We at Shriram Finance Limited (hereinafter referred as “SFL”, “the Company” or “we” or “our” or “us”), is a Non-Banking Financial Company (NBFC) registered with Reserve Bank of India (RBI) under Section 45-IA of RBI classified as an Investment and Credit Company and validly existing under the provisions of Companies Act, 2013, having its registered office at Shriram Finance Limited, 14A, Sri towers, South Phase, Industrial Estate, Guindy, Chennai – 600 032, Tamil Nadu., India, understand privacy and its value, is the licensed User of the website www.shriramfinance.in ("Website").
This data Privacy Policy (“Policy”) sets forth the modes of collection, use, transfer, disclosure and sharing minimal amount of personal data or information ("personal Information") gathered through any website, digital lending application, mobile application, platform or otherwise used by us. This policy applies only to personal information collected on the platform/ website and also applies to information collected by the company in other ways. The policy also sets forth the reasonable security practices and procedures adopted by Shriram Finance Limited (“SFL”) and its digital lending application. This privacy policy shall be read in conjunction with the terms of use agreed by you while registering with SFL for availing its services. This Privacy Policy applies to the visitors to our website, digital lending application, mobile application, platform and our existing and future customers/prospects/applicants.
This document is prepared and published by virtue of the legal requirement that require regulated entities/ intermediaries to publish the rules and regulations, privacy policy and terms for access or usage of their website/mobile app and in compliance with the below:
PLEASE READ THIS POLICY CAREFULLY. BY CONTINUING TO USE THE SERVICES YOU AGREE TO THIS POLICY. IF YOU DO NOT AGREE TO THIS POLICY OR ANY PART THEREOF, PLEASE DO NOT USE/ ACCESS/ DOWNLOAD/ INSTALL THE APP OR ANY PART THEREOF.
The Policy is applicable for the collection of information for the following categories of services:
Information for Digital Lending Services: information collected by/through the Platform by Shriram Finance Limited (a non-banking financial company), for (a) verifying your identity and conducting KYC checks; (b) assessing your creditworthiness and loan eligibility; (c) facilitating loan disbursement and repayment; (d) fraud prevention and security; and (e) providing customer support and service-related communications; and Information collected by the Platform provided to the lending partners and the business partners.
Shriram Finance Limited have digital lending applications known as “Shriram One”, “Shriram One for Business” and “Shriram Web”, through which you may apply for a loan and/or other services to be granted on the loan documents executed between you and the emplaned lending partners, by visiting the website, https://www.shriramone.in/ or the “Shriram One”, “Shriram One for Business” mobile and/or web application (the “App”) (collectively, the “Platform”) and availing the services provided by us (“Service(s)”) you agree to be bound by the terms and conditions (“Terms”) of this Privacy Policy.
Shriram Finance Limited, a regulated entity, which can collect/store/process your Personal information.
You (customer) authorize us to collect, store, authenticate, verify and distribute the Personal Information (as defined below) as may be required to sanction the loan or providing you with any services on the applications or on the website. The personal information may be collected through application form. We recognize the expectations of its customers and the visitors to its website/ applications with regards to privacy, confidentiality and security of their personal information which we receive while browsing/ using our website/ services. We are committed to maintaining the confidentiality, integrity and security of all the personal information of our users. Keeping Your personal information secure and using it solely for activities related to Company’s business is our top priority.
We have taken adequate measures aimed at protecting the personal information entrusted and disclosed to us. This Policy is framed to inform you the privacy practice followed & the governing way in which the Company collects, uses, discloses, stores, secures and disposes your personal information and sensitive personal data or information.
This Privacy Policy explains how we protect the personal data provided through our Platform and how we use that information in connection with our Service offered through the Platform.
To register with us, you must be at least 18 (eighteen) years of age, of sound mind, not disqualified by law, and a resident of India. Use of the Service is strictly prohibited for individuals under the age of 18 (eighteen) years or minors.
"Personal Information" for purposes of this Policy means information including Sensitive Personal Information that identifies you, directly or indirectly such as your name, address, phone number, mobile number, e-mail address, postal address, a unique login name, password, password validation, income tax details, marital status, family details, business information, bank statements, KYC documents and other details shared via application form or via email or via any other electronic medium or via printed form. All Personally Identifiable Information and Service Information shall be collectively known as “Information”.
By providing your number at the platform, you are authorizing us & our representatives to contact and offer you our Services for the product you have opted for, imparting product knowledge, offering promotional offers running on the website, and to contact you again about other services and products that we and /or authorized third party service partners/affiliate(s) offer. By submitting your Information to the platform, you expressly acknowledge and consent to use such Information and to process the same in a manner deemed fit and provided in this Privacy Policy, in compliance with applicable laws. This may involve conducting data analysis, research based on reviews about deals, transfer of your Information to third party experts for the purpose of services offered to you by Shriram Finance Limited and/ or other lending partners, transfer your Information to third parties/ service partners for providing you services offered by such third parties and service partners etc.
Retention of information is done as per this policy and in compliance with applicable law/regulatory requirements in India and as mandated in our arrangements with our business partners to provide services to you.
“Processing” in relation to personal data or information means an automated operation or set of operations performed on personal data, and may include operations such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, use, alignment or combination, indexing, sharing, disclosure by transmission, dissemination or otherwise making available, restriction, erasure or destruction;
“Publicly available information” shall mean any information or data of the user which the Company reasonably believes is lawfully publicly available. All other information or data which is not publicly available shall be Non-publicly available information for the purpose of this Policy.
“User” shall mean such Persons who are using the Company’s services or the Company’s website or the Company’s mobile app and to whom this Policy is applicable, and it shall include the words “you”, “customer” which are used interchangeably in this Policy.
Information may be collected at various stages of your usage of the Shriram Finance Platform such as:
• visiting Shriram Finance Platform
• registering on Shriram Finance Platform as a “user” or “merchant” or any other relationship that may be governed by terms and conditions listed on Shriram Finance Platform
• creating your Shriram Finance user account. Your associated profile information, including but not limited to name, email ID, and other profile details as may be provided by you, will be common across Shriram Finance apps
• transacting or attempting to transact on Shriram Finance Platform
• accessing links, e-mails, chat conversations, feedbacks, notifications sent or owned by Shriram Finance Platform and if you opt to participate in our occasional surveys
• otherwise dealing with any of the Shriram Finance Entities/Subsidiaries
• while applying for career opportunities with Shriram Finance or when onboarding with Shriram Finance for employment purposes
Children Information
We do not knowingly solicit or collect Personal Information from children under the age of 18, and use of our Platform is available only to persons who can form a legally binding contract under the Indian Contract Act, 1872. If you are under the age of 18 years, then you must use the Platform or services under the supervision of your parent, legal guardian, or any responsible adult.
Lawful grounds for processing Personal Information
We will process your personal data in compliance with applicable data privacy laws such as Digital Lending Guidelines, 2025 (as regulated by RBI and amended from time to time), Information Technology Act, 2000, in India by relying on one or more of the following lawful grounds:
Mode of Collecting Information
In order to provide seamless approval and determine instant creditworthiness of customers, we request for certain permissions with explicit consent of the users to complete the signup process which shall be passed on with the lender for relevant onboarding process of the loan, We primarily use your data for the following core purposes critical to our services: (a) verifying your identity and conducting KYC checks; (b) assessing your creditworthiness and loan eligibility; (c) facilitating loan disbursement and repayment; (d) fraud prevention and security; and (e) providing customer support and service-related communications. Secondary purposes include: (f) improving our products and services; (g) analytics and research to understand user behaviour; and (h) for internal business operations and compliance with legal and regulatory obligations. We will not use your personal information for purposes other than those disclosed in this policy without obtaining your renewed and explicit consent.
PERSONAL INFORMATION
The platform collects, accesses, stores KYC information such as ‘Aadhar, PAN, GST and etc.’ to assess the income, track and analyse financial expenses and determine the creditworthiness once during the loan on- boarding journey and offer suitable products. This data is used for the purpose of performing credit risk assessment. The assessment is automated, and the SMS are encrypted. The platform does not analyze any of your personal SMS data. Also, we does not share your SMS with any third party.
How we use this data
For uniquely identify your devices and protect you from fraud; For preventing unauthorised devices from misrepresenting, you or misusing your information; For Enabling Communications Between You and Us; For Legal Compliance and Requirements. In addition to the Information made available to us, we may seek your explicit consent and request onetime access to your SMS/E- mail/Location/Call Logs/Contact. We analyse SMS as suitable to offer best services. We hereby confirm that we do not access any other personal Information on your SMS/ E-mail. Please note this consent is purely voluntary. Upon granting the consent for access to your SMS/E-mail/Location/Call Logs/Contact, if at any time, you wish to deny access to the above-mentioned consent in future you may do so from the settings of your mobile device. In case you withdraw given consents, we assure you that we shall not have any access to your Information
We also do not access your mobile phone resources such as contact list, call logs, telephony functions, and files & media (except as disclosed above in order to enable you to upload documents and selfie image). We do not collect your biometric data.
MOBILE APP
We may collect and use technical data and related information, including but not limited to, technical information about your device, system and application software, and peripherals, that is gathered periodically to facilitate the provision of software updates, product support and other services to you (if any) related to such Mobile Applications. When you use our Mobile Application, the Mobile Application may automatically collect and store some or all of the following information from your mobile device (“Mobile Device Information”), in addition to the Device Information, including without limitation
We also collect certain other information from you on your visit to our Website such as information about your operating system, browser type, the URL of the previous website you visited, list of third- party applications being used by you, your internet service provider and your IP Address (Non- personal Information). This information cannot be easily used to personally identify you. We use Non-personal Information for the purposes including but not limited to troubleshoot connection problems, administer the Website, analyze trends in the market, gather demographic information, to ascertain how our visitors use our Website, including information relating to the frequency of visits to our Website, average length of visits, pages viewed during a visit, ensuring compliance with the applicable law, co-operating with law enforcement activities, etc. This information is used to improve the Website content and performance. You also agree that we may gather usage statistics and usage data from your use of our Website to evaluate your use of our products/services, to improve our products/services, Website content and to ensure that you are complying with the terms of the applicable agreements between you and Shriram Finance Limited and other lending partners. The statistics and data collected may or may not be aggregated. These statistics contain no information that can distinctly identify you.
LOCATION
The platform accesses the current location only once during the loan onboarding journey to verify the location of the borrower and check the availability of our services and approve the application.
How we use this data
For enabling, the access to Services provided on platform; For KYC compliance Requirements.
PHONE
The platform collects the device location of the borrower and phone number information, such as your device hardware model, operating system, and version, unique device identifiers, user profiles, WiFi information, other app usage, and mobile network information only once during loan onboarding journey. The platform assesses these to uniquely identify your devices and protect you from fraud by preventing unauthorised devices from misrepresenting you or misusing your information.
CAMERA
We require one-time camera access to take selfie, scan and capture the required KYC documents thereby allowing us to auto-fill relevant fields. A one-time access can be taken for camera, microphone, location or any other facility necessary for the purpose of on-boarding/KYC requirements only, with the explicit consent of the borrower.
SESSION DATA
Automatically log generic information about your device’s connection to the Internet, which we call “session data”, that is anonymous and not linked to any personal information. Session data consists of information such as the IP address, operating system, type of browser software being used by you and the activities conducted by you on our Website. An IP address is a number that lets device attached to the Internet, such as our web servers, know where to send data back to the user, such as the pages of the site the user wishes to view. We collect session data because it helps us analyze things such as the items visitors are likely to click on most, the manner in which visitors click preferences on our Website, number of visitors surfing to various pages on the Website, time spent by the visitors on our Website and frequency of their visit. It also helps us diagnose problems with our servers and lets us better administer our systems. Although such information does not identify any visitor personally, it is possible to determine from an IP address a visitor’s Internet Service Provider (ISP), and the approximate geographic location of his or her point of connectivity
COOKIES
If enabled, we may place cookies on your machine that store small amounts of data on your computer about your visit to any of the pages of this website. Cookies can identify the pages that are being viewed, and this can assist us in tracking which of our features appeal the most to you and what content you may have viewed on past visits.
These technologies are used in analyzing trends, administering the Site, tracking users' movements around the Site, and to gather demographic information about our user base as a whole. Third-party vendors, including www.google.com ("Google"), may use cookies to serve ads based on your visits to this Website. You may visit the website of the third party and choose to opt-out of the use of cookies for interest- based advertising if the third party offers such an option.
We use cookies on our website to personalize our Service to you. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Site, but your ability to use some features or areas of our Site may be limited. You may refuse to accept cookies by activating the setting on your browser, which allows you to reject the setting of cookies. Unless you have adjusted your browser setting to reject cookies, our system will issue cookies when you log on to the website.
INFORMATION SHARING WITH THIRD PARTIES
We may share certain merchant information with our authorised payment partner solely for the purpose of initiating Aadhaar-based verification processes, such as triggering OTPs and related SMS communications. This sharing is limited to information strictly necessary to complete authentication and is carried out in compliance with applicable data protection and regulatory requirements.
LINK TO THIRD-PARTY SOFTWARE DEVELOPMENT KIT (SDK)
The App has a link to a registered third-party SDK which collects data on our behalf and data is stored to a secured server to perform a variety of services such as analyzing your in-app actions, serving retargeting ads, do location-based targeting on social media accounts, deliver personalized push notifications, perform credit assessment based on your information. We share limited information such as Device IDs, Android IDs, Page status, Location, Workflow events with analytics and marketing service providers who may use it to serve targeted, contextual ads to you. We ensure that our third-party service provider takes extensive security measures in order to protect your Personal Information against loss, misuse or alteration of the data.
We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and once we receive it using secure cryptographic techniques over HTTPS APIs. We use a combination of firewalls, encryption techniques and authentication procedures, among others, to maintain the security of your online session and to protect https://www.shriramfinance.in/(to be replaced with business app link) and “Shriram One for Business” accounts and systems from unauthorized access. However, no Internet website can fully eliminate security risks. We implement cyber security policy for handling all security breaches in compliance with applicable laws and regulations.
Furthermore, our registered third-party service provider provides hosting security – they use industry-leading anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, continuous security alert monitoring and application control solutions.
We do not sell or misuse your data. We do not share your personal identifiable information and Government IDs such as PAN, Aadhaar Card, VID number with these 3rd parties. We also don't allow unauthorized access to your non-public personal contacts or financial transaction SMS data with any 3rd party.
You can find below the detail of partners whom we partner with for providing you with the best of the services,
| Particulars | Partners |
|---|---|
| SMS | Karix |
| OTP sent | |
| Liveliness | Hyperverge - Hyperverge Technologies Private Limited |
| Photo match | Hyperverge - Hyperverge Technologies Private Limited NSDL/KARZA - Perfios Software Solutions Private Limited. |
| Liveliness & Photo match | |
| Penny Drop | |
| Account name match | NSDL/KARZA - Perfios Software Solutions Private Limited. |
| PAN name fetch | Netcore - Netcore Private Limited NSDL - National Securities Depository Limited |
| PAN verification | |
| Company categorization | |
| PAN authentication | |
| GST search | |
| GST authentication | |
| DOB validation | |
| PAN name fetch | |
| PAN verification | Netcore - Netcore Private Limited |
| PAN authentication | NSDL - National Securities Depository Limited Trackwizz - TSS Consultancy Private Limited |
| CKYC | |
| Name Screening | |
| Credit Check | Transunion – Transunion Cibil Limited |
| EKYC | UIDAI - Unique Identification Authority of India |
GOVERNMENT AGENCIES
To verify your creditworthiness and complete the KYC formalities, we request you to enter few government-issued ID numbers such as PAN Number, Aadhaar Card, or Virtual ID (VID) number. This data remains completely safe and secure with us and is never shared with any 3rd party. However, your information is passed to the authorized 3rd party APIs and government websites for you to fill up the information and help us validate your KYC credentials.
Purpose of Collection and use of personal information
We collect and use the minimal financial information and other minimal personal information. This information is collected and used:
The intended purpose of collecting information provided by you is to
Retention of Information
Shriram Finance Limited stores your personal information only at servers located in India additionally we engage with reputable cloud service providers who adhere to stringent security standards and compliance certifications. We shall only retain basic personal information such as your name, your address, your contact information which are required to be stored for carrying out our non-lending services. For other personal information collected as part of our outsourcing services being provided to our Partners, we shall collect such information upon the instructions of the Partners and thereafter transfer the same to the Partners upon the completion of the preliminary onboarding.
Retention of information is done as per this policy and in compliance with applicable law/regulatory requirements in India and as mandated in our arrangements with our business partners to provide services to you, unless such consent is withdrawn by you.
We retain your Information as long as the purpose of its usage exist, after which the same is archived or purged or deleted by us except in case where the retention is required as per Applicable Laws. Further, we inform you that we retain Information even after you withdraw your consent partially or wholly, for longer period of time, when necessary or required to be retained by Us, under various Applicable Laws.
All non-personally identifiable information (non-PII) including SMS will be stored and used for a period of one (1) year. All other data such as name, address, contact details, etc. permitted in pursuant to regulatory guidelines, including DLG and such other data collected for the purpose of onboarding and operational servicing, will be retained for a minimum period of five (5) years.
In general terms, this will mean that your Information will be kept for the duration of our relationship with you and:
Data Destruction Protocol
Disclosure of Personal Information
The personal information collected by the Company shall not be disclosed to any other organization except-
The user authorizes the Company to exchange, share, part with all information related to the details and transaction history of the User to its affiliates/ banks/ financial institutions/ credit bureaus/ agencies/ participation in any telecommunication or electronic clearing networks as may be required by law, customary practice, credit reporting, statistical analysis and credit scoring, verification or risk management or any of the aforesaid purposes and shall hold the Company liable for use or disclosure of this information.
THE POLICY
If you intend to avail a loan by using our platform from our app/website and any of our lending partners, you would be required to provide details like your name, E-mail address, Residential address, Mobile number, PAN number, Aadhaar Card, and other such information In addition to the information explicitly provided by you, we may also automatically collect certain technical and usage data when you access or use our services. This includes, but is not limited to, your IP address, device type, operating system, browser type, unique device identifiers, network information, and details of your interactions with our applications and website, such as pages viewed, features used, and access times. We may also receive information about you from third-party partners, publicly available sources, or other indirect methods, always in accordance with applicable laws and with your consent where required. This may include information for identity verification, fraud prevention, or credit assessment purposes which may be needed to assess your creditworthiness. Wherever possible, we indicate the mandatory and the optional fields. You always have the option to not provide any information by choosing not to use a particular Service or feature on the Platform. You shall be provided with an option to give or deny consent for use of specific data, restrict disclosure to third parties, data retention, revoke consent already granted to collect personal data and if required, make the App delete/ forget the data.
The link of all the third parties / service partners/affiliate(s) used by Shriram Finance Limited, who will collect, store, transfer, and process your Information required for business operation. The list of third parties / service partners/affiliate(s) shall be updated by Shriram Finance Limited from time to time, for your reference. Link: https://www.shriramfinance.in/lending-service-provider.
Data Minimization Principle: We are committed to the principle of data minimization, ensuring that we collect, use, and store only the personal information that is strictly necessary for the purposes outlined in this Privacy Policy. This means we will not collect excessive data, and we will regularly review our data collection practices to ensure they align with this principle. Our processing activities are designed to limit data exposure at every stage, from collection to deletion, thereby enhancing your privacy and reducing potential risks.
The data collected, as stated in this Policy, is solely restricted to the above-mentioned activities and will not be in further used for any other purpose. In case we use the data for any other purpose, explicit consent shall be taken.
We collect and monitor your bank related financial transaction SMS only, to assess the income, track and analyse financial expenses, to perform a credit risk assessment and identify opportunities to serve customer as their other preferences. No personal SMS data is analyzed. All information requested is relevant to create a credit score which helps us in credit decisioning. You may choose not to provide the information requested, however, your credit score may be inaccurate or unavailable for your application as a result. We may use also this information collected from you/your mobile device, to carry out data analytics to improve the user experience, enhance performance, and accomplish desired results. When we use your data to carry out data analytics etc., we generally pseudonymize/ anonymize your data, to uphold your privacy.
No biometric data is stored/ collected in the systems, unless allowed under extant statutory guidelines. Our system comply with various technology standards/ requirements on cybersecurity stipulated by the Reserve Bank of India (“RBI”) and other agencies, or as may be specified from time to time, for undertaking digital lending and the Platform accesses SMS (to assess the income, financial expenses etc), one time location, device and phone number information such as your device hardware model, operating system, and version, unique device identifiers, user profiles, WiFi information, and mobile network information and other app usage, solely for the purpose of onboarding journey.
Access to your registration information, account information, and any other Personal Information you provide is strictly restricted and used only under specific internal procedures and safeguards governing access, to operate, develop or improve the Service. We may also use third-party service providers to help us provide the Service to you, such as sending e-mail messages or SMS on our behalf or hosting and operating a particular feature or functionality of the Service. We require such third parties to maintain the confidentiality of the information we provide to them. If you telephone us, we may also record and monitor calls for quality checks and staff training. Such recordings may also be used to help us combat fraud.
Reasonable Security Practices and Procedures
We keep your data secure
We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and once we receive it. However, no Internet website can fully eliminate security risks. We implement cyber security policy for handling all security breaches in compliance with applicable laws and regulations
We use a combination of firewalls, strong encryption techniques, and authentication procedures that adhere to current industry standards to maintain the safety and security of your data. We employ industry standard security measures to protect your personal information during online sessions, including during transmission and storage and to protect (Website link to provided) and “Shriram One for Business App” accounts and systems from unauthorized access.
In the event of an information security breach, the Company is committed to complying with the guidelines set forth by the Indian Computer Emergency Response Team (CERT-In) & Reserve Bank of India (RBI). This adherence is in accordance with the Company's Incident Management Policy, which outlines the structured approach to be followed when handling such incidents. This approach includes:
The Company's Incident Management Policy is designed to be in full compliance with national laws and regulations regarding cybersecurity and data protection. This ensures not only a rapid and effective response to incidents but also maintains the Company's reputation and the trust of its customers and partners.
Encryption and secure communication
All communications between your computer, tablet, mobile devices and the platform that contain any Personal Information are encrypted. This enables client and server applications to communicate in a way that is designed to prevent eavesdropping, tampering, and message forgery
Login id and password confidentiality
You are responsible for maintaining the security of your Login ID and Password, and may not provide these credentials to any third party. If you believe they have been stolen or been made known to others, you must contact us immediately at below IDs. We are not responsible if someone else accesses your account through Registration Information they have obtained from you or through a violation by you of this Privacy Policy or the Terms of this policy
For any issues and complaints – merchantsupport@shriramfinance.in
You can review and edit your Personal Information at any time by logging in to your account by contacting the Shriram Finance Limited support team on above IDs. If you choose to close your account, your personally identifiable information will not be used by us for any further purposes, nor sold or shared with third parties, except as necessary to prevent fraud and assist law enforcement, as required by law or under this Privacy Policy.
All other information shall be treated as non-confidential and non-proprietary and Shriram Finance Limited shall be under no obligation of any kind concerning such information and shall be free to reproduce, use, disclose, and distribute the information to others without limitation. Additionally, Shriram Finance Limited shall be free to use any ideas, concepts, know-how, or techniques contained in such information for any purpose whatsoever, including, but not limited to, developing or marketing services incorporating such information.
We may share your information with our third-party partners in order to conduct data analysis in order to serve you better and provide Services on our Platform.
We may disclose your information, without prior notice, if we are under a duty to do so in order to comply with any legal obligation or an order from the government and/or a statutory authority, or in order to enforce or apply our terms of use, or assign such information in the course of corporate divestitures, mergers, or to protect the rights, property, or safety of us, our users, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
We will disclose the data/information provided by a User with other technology partners to track how the User interacts with the Platform on our behalf.
We and our affiliates may share your information with another business entity should we (or our assets) merge with, or be acquired by that business entity, or undergo re-organization, amalgamation, or restructuring of business for continuity of business. Should such a transaction occur, any business entity (or the new combined entity) receiving any such information from us shall be bound by this Policy with respect to your information.
We will disclose the information to our third-party technology and credit partners to perform credit checks and credit analysis, such as Credit Bureaus or third-party data source providers.
We will share your information under a confidentiality agreement with the third parties and restrict use of the said Information by third parties only for the purposes as per the said privacy policy. We warrant that there will be no unauthorized disclosure of your information shared with third parties.
By using the Platform, you hereby grant your consent to the Company to share/disclose your Personal Information (i) to the concerned third parties in connection with the Services; and (ii) with the governmental authorities, quasi-governmental authorities, judicial authorities, and quasi-judicial authorities, in accordance with applicable laws of India.
We shall disclose your KYC journey or any data with respect to the same to the relevant regulatory authorities as a part of our statutory audit process. Please note that your Aadhaar number shall never be disclosed.
Further, the data stored on our server shall be utilised only for the purpose and to the extent stated in the policy. In case we use or disclose your information for any purpose not specified above, we will take your explicit consent
Security Precautions
The Platform intends to protect your information and to maintain its accuracy as confirmed by you. We implement reasonable physical, administrative and technical safeguards to help us protect your information from unauthorized access, use and disclosure. For example, we encrypt all information when we transmit over the internet. We also require that our registered third-party service providers protect such information from unauthorized access, use and disclosure.
Our Platform has stringent security measures in place to protect the loss, misuse and alteration of information under control. We endeavour to safeguard and ensure the security of the information provided by you. We use Transport Layer Security (TLS 1.2 and above) based encryption, for the transmission of the information, which is currently the required level of encryption in India as per applicable law.
We blend security at multiple steps within our products with the state-of-the-art technology to ensure our systems maintain strong security measures and the overall data and privacy security design allow us to defend our systems ranging from low hanging issue up to sophisticated attacks.
We aim to protect from unauthorized access, alteration, disclosure or destruction of information we hold, including
We use encryption to keep your data private while in transit;
We offer security feature like an OTP verification to help you protect your account;
We review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems;
We restrict access to Personal Information to our employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations;
Compliance & Cooperation with Regulations and applicable laws:
We regularly review this Privacy Policy and make sure that we process your information in ways that comply with it.
Data transfers:
We ensure that Aadhaar number is not disclosed in any manner.
We or our affiliates maintain your information on servers located in India. Data protection laws vary among countries, with some providing more protection than others. We also comply with certain legal frameworks relating to the transfer of data as mentioned and required under the Information Technology Act, 2000, Digital Lending Guidelines, 2025 (as regulated by RBI), and rules/amendments made thereunder.
When we receive formal written complaints, we respond by contacting the person who made the complaint. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of your data that we cannot resolve with you directly
Your Rights regarding the Data
As a user, you have specific rights concerning your personal information, which you can exercise by contacting us at
For any issues and complaints – merchantsupport@shriramfinance.in
Right to Access
You may request to access your data provided by you (or) processed by us. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Right to rectification
In the event that any personal data provided by you is inaccurate, incomplete or outdated then you shall have the right to provide us with the accurate, complete and up to date data and have us rectify such data at our end immediately. We urge you to ensure that you always provide us with accurate and correct information/data to ensure your use of our Services is uninterrupted.
Others
You are provided with an option to give or deny consent for use of specific data, restrict disclosure to third parties, data retention, revoke consent already granted to collect personal data and if required, make the App delete/forget the data (as defined under the RBI circular dated September 02, 2025 on “Guidelines on Digital Lending”). In case of withdrawal or modification of your consent or your amendment of any of your choices in this regard, we reserve the option not to provide the services or modify the services provided to you for which such information was sought.
Our platform is not intended for use by children and minors. Parents are requested to ensure that personal information is not provided by minors.
CONTACT INFORMATION
In accordance with the relevant provisions of the Information Technology Act, 2000 and Rules and RBI Guidelines on Digital Lending dated Sep 02, 2025, made thereunder, the name and contact details of the Grievance Officer who can be contacted with respect to any complaints or concerns including those pertaining to breach of Shriram Finance Limited Privacy Policy, Terms & Conditions/Terms of Use and other polices or questions are published as under:
Level 1: Registration of your Complaint.
To register your complaint, please mail (merchantsupport@shriramfinance.in). We aim to resolve all your complaints at the earliest possible.
Level 2: Escalate to our Customer Support Centre.
Call our customer support centre at (1800 569 7766). Our customer support aims to resolve all your complaints at the earliest possible.
Level 3: Escalate to our Grievance Redressal / Nodal Officer.
In relation to the extant guidelines as prescribed by the Reserve Bank of India, the details of our Grievance Redressal/Nodal Officer are set out below:
Mail ID : merchantsupport@shriramfinance.in
Mail ID : qrgrievance@shriramfinance.in
REVIEW OF POLICY
The policy will be reviewed at yearly intervals or as and when considered necessary by the Senior Management / Board of the Company.
CHANGES TO PRIVACY STATEMENT AND YOUR DUTY TO INFORM US OF CHANGES:
This Privacy Statement may change or be amended over time. The recent version of this Privacy Statement is published on the Platform, as the case may be.
Please revisit this page periodically to stay aware of any changes to this Privacy Statement. We will notify you of any material changes to this Privacy Statement by publishing the same on our Platform, as applicable. Your continued use of our Services confirms your acceptance of this Privacy Statement, as amended. If you do not agree to the terms and conditions as contained in our Privacy Statement, as amended, you must stop using our Services and notify us.
It is very important that any Personal Information we hold/pass on to our lending partners about you is up to date and correct. Please inform us of any changes to your Personal Information.
OMNIBUS CLAUSE
All extant & future master circular/directions/guidance/guidance notes issued by Regulatory Authorities and other applicable regulations from time to time would be the directing force for the Privacy Policy and will super cede the contents of this policy.