The website - ‘http://www.cheq.one/’ and mobile application ‘CHEQ’ and all other associated/ancillary applications, products, websites and services (“Website/Platform”) are property of and managed by CheQ Digital Private Limited, a company incorporated under the Companies Act, 2013 having their registered office address at D-254, Regal Garden, Sector-90, Gurgaon, Haryana 122001 (hereinafter referred to as "Company” which expression shall, unless it be repugnant to the context thereof, be deemed to include permitted successors and assigns).
For the purposes of Privacy Policy, accessing of and/or using the Platform to avail various offers and services as provided on the app or accessing the credentials and/or information of the offers made available or disseminated or uploaded therein, including all information, tools and services made available shall hereinafter be collectively be referred to as the “Services”.
As used herein, “Users” shall mean anyone who uses or accesses the Services /Platform on any mobile phone, tablet, console, or other device (hereinafter collectively referred to as “Device”).
You are encouraged to read this Privacy Policy regarding the collection, use, and disclosure of your information from time to time to keep yourself updated with the changes & updates that are made to this Policy. The Privacy Policy covers the products and services provided at the App. The Products and services provided by the Affiliate partners are not covered under this Policy. Where the User faces any difficulty or has any query related to the services related to affiliates, they may refer to their Privacy Policy available on their site.
By accessing or using any version of the mobile platforms, you signify that you have read, understood and agreed to be bound by this Privacy Policy of the Company and any other applicable law.
This Policy forms an electronic contract within the provisions of the Information Technology Act, 2000 (“IT Act”), the rules made thereunder and the amended provisions pertaining to electronic documents/records in various statutes as amended by the IT Act, from time to time. This Policy does not require any physical, electronic or digital signature.
This Policy shall, at all times be read and construed in consonance and along with the terms and conditions of use and access of the App Platform (“T&C”).
The Company shall not differentiate between who is using the device to access the App, so long as the log in/access credentials match with yours. In order to make the best use of the Platform and enable your Information to be captured accurately on the Platform, it is essential that you have logged in using your own credentials.
This Policy highlights inter alia the type of data shared/collected from a User in the course of the User’s usage of the Platform. The Policy further intends to apprise the User of the purposes for which the data of the User is collected and the Platform’s policy with regard to sharing such personal information with third party entities.
The terms “We”/ “Us”/ “Our” individually and collectively refer to and are synonymous with the term ‘the Company’ and the terms “You”/“Your”/ “Yourself” are to be construed to be synonymous with the term ‘User’.
All defined terms used within this Policy but not specifically defined herein shall draw their meaning from the definition ascribed to such term under the T&C.
COLLECTION OF INFORMATION
Personal Information:
Name of the User;
National ID proof with photo (including PAN Card or such similar ID proofs)
Phone number (mobile and/or residence and/or alternative) of the User;
Gender of the User;
Date of birth of the User;
Address (official/residence/other) of the User;
Email Id (primary/alternative) of the User;
Personal information received from social networking sites through which the User has registered to the Website/Platform including name, profile picture, email address or friends list, and any information made public in connection with that social media service;
Internet protocol (IP) address of the User; and
Sensitive personal data such as App passwords and payment details.
Non-personal information:
Details of internet or telecom service provider of the User;
Geolocation of a User;
Type of internet browser being used by the User and device specifications including Device ID and
Usage and behaviour statistics on the application
Such other information that may be required to access and operate the mobile application.
Please note that in addition to the above, the duration of use of the Platform by the User may also be logged and stored by the platform.
The Information may be collected and/or stored in electronic form, however, the Company is hereby authorized by the User to collect/store such information in physical form as well.
The platform may share the Information of a User with any third party entities subject to such entities adopting reasonable safety standards with respect to the use of such Information. Provided the Company shall not share or disseminate any financial sensitive information of the User and shall ensure the utmost protection and safety of such data.
Information received from third parties:
The Platform is offering credit repayment services to its users. To be eligible for these services, the user must hold at least one credit product. To evaluate eligibility, the user is required to provide explicit consent to the Company for the collection of information from government regulated credit bureaus (Eg. Experian) as our partners. This information will be used solely for the purpose of assessing eligibility for the credit repayment services. By providing consent, the user agrees that their information may be collected, processed, and used by the Company and its partners.
To fetch your real time bills and provide the payment services through BBPS (Bharat bill payment System), Please note that your consent to store information and fetch bills on a regular basis is mandatory. Users may opt out of the service if the User no longer wants to make payments through CheQ app, by reaching out to the Customer Support team. User is responsible to check the correctness of the Bill information, Due amount and Due Date before making the payment. The payment once successful will not be refunded in any case.
To provide a better experience and notify the User about the due dates, total due amount, etc. the Company engages third party service providers to retrieve the details from SMS.This information is stored and used only for the specified purposes and the services not later than the completion of such requirement. Please note that no other information or any other telephonic functions of the Users’ mobile or devices are stored with us.
If you select to link and connect your email account with the Platform, we may access the said account for purposes including collecting your credit bill details such as total amount due, minimum amount due and due date, Rewards and such other financial and transactional information to be able to do the following:
Stay on top of your finances: The Platform will communicate your payment due dates and amounts in a timely manner, helping you avoid late payment fees and other charges.
Simplified account management: You can manage all your credit and financial information in one place. You no longer need to log in to different platforms or keep track of multiple statements and bills, as the Platform will fetch all the relevant information for you.
Personalized financial recommendations: The Platform can offer personalized financial recommendations that are tailored to your specific needs and preferences. This can include suggestions on how to optimize your spending, invest your money more wisely, and plan for your future financial goals.
Rewards and incentives: The Platform may offer customized rewards and incentives based on your spending patterns and financial behaviour, which can help you save money and achieve your financial objectives.
The Company can access your email accounts, but only with your authorization through your email provider's access mechanism. If you agree to let the Platform track your credit instrument accounts, the app will securely store account details, including your login credentials and authorization tokens for each tracked account.
You can choose to give consent for us to access one or more of your email accounts separately, and you can remove our access to your email service at any time. We only read emails from financial service providers such as banks, loan providers, and credit card issuers. We do not access, open, or read any personal emails, and we confirm that we do not access any other personal information.
Please note that the Company uses automated processes to access and analyse information provided by you, including using our algorithm to access password-protected documents using the information you provide. We may receive additional information about you from third-party service providers and partners, which we combine with the information we already have. We may also receive information about you and your activities through partnerships or from our partner and networks.
We are committed to provide a secure and seamless experience to the User, in order to ensure better services, CheQ is providing ‘CheQ Safe’ feature to all the Users, which enables CheQ to fetch Users' real time credit card statements through Emails. Users may opt for 'CheQ Safe' services by giving necessary permission in the App. CheQ holds the CASA (Cloud Application Security Assessment) certification to access the email Accounts and securely retrieve the Bills and transaction details. If you have any questions or concerns about our use of your information, please feel free to contact us directly.
PURPOSE AND USE OF INFORMATION
All Information collected/stored by the Platform shall be used for:
Curating various personalised offers for the User
Keeping track of the User Expenditure to provide customised suggestions for managing Expenses.
Manage all your Credit Instruments at one place including reminding you of the payment due before the due date.
To inform you of promotions, offers, surveys, events, products and services, which may be of interest to you;
To continually improve the existing Platform and service offerings;
To conduct research and surveys;
To implement the necessary security practices to ensure that all personal data are protected;
To administer the User accounts in normal course of business;
To contact the Users in case where fraud, illegal activities or breach of privacy is recorded;
To enable the employees of or persons acting on behalf of the Company to communicate with the User, as and when necessary, in order to provide the services requested by such User;
Such other purposes that the Company, at its sole discretion, however subject to the principles contained in this Policy, may deem fit.
REPRESENTATION AND WARRANTIES
Every User hereby represents and warrants to the Company that:
All Information provided by the User is true, correct, current and updated;
All Information provided by the User and the provision of such Information by the User does not in any manner violate any third-party agreement, law, decree, order, or judgement;
All Information provided by the User does not belong to any third party, and if it does belong to a third party, the User is duly authorized by such Third Party to use, access, acquire, and disseminate such Information;
The officers, directors, contractors, or agents of the Company shall not be responsible in any manner whatsoever with regard to the authenticity or veracity of the Information that a User may provide to the Platform; and
The User shall indemnify and hold harmless the Company and each of its officers, directors, contracts, or agents and any third party relying on the Information provided by the User in the event the User is in breach of this Policy.
The Company represents and warrants to every User that:
It shall not collect the User’s sensitive personal data unless such sensitive personal data is necessary for the usage of the App.
It shall not retain any sensitive personal data for longer than such sensitive personal data is required or can be lawfully used;
In the event the Company collects Information directly from the User, the Company shall make reasonable effort to apprise the User of the purpose of such collection of Information, the intended recipient of the Information and the details of the agencies collecting and retaining the Information; and
It has in place the security practices and procedures prescribed under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“IT Rules”).
SHARING OF INFORMATION
The Company may share the information collected from users with its affiliates, employees, and other individuals and institutions located within or outside India, as needed for efficient management of Platform traffic, prevention of identity theft and other illegal activities, and responding to legal or law enforcement requests. If the Company sells any of its business or assets to a third party, it may disclose users' personal data to the prospective buyer, and this will also apply if the Company or its assets are acquired by a third party. If required by law, the Company may disclose personal information to regulatory and governmental authorities or to advisors such as law firms and audit firms while responding to their requests. In some cases, the Company may disclose personal information if it believes that such disclosure is necessary to protect its rights or the rights of others, or to comply with a judicial proceeding, court order, or legal process served on the app.
If users give explicit consent, the Company may use their information for marketing purposes, not including information collected from other sources. Users may choose not to receive marketing materials by following the unsubscribe instructions included in each email, indicating so when contacted, or by contacting the Company directly. With users' explicit consent, the Company may disclose certain information to other affiliate entities and partners that are not acting as suppliers or business partners.
If users sign up for co-branded campaigns, programs, or related events, their information may be collected and shared with those third parties. Users should familiarize themselves with those third parties' privacy policies. The Company may display third-party online advertisements on the Platform, collaborate with other Platform operators and network advertisers to do so, and advertise its activities and organizational goals on other platforms. Users should read and understand the concerned third-party privacy policies to understand their practices relating to advertising. The Company does not provide any personally identifiable information to third-party online advertisers or website operators.
Users may come across links to third-party websites or apps not affiliated with the Company during their use of the app services. The Company is not responsible for the privacy practices or content of those websites, or for any acts or omissions by those third parties during users' transactions with them.
USER INFORMATION PROTECTION AND CONFIDENTIALITY
The Users’ information is maintained by the Company in electronic form on its equipment, and on the equipment of its employees. Such information may also be converted to physical form from time to time. The Company takes all necessary precautions to protect your personal information both online and offline, and implements reasonable security practices and measures including certain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of the Company business.
No administrator at the Company will have knowledge of your login details. It is important for you to protect against unauthorized access to your login details, your mobile phone. Be sure to log off from the Platform portal when finished. The Company does not undertake any liability for any unauthorized use of the user account and its login details. If the User suspect any unauthorized use of your account, the user must immediately notify the Company by sending an email to support@cheq.one. The User shall be liable to indemnify the Company due to any loss suffered by it due to such unauthorized use of the user’s account and its login details.
The Company makes all User information accessible to its employees, agents or partners and third parties only on a need-to-know basis and binds only its employees to strict confidentiality obligations.
Notwithstanding the above, the Company is not responsible for the confidentiality, security or distribution of the User’s information by our partners and third parties outside the scope of our agreement with such partners and third parties. Further, the Company shall not be responsible for any breach of security or for any actions of any third parties or events that are beyond the reasonable control of the Company including but not limited to, acts of government, computer hacking, unauthorized access to computer data and storage device, computer crashes, breach of security and encryption, poor quality of Internet service or telephone service of the User etc.
Except as otherwise provided in this Privacy Policy, we will keep the User’s personal information private and will not share it with third parties, unless we believe in good faith that disclosure of the User’s Personal Information or any other information, we collect about the User is necessary to:
comply with a court order or other legal process;
protect the rights, property or safety of the Company or another party;
enforce our Terms of Use; or
respond to claims that any posting or other content violates the rights of third-parties.
Notwithstanding anything to the contrary, the Company shall not be held responsible for any loss, damage or misuse of the Information caused to the User, if such loss, damage or misuse is attributable to an event beyond the control of or attributable to the Company or a force majeure event.
The Company shall use the Information collected from the Users in accordance with applicable laws including but not limited to the IT Act and the rules made thereunder and use the Information only for the purpose for which it was furnished.
The Company abides by the applicable rules and Regulations, notifications and circulars under Information Technology Act 2000 and Digital Lending Guidelines, 2022 to provide the safe and secure financial repayment services to the Users.
OPTION TO OPT-OUT AND WITHDRAWAL OF INFORMATION
The User has the option of not providing its Information to the Company. Further, Information provided and/or collected by the Company may be withdrawn at any time during or pursuant to usage of the Website/Platform by a User. The Company may subsequent to such withdrawal of information, at its sole discretion continue or discontinue the provision of its services to such User.
ACCOUNT DELETION
At our Platform, we offer a feature for users to request the deletion of their account through our support section. After receiving such a request, we will archive the user's account information in compliance with relevant regulatory and operational data retention policies.
There may be some situations where we are unable to archive the account information, for example, if there are ongoing disputes or unresolved claims associated with the account. However, once these issues are resolved, we will promptly archive the account information.
Please note that we may retain certain information for legitimate business interests such as preventing fraud, enhancing user safety and security, and fulfilling legal obligations and compliance.
We also offer the option to temporarily deactivate an account or unlink a card or credit instrument. This will prevent access to the account until a reactivation request is submitted to our support team at support@cheq.one and the account is successfully reactivated.
COOKIES AND THIRD-PARTY WEBSITE/PLATFORM LINKS
The Platform sends cookies (small files containing a string of characters) to your mobile, thereby uniquely identifying your browser. Our secure cookies are used to track your preferences, help you login faster, and aggregated to determine user trends. This data is used to improve offerings, such as providing more content in areas of greater interest to most users.
Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Disclaimer: Some of the Platform features and services may not function properly if your cookies are disabled
The Platform may contain links that will redirect the Users to third party websites that may have access to the personal information of the User to which this Policy shall not be applicable. Thereby, every User agrees and acknowledges that accessing third party websites through links provided in the Platform will solely be at the User's discretion. Additionally, the Company shall under no circumstance be held liable for breach of privacy by such third-party website nor shall it be liable for any objectionable content that may be displayed on such third-party website. The Platform may contain links to other websites; however, every User agrees and acknowledges that the Platform shall not be responsible for the privacy practices of other third-party websites which it does not own, manage or control. This Privacy Policy shall not apply to any information voluntarily disclosed by the Users to other Users of the Platform or third parties.
UPDATION OF POLICY
The Company reserves the right to change or update this Policy at any time without prior notice. The User shall be notified of any change to the Policy having the effect of curtailing or limiting the existing User rights under the Policy. Any such changes or updating of the Policy shall be immediately effective upon posting to the Platform and your continued use is deemed approval of all such changes.
COMPLIANCE
We are a PCI DSS and CICRA certified company and have implemented the Information Security Management System policies and procedures in order to maintain industry standards and best practices.
We are complied with “Data Localization” requirements as per Reserve Bank of India (RBI) guidelines. This means all our customer data is securely stored in one or more data centres located within India.
CheQ’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
GRIEVANCE REDRESSAL
The User may report violation or breach of privacy, Information or identify theft or grievances in relation to the Information shared, collected, stored, or disseminated by the Company in relation to the Platform may please reach out at support@cheq.one. The grievances shall be redressed within one month from the date of receipt.
Grievance Officer:
In accordance with Information Technology Act 2000 and rules made there under, the name and contact details of the Grievance Officer are provided below:
Mr. Viral Bansal
Email: gro@cheq.one
CheQ Digital Private Limited: Building A, Bhive Workspace, AKR Tech Park, Garvebhavipalya, Karnataka, India, 560103.
Time: Mon - Sat (9:00 - 18:00)
LENDING PRODUCTS
This section is related to the supplemental terms and conditions applicable to the Users availing personal Loan/unsecured loans. Here CheQ app functions as the Technology Service Provider (TSP) & Marketing partner of Bitrocket Labs Private Limited (the wholly owned subsidiary of CheQ Digital private limited) which is the Lending Service Provider (LSP) to banks and non-banking financial companies (NBFCs). The list of lending partners we work with is mentioned in below sections.
Data Collection and storage under Lending Products:
Name of the Customer;
National ID proof with photo (including PAN Card or such similar ID proofs)
Father’s Name
Phone number (mobile and/or residence and/or alternative) of the Customer;
Gender of the Customer;
Date of birth of the Customer;
Address (official/residence/other) of the Customer;
Email Id (primary/alternative) of the Customer;
Internet protocol (IP) address of the Customer; and
Marital Status
Income type, current status and Information (Organization name if salaried employee or details of Business if self-employed)
Device information
Credit Score, Customer credit information report from government-regulated credit bureaus (Eg. Experian), payment information, and financial information, which may be shared/ uploaded by you, as and when you avail any products and/or services from the Company and/or through the Company’s partner platforms which the Company may become privy to.
We do not store any other data which is not required to serve the Customer in a seamless and effective manner. The location of the servers where your data is being stored lies within India. In case of any data breach or if you find that your credentials are compromised, the Customer shall immediately reach out to the support team and follow the necessary instructions as suggested by the team.
Date Sharing and Usage by third parties:
We may share or disclose your personal information with our other corporate entities, affiliates, lending partners, technology partners, merchants, and other third parties (credit bureau, recovery teams). This disclosure may be required to provide necessary services in order to enhance your experience and to comply with our legal obligations.
The third parties to who we send data as part of our processing requirements are as below:
AppsFlyer: To track the attribution of our referrals & downloads
MoEngage: To provide us with omnichannel services of Customer engagement, campaigns, and data analytics. Customer action-related events are sent for this purpose
Google Cloud Provider (GCP): Our secure infrastructure provider
Hyperverge Technologies Private Limited: Liveness Check and Face Fraud Recognition
Monnai Technology India Private Limited: provide enrichment and intelligence for decisions on transaction level.
Exotel Techcom Private Limited: Cloud Communication Solution for Customer Support
Lenders: All the Banks & NBFC partners of our LSP partner Bitrocket outlined in the section D below.
All the above third parties collect information under the direction of the Company and have no direct relationship with the End Customers. No third party uses any of these data for their own use and manages the data only to perform the opted services by the Customer.
Except as otherwise provided in this Privacy Policy, we will keep the Customer’s personal information private and will not share it with third parties, unless we believe in good faith that disclosure of the Customer’s Personal Information or any other information, we collect about the Customer is necessary to:
comply with a court order or other legal process;
protect the rights, property, or safety of the Company or another party;
enforce our Terms of Use; or
respond to claims that any posting or other content violates the rights of third-parties.
The information is collected purely for the facilitation of credit services. It will help us understand the customer interests, customization of products, troubleshooting, service fulfillment, collection, detection of fraud and error, web analytics and continuous improvement. We are not storing any biometric data or accessing call logs and telephony functions of the User. However, for the KYC, onboarding and E-nach creation, we can ask for On time access (through explicit consent) from you.
Access Revocation and Data Deletion:
You may revoke access to various access permissions such as contacts permission and SMS permission via your mobile operating system's app settings or similar functions. You may also request deletion of your Account and data in accordance with the termination section as set out above. However, Bitrocket as LSP and the Lenders may still retain data as required by applicable law, to the extent that any amounts are outstanding under any Credit Products or till the time approved in-principle credit limit is available to You, or to the extent any fraud or fraudulent transactions are suspected in connection with the Credit Products.
Active Lenders (Banks and NBFCs):
Earlysalary Services Private Limited (Formerly Known as Ashish Securities Private Limited)
Bajaj Finance Limited
Amica Finance Private Limited
Be advised that, in addition to this privacy policy, you may be subject to the privacy policies of the Lenders as well as other obligations stipulated in the loan documents.
GOVERNING LAW AND JURISDICTION
In the event of any dispute arising between the parties with respect to this Policy, the same shall be referred to a sole arbitrator mutually appointed by the Parties and the arbitration shall be in accordance with Arbitration and Conciliation Act of 1996. The language of arbitration proceedings shall be English. The seat and place of arbitration shall be Bangalore, India and the decision of the Arbitrator shall be final and binding on both parties herein.
This contract shall be subject to the exclusive jurisdiction of courts in Bangalore, India and shall be governed by the Indian laws.
