from credit information companies registered under the Credit Information Companies (Regulation) Act, 2005 (“CICs”) on your behalf. We may process these credit reports further and then share Credit Information Aggregates with our partner REs. By consenting to use and avail your credit report through us, you agree that Company shall be entitled to rely on your authorisation and consent granted by you to us, and authorised to share your personal information with CICs and REs. We may analyse and profile your credit information for RE and us to assess and evaluate your application in order to provide financial products as requested / required by you.

Information automatically collected while using OneCard App or Website

We strive to keep automatically tracked information to a minimum by obtaining no permissions from Onecard App / Website, unless absolutely necessary to enable proper functioning of the OneCard App / Website. However, we may collect information relating to your use of OneCard App / Website such as your IP address, browser type, mobile operating system, manufacturer and model of your mobile device/computer, access time and time spent. We may also collect information about the screens / pages you view within OneCard App / Website and other actions you take while using OneCard App / Website.

We may use third party services for such automatic collection, however no such information will be shared with such third parties, unless required under applicable laws.

Use of Personal Information

We shall not transmit, sell or rent credit reports to any other third party and the same cannot be copied or reproduced other than as agreed herein. Credit reports provided to FPL are solely the property of the CICs and you.

Information automatically tracked while using Onecard App / Website is used for specific business purposes or for a lawful purpose to comply with the applicable laws and regulatory contractual obligations which include, but are not limited to:

  • Personalise your experience whilst you are on OneCard App / Website
  • Customise our interactions with you and assisting in expanding the scope of our services
  • Providing you with banking or non-banking services such as credit cards or / and fixed deposits from our partner REs
  • Verifying your identity for the purposes of providing banking or non-banking services
  • Create and maintain a trusted and safe environment on OneCard App / Website (such as complying with our legal obligations and compliance with our policies)
  • Analytics for the purposes providing you with personalized offers and improving our products and services
  • Assessing and processing applications or requests from you
  • Communicating with you through various channels
  • Notifying you about changes to our services
  • Responding to your queries submitted by you through various channels
  • Addressing and / or investigating any complaints, claims or disputes
  • Conducting credit checks, screenings or due diligence checks as may be required under contractual arrangement with partner bank or / and non-banking financial company
  • Preventing crime including fraud and financial crime
  • Financial reporting through partner REs, audit and record keeping purposes
  • Facilitating KYC services to the partner REs in order to expedite the onboarding process or related processes
  • For any other purpose with your consent

Information Sharing

We may need to share personal information with our partner REs, merchants (for example for OneStore offering), service providers providing services to us (eg. KYC / documents collection, card delivery, collection agencies, telecommunication, electronic clearing network and other related service providers etc.) or as may be required by law, and help us operate our business. FPL shall not be liable for use or disclosure of this information. We require our partners to safeguard this information and only use your personal information for the purposes we specify.

During the application process, you may be transferred to partner RE’s or their authorised service provider’s online / web platform / interface. FPL is not responsible for the privacy practices for such interfaces and any acts or omissions by such partner RE or their authorised service provider’s in course of your transaction with it.

We may display third party online advertisements on the Website / OneCard App. We may also advertise our activities and organizational goals on other websites / apps. We may collaborate with other website / app operators as well as network advertisers to do so. We request you to read and understand such concerned third party privacy policies to understand their practices relating to advertising, including what type of information they may collect about your internet usage. No personally identifiable information is shared with any third party advertiser as part of any such activity unless it is shared by you with such third party advertisers.

During your use of OneCard App / Website, you may come across links to third party websites/apps that are not affiliated with FPL. FPL is not responsible for the privacy practices or the content of those other websites, or for any acts / omissions by such third parties in the course of your transaction with them.

Information Security

We are ISO/IEC 27001:2022 certified company which means we have implemented applicable industry standard security controls that help us protect our customer’s data in a secure manner. You may be assured that in case we become aware of any security breach of your data, we shall take all measures in line with the aforementioned standards.

We implement proficient security practices and procedures including the International Standard ISO/IEC 27001:2022, Payment Card Industry Data Security Standard (PCI-DSS v 4.0).

We are committed about our customer’s data and privacy. We take appropriate security measures to protect your data against unauthorised access. These include internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorised access to systems where we store personal data. All information gathered on OneCard App / Website is securely stored within a controlled database. Access to the servers is password protected, controlled, and is strictly limited. We blend security at multiple steps within our products with state of the art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us to defend our systems ranging from low hanging issues up to sophisticated attacks.

We have implemented an industry standard incidence response policy in line with CERT-In guidelines and applicable regulatory requirements in case of unforeseen unauthorized access or data breach.

Data Retention

We will retain your information for as long as it is necessary for providing you the services available on OneCard App / Website or your request for termination of your account with us, whichever is later.

Post termination of your account, we will keep your personal information along with your application details (if any) to comply with any applicable law and regulatory obligations, for fraud prevention purposes and for the exercise / defense of a legal claim or for providing evidence in legal proceeding(s) if required at least for a period of 5 years from the date of termination of your account. In case you give consent, we will also retain your personal data or financial data and shall use such data only for the purposes for which you have given your express consent.

Post termination of your account, we will also continue to use your anonymised data aggregated or in combination with anonymised data of other users. We use this aggregated anonymised data for fraud prevention, data analysis, profiling and research purposes.

In certain circumstances, we may be unable to delete your account, such as if there is any outstanding dispute, or unresolved claims pending on your account. However, upon resolution of the issue preventing deletion, the information is immediately deleted and can’t be recovered thereafter.

Our partner REs will retain your personal and financial information as per their respective privacy policies and / or as per applicable laws as amended from time to time.

The credit reports received on your behalf shall be destroyed, purged or erased upon required by CICs, promptly either when you expressly seek to do so and / or seek to revoke the consent or if it is mandated or intimated by regulators.

If you wish to review, correct or rectify your personal information or withdraw your consent for processing your personal information, you may submit a request at onecard.privacy@fplabs.tech. However, we will continue to retain your personal information as per above mentioned reasons.

Log Files

This information under log files may include Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring / exit pages, operating system, date / time stamp, and / or clickstream data. We will use the collected log information about you to improve services offered to you, to improve marketing, analytics, or OneCard App / Website functionality.

Confidentiality of your account

You are solely responsible for maintaining the security of your account and must not provide these credentials including the Personal Identification Number (PIN) set up by you for OneCard App or credit card itself to any third party. We are not responsible or liable if someone else accesses your account through the credentials they have obtained from you or through a violation by you of this Privacy Policy.

Cookies and Do Not Track / Incognito mode settings

The OneCard App / Website uses Google Analytics, a web analytics service provided by Google. This software uses cookies that are text files containing small amounts of information which are downloaded to your device when you visit a website, in order to provide a personalised browsing experience. These cookies help Google identify unique users, unique sessions, gather information and store information. We may analyse your personal information to create a profile of your interests and preferences so that we can communicate information relevant to you and your interests.

Cookies allow users to navigate between pages efficiently, remembering their preferences, and generally improving their browsing experience. These cookies collect information analytics about how users use a website, for instance, often visited pages, time spent on each page etc. By using the OneCard website, the user agrees that these types of cookies can be placed on his / her device. The user is free to disable / delete these cookies by changing his / her web browser settings. FPL and its affiliates are not responsible for cookies placed in the device of Users by any other website and information collected thereto. For more details, you can view our Cookie Policy.

Grievance Redressal Policy

If you have any grievance or complaint, in relation to the processing of information or regarding this Privacy Policy or any other privacy or security concern related to the OneCard App / Website, you can send an email to help@fplabs.tech.

Changes to this Privacy Policy

FPL retains the authority to modify this policy at its own discretion. We may revise this privacy policy to account for alterations in legislation, our data collection and usage practices, the functionalities of our services, or technological advancements. We encourage you to periodically review this page for the latest information on our privacy practices.