PRIVACY POLICY
This is Privacy Policy outlines Capri Global Capital Ltd’s approach to processing customer data.
At Capri Global Capital Limited (“CGCL”). We understand the significance of your personal data and process the same in a responsible manner. We urge you to go through this Privacy Policy Attentively.
Who is covered by the Privacy Policy?
This policy is applicable to all the existing customers and persons(“User”) who visit the office/ branch and /or any “Digital Platform” belonging to CGCL and its subsidiaries namely Capri Global Housing Finance Limited (CGHFL) which offer financial services such as Secured & Unsecured loans, Home Loans, MSME Loans, Gold Loans and Construction finance and insurance services (“Financial Services”). If you are below 18 years of age, then you are expected view our services on digital platforms under the supervision and guidance of your natural guardian parents or legal guardians.
The reference made to Capri Global in this policy would mean and include both CGCL, CGHFL and other group companies and term digital platform would mean and include website, mobile application, and/or any other digital applications.
This Privacy Policy explains the type of information of the User that Capri Group consents, collects data, its purpose, usage of data, security, retention and transfer, responsibility of user etc. as detailed below. We encourage User to read this Privacy Policy regarding the collection, use and disclosure of information by User from time to time to keep himself/herself updated with the changes and updates that we make in this policy.
We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.
A] Consent of Users:
By using our website, digital application, affiliates digital platform to avail various financial products and services from Capri Global, User consents to:
a. The terms of this Privacy Policy in addition to the terms of use of mobile application, website and products terms and conditions
b. Collection of data in connection with availing loans and/or affiliates insurance products etc. facilitates by Capri Global
c. Consent for collection of data in connection with Aadhar based authentication (Aadhar ekyc) or verification (Aadhar OKYC) facility provided by unique identification authority of India" UIDAI", to check/verify/download/obtain/upload/update KYC details from/with the central KYC registry (CERSAI), collection of data from Digi locker provided by MeiTY(Ministry of Electronics and information Technology)
d. Communications relating to marketing and business promotions.
e. Storage of data as per Company's policy in addition to regulatory and legal requirements.
f. Consent for E-Mandate Registration with e-Signature.
B] Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.
C] Definitions
For the purposes of this Privacy Policy:
Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Application means the software program provided by Capri Global downloaded by You on any electronic device (referred to as either “Capri Global”, “We”, “Us” or “Our” in this Agreement)
Country refers to: India
Device means any device that can access the Service such as a computer, a cell phone/mobile phone or a digital tablet.
Personal Data is any information that relates to an identified or identifiable individual.
Service refers to the Application.
Service Provider means any natural or legal person who processes the data on behalf of Capri Global It refers to third-party companies or individuals employed by Capri Global to facilitate the Service, to provide the Service on behalf of Capri Global, to perform services related to the Service or to assist Capri Global in analysing how the Service is used.
Third-party social media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
Usage Data refers to data collected automatically, either generated using the Service or from the Service infrastructure itself (for example, the duration of a page visit).
You means the individual accessing or using the Service, or Capri Global , or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.
D] Collecting and Using Your Personal Data
1] Types of Data Collected Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include regarding name, addresses, telephone number, email addresses, income, liabilities, passport number, Aadhaar No. PAN card No., mobile number, Email Id, Photograph/image, bank account details including details linked to credit/debit payment instruments, information about credit score, GST number, Digi locker, earlier loans details and their track record and any personal details that may have been voluntarily provided by the customer, but is not limited to the India data protection rules specific. For brevity’s sake, the above type of information is collectively referred to as “Information” in this policy.
2] Data automatically collected through device
Usage Data is collected automatically when using the Service.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
3] Information Collected While Using the Application on Mobile, Electronic Device:
If User accesses Mobile App, Website, Software and Digital platform of available on internet, Capri Global may require certain device permissions to provide the User certain functionalities within Capri Global application in accordance with prevailing law/regulation. This further allows the User a seamless experience on Capri Global software/application.
User needs to give permission of device to such application and software of Capri Global
| Sr No | Permission | Description | Purpose |
|---|---|---|---|
| 1 | Location | Allows app to access your location | Customer KYC, Fraud Prevention & Analysis |
| 2 | Contacts | Grants access to your contacts | UPI and wallet Services |
| 3 | Photos/Images | Allows app to access your photos, images and videos | UPI payments via QR code |
| 4 | Camera | Allows app to use your camera | UPI payments via QR code |
| 5 | Microphone | Grants access to your microphone | Voice Search |
| 6 | Notifications | Allows app to send you notifications | Transactional and promotional communication |
| 7 | Files, Media and storage | Allows to access your files | Servicing customer to download product documents |
| 8 | Phone | Make and mange phone calls | SIM binding for app security, UPI Registration |
| 9 | SMS | Send and view SMS | Transactional and promotional communication |
a) User has sole right and discretion to provide or withdraw permissions of access by managing device settings. User can raise a request to erase app data and within specific timeline it will be erased by the Capri Global.
b) Non-financial messages will not be accessed or stored.
c) Your data will be used solely for financial analysis, credit assessments, and fraud prevention purposes.
d) This data will be stored in an encrypted format and can be deleted based on personal request using support.
e) Your messages will be periodically purged every 28 days.
f) We comply with all relevant data protection regulations to ensure the confidentiality and security of your data as per Government of India rules.
g) We do not store/ collect your biometric data, unless allowed under extant statutory guidelines.
E] Use of Your Personal Data
The Company may use Personal Data for the following purposes
Information collected from User may be used by Capri Global for the following listed “ Purpose”:
a.) To provide the User with the services incidental and/or ancillary to the business of Capri Global
b.) To promote the products/services of Capri Global
c.) For evaluation of the existing Capri Global products/services and new products/services
d.) To render service to User, to receive feedback from User to improve products/services
e.) To comply with Applicable Law/regulation, including sharing credit reporting
f.) To the extent permitted by the terms of an agreement/applicable law/ regulations, share or process User’s information in connection with the products/services provided by Capri Global or with affiliated with other third parties products
g.) To advertise exclusive offers, promotions, customized search results and location-based service related to financial products or services
h.) To automatically populate third-party when you click on advertisements within app/website.
i.) To provide and maintain our Service, including monitoring the usage of our Service.
j.) To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
k.) For the performance of a contract: Â the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
l.) To contact You:  To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
m. ) To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
n.) To manage Your requests: To attend and manage Your requests to Us.
o.) For business transfers: Â We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
p.) For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.
q. ) We may share Your personal information in the following situations:
r. ) With Service Providers: Â We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You.
s. ) For business transfers: Â We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of assets, financing, or acquisition of all or a portion of Our business to another.
t. ) With Affiliates: Â We may share Your information with Our affiliates; in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
u. ) With business partners: Â We may share Your information with Our business partners to offer You certain products, services or promotions.
v. ) With other users: Â when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, your contacts on the Third-Party social media Service may see Your name, profile, pictures and description of Your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your profile.
w. ) With Your consent: We may disclose Your personal information for any other purpose with Your consent.
F] Security of Your Personal Data
Securing User’s information is of paramount importance to Capri Global and it take initiatives to secure privacy of the User information in following manner:
1. Capri Global implements various reasonable management, technical and administrative measures to safeguard internal information with sound technical controls to secure the underlying systems.
2. Alongside conducting periodic internal and external audits of systems, Capri Global adheres to multiple regulatory and statutory obligations. We also comply with information security certification.
3. Capri Global has in place controls such as data discovery which ensures that personal data of User is tracked across all its assets and security of such data is ensured using data encryption and masking methodologies. Further, we have implanted access controls across all our data assets to ensure that employees have access to limited data and only on need-to-know basis.
4. Capri Global has implemented information security tools such DLP and SOC solutions which help prevent the leakage of data a outside its environment and monitor network across servers to ensure threats to User’s data are mitigated.
5. Capri Global has a robust IT infrastructure support mechanism that ensures all systems are updated to the latest system and security patches.
In all contractual arrangements, Capri Global ensures compliance with appropriate standards from third party agencies/service providers with obligations to protect any information and apply appropriate measures regarding its use and transfer. Any acts involving unauthorised usage and sharing of information, breach of security procedures, usage of information of unlawful gain, or breach of confidentiality Capri Global warrants penalty as per clauses agreement executed between the Capri Global and such third-party service provider.
The security of your Personal Data is important to us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure or error free. While We strive to use commercially acceptable means to protect Your Personal Data, we cannot guarantee its absolute security.
G] Data Storage, Handling, Transfer, Retention and Destruction of Your Personal Data
| Sr No | Kind of Information | Retention Period |
|---|---|---|
| 1 | KYC Documents (identity and address proof and account opening form) | During the tenure of relation and act least five years after cessation of the relationship |
| 2 | Loan Files containing documents like application form income documents, agreements etc collected at the time of opening account and thereafter in respect of closed account | During the tenure of relationship and 5 years from closure of loan and financial product |
| 3 | Customer walk-in complaint/suggestion register | 3 years |
| 4 | All necessary records of transactions between Capri Global and User both domestic and international | 5 years from the date of transaction |
| 5 | Deceased Constituents A/c (death Certificates, affidavits letters of disclaimer, succession Certificate Copies and other related correspondence | 8 years |
Capri Global ensures that access to User data is sufficiently restricted using access a controls and industry standard encryption algorithms. Further, Capri Global has in place a robust incident management system along with a practice incident response posture. If retaining Customer information is no longer necessary, we make every effort to securely destroy or deals it as per applicable regulations.
i. Handling by Service Provider
We may employ third party service providers and individuals due to the following purposes:
1. To facilitate Capri Global products services
2. To provide the service on behalf of Capri Global
3. To perform any ancillary service related to product/service of Capri Global
4. To assist Capri Global in analysing how the services are used
5. To assist Capri Global in evaluating and improvising the services standards
User is hereby informed that the third-party service provider/agent/ agencies will have access to your information on a need-to-know basis to assist Capri Global in rendering service and are restricted from using the same for any other reason rather than specified during data collection. The third-party service provider is obligated not to disclose or use the information for any other purpose than mentioned in the service agreement executed between Capri Global and such Service provider.
ii. Transfer of Your Personal Data
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located.
In any case, the data is stored only in servers located within India. Further, in case the data is processed outside India, the same shall be deleted from servers outside India and brought back to India within 24 hours of processing.
Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.
The will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.
H] Responsibility of User :
User Acknowledges following:
a. Capri Global and its employees/assignees will not contract the User directly or indirectly to disclose of any personal information unless required for the abovementioned purposes. Hence, User is solely responsible to exercise proper due-diligence to verify the identity of the individual(s) contacting before disclosing any personal data/information by reaching out to the Capri Global official customer care number accessible on Capri Global its website before making any disclosure.
b. Capri Global will not be liable/responsible for any breach of privacy owing to User’s negligence
c. User shall only use the official website/links/ apps of Capri Global for availing product/services by inputting the domain information on the address bar
d. User is completely aware about the potential risk of data/privacy breach and User shall be solely responsible for unauthorized disclosure/breach of personal data and direct or indirect loss suffered by User due to Users conduct. Hence, User shall exercise utmost caution to ensure that User’s personal data (including but not limited to any passwords, financial information, account details etc) are not shared/stored/ made accessible through any physical means with or without User’s knowledge (disclosure to any person/third-party etc) or through any electronic means by exercising the following precaution/safety measures:
1. User shall always check if “https” appears in any websites’ address bar before making any online transaction to ensure that the webpage is encrypted.
2. User shall avoid using third-party extensions, plug-ins or add-ons on the web browser, as it may result in the risk of tracking or stealing of user’s personal details
3. User shall always type the information and not use the auto-fill option on web-browser
4. User shall not access darknet, au authorised/suspicious/malicious website suspicious online platform, downloading information from unreliable sources
5. User shall disable cookies before accessing any domain/website to ensure that User’s personal information is not tracked by any third party, unless otherwise consciously permitted by the User by accepting the same, for which User alone will be responsible for the consequences thereof
6. User shall not respond to any generic emails from an unknown/unidentified source.
7. User shall check privacy policy of the Website/Application before accepting/ proceeding/transaction on any website/application/software
8. User shall always verify and install authentic web. Mobile application from reliable sources on user’s computer /laptop/tablet/iPad/smart phone or any other electronic device
9. User shall not access any unidentified weblinks or any other electronic links shared over electronic platform (such as email, sms, social media, websites, apps etc)
10. Capri Global Service may contain links to other websites that are not operated by Us. If You click on a third-party link, you will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services
I] Disclosure of Your Personal Data
Business Transactions
If the Capri Global is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred.
Law Enforcement
Under certain circumstances, Capri Global may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities / Statutory obligations(e.g., a court or a government agency).
Other Legal Requirements
Capri Global may disclose Your Personal Data in the good faith belief that such action is necessary to:
Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on
Contact Us
If you have any questions about this Privacy Policy, You can contact us: