Uniorbit Technologies Private Limited (“Uni”) is committed to protecting your privacy. This Privacy Notice (“Notice”) describes how Uni collects, uses, discloses and otherwise processes information about you in connection with our business, including the provision of our websites at https://www.uni.cards/ and any other websites, digital platforms, apps operated by Uni (“Website”), and the UniServices.
By using our Website/app or signing up for the Uni Services, or directly or indirectly interacting with Uni in any capacity, you consent to the processing, storage, usage, and sharing of the data provided by you pursuant to the terms of this Notice. We encourage you to read this Privacy Notice from time to time and to keep yourself updated with any changes that we make to this Notice. If you do not agree with any part of this Notice, please stop using our services immediately.
Where this Privacy Notice refers to “Uni”, “we”, “us, “our”, this means one or more of the particular Group Companies that provide the particular Website, mobile application, newsletter or Uni Services to you, recruits you, uses testimonials from you, sends marketing communications to you, hosts an event you visit, or organizes a program in which you participate.
This Notice only applies to the use of your Personal Data by us or on our behalf. It does not apply to Personal Data collected by third parties during your communications/dealings with those third parties or your use of their products or services.
Website and app visitors: If you browse our Website or use our app, we may log certain information such as your IP address, browser type, mobile operating system, manufacturer, model of your mobile device, geolocation, preferred language, access time, and time spent. We will also collect information about the pages you view within our sites and other actions you take while visiting our Website/app.
Uni Services: We collect information including name, email ID, phone number, address, gender, date of birth, username, password and other registration information required for provision of the Uni Services.
We may also collect transaction level information including details of purchases, loans used, payment methods, etc., which are related to the Uni Services. We may also request a one-time access to your camera, microphone, location, etc. for the provision of some Uni Services. However, Uni does not collect or store biometric data in the Uni app. The Uni app shall not access mobile phone resources such as file and media, contact list, call logs, telephony functions, etc. in its role as a digital lending application or lending service provider to banks and NBFC’s. Uni shall also not process any transactional data in its role as a co-brand partner for banks and NBFC’s.Third Parties: We collect information required by the lenders, co-brand card partners, merchants or other third parties for providing their products/ services to you. This information includes your KYC data like identity proof or address proof, gender or bank account information. We may also collect your PAN Card information, Aadhaar Card information, financial information such as employer name, monthly salary, bank statements, credit information, GST information, and copies of identification documents which may be required by such third parties for the onboarding of your application to avail any services.
Visitors to our Offices: If you visit our office, we may process Personal Data about you that you volunteer in connection with your visit and any enquiries you make. For example, you may volunteer Personal Data when signing in as a guest. CCTV footage may also be collected for security purposes.
Job applicants: If you apply for a job with us, whether through our Website or otherwise, we will collect, process and store your Personal Data in connection with your application.
Shareholders: If you are a shareholder of our group companies, we will process your Personal Data in relation to your investment and for our reporting obligations.
Grievance related information on any complaints or queries raised by you to our support or grievance team.
We also make available a rewards store platform where individuals can procure products/services from third parties (the “Sellers”). If you share Personal Data with the Sellers, this will be governed by the privacy statement of the relevant Seller and not this Privacy Notice.
We collect and process your Personal Data for the following purposes:
| Purpose | Description |
|---|---|
Providing Uni Services | We process your Personal Data to perform our contract with you for the provision of Uni Services including:
|
Providing and improving our websites (including our social media pages) | We process your information to operate and administer our websites, to provide you with the content you access and request and to analyze overall trends and help us improve the user experience on our websites and our apps. |
Promoting the security of our websites | We process your Personal Data by tracking use of our websites and verifying and investigating activity. |
Displaying personalized advertisements and content. | We process your Personal Data to conduct market research, advertise to you, provide personalized information about us on and off our websites and to provide other personalized content based upon your activities and interests while using the Uni Services. |
Registering visitors | We may process your Personal Data if you visit our offices including registration information and associated information, for security reasons. |
Managing event registrations and attendance | We may process your Personal Data to plan and host events or webinars for which you have registered or that you attend including sending related communications to you provided you have consented to the same. |
Sending communications | Subject to explicit and prior consent from you, we process your Personal Data to send you marketing information, product recommendations and other communications (e.g., marketing newsletters, telemarketing calls, SMS or push notifications, information about our products, news or events) about us, our Group Companies and partners. |
Handling customer and user support requests | We use the information we collect (including recordings of customer support calls) to assist you when you contact our customer support services to investigate and resolve your queries, monitor and improve our customer support responses. |
Providing personalized interactions | We process your Personal Data to customize our interactions with you. |
Managing our customer and user accounts | We process your information to manage customer and user accounts for customer correspondence and customer relationship management. |
Preparing internal reports and business modeling | We may process your information (including usage data) for internal reporting and business modeling purposes (e.g., forecasting, revenue, capacity planning, product strategy). |
Managing compensation for employees | We may process your Personal Data (including your usage data) for the purposes of determining compensation for employees including for determining commissions. |
Undertaking financial reporting | We may process your Personal Data (including your usage data) for the purposes of financial reporting. |
Aggregating data | We may process your Personal Data (including your usage data) for the purposes of aggregating this information to ensure that it is no longer identifying you. |
Managing, and participating in, webinars, contests, programs, training, certifications or promotions | We may process your Personal Data upon prior consent if you are eligible for a webinar, contest, promotion, training, certification or a program. |
Managing payments | If you have provided payment information to us, we process your Personal Data to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you. |
Administering surveys and conducting research | We may process your information in order to meet the goals set out in surveys or research as well as to analyze our compliance with internal policies and improve our services. |
Complying with legal obligations | We process your Personal when cooperating with public and government authorities, courts, or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights. |
If we need to collect and process Personal Data by law, or under a contract we have executed with you and you do not consent to provide the required Personal Data when requested, we may not be able to perform our contract with you and certain features of the Uni Services may be restricted, unavailable or unusable if you choose not to provide certain information.
We are committed to keeping all financial information you share, if any, safe at all times and ensure that such data/information is only transacted over secure sites which are digitally encrypted and provide a reasonable degree of care available. Uni will not use your financial information for any purpose other than to provide the Uni Services.
When processing your Personal Data, we may need to share it with third parties (including other entities within our Group Companies), as set out below. This list is non-exhaustive and there may be circumstances where we need to share Personal Data with other third parties:
With third parties providing our customers with the Uni Service(s) like regulated entities including Banks, Non-Banking Financial Companies, etc.
With third party service providers providing us with services such as IT and system administration and hosting, research and analytics, marketing, events planning, customer support, SMS and call recording and data enrichment, anti-spamming and anti-phishing services or for them to reach out to you on our behalf.
With third party payment processors who may process your payment information for Uni.
With third-party service providers that are assisting us with the operation and administration of events and with sponsors of contests for which you register. If we are running an event in partnership with other organizations, we will share your Personal Data with such organizations for use in relation to the event.
With external recruiters, and related organizations such as third-party providers, that undertake employee background checks on our behalf and on behalf of other entities within our Group Companies.
In individual instances, we may share your Personal Data with professional advisers acting as service providers - including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share your Personal Data.
Law enforcement or other government and regulatory agencies and bodies or other third parties as required by, and in accordance with, applicable law or regulation.
With Group Companies within the Uni corporate group and companies that we acquire in the future after they are made part of the Uni corporate group, to the extent such sharing of data is necessary to fulfil a request you have submitted via our websites or for care and customer support, sourcing, sales management, marketing, technical operations, account management purposes and other support services.
If we are involved in a merger, reorganization, or other fundamental corporate change with a third party or sell/buy a business unit to/from a third party, or if all or a portion of our business, assets or stock are acquired by a third party, with such third party including at the due diligence stage.
With Sub-Processors we use to assist Uni in providing our customers with the Uni Service(s). The list of Sub-Processors is given below under Annex-I. This list may be updated from time to time.
Other third parties - Occasionally, we may receive requests from third parties with authority to obtain disclosure of Personal Data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, or to establish, exercise or defend legal rights. We will only fulfil requests for Personal Data where we are required to do so in accordance with applicable law or regulation.
Where necessary (such as when we transfer data to service providers/Sub-Processors) we put in place appropriate contractual arrangements and security mechanisms to protect the Personal Data shared and to comply with our data protection, confidentiality and security standards and obligations. Further details can be provided upon request.
Non-personally identifiable information is information that does not identify a specific end user. This type of information may include things like the URL of the website you visited before coming to our Website, the URL of the website you visit after leaving our Website, the type of browser you are using and your Internet Protocol address, etc. Such information may be used by us or our partners to analyse trends and gather demographic information, etc.
We use data collection devices such as “cookies”, etc. on certain parts of the app and Website to help analyse the Uni Services, user interaction with the mobile application, measure promotional effectiveness, and promote trust and safety. For the sake of clarity, “cookies” are small files placed on your device hard-drive/storage that assist us in providing the Uni Services.
Our websites and the Uni Services are not directed at minors. We do not knowingly collect Personal Data for children under the age of 18 unless we have obtained consent from a parent or guardian, or such collection is subject to a separate agreement with us or the visit by a child is unsolicited or incidental. If you believe we have mistakenly or unintentionally collected Personal Data of a minor without appropriate consent, please contact us by using the information in Section 12 below and we will take steps to delete their Personal Data from our systems.
We may retain your Personal Data for a period of time consistent with the original purpose of collection (see Section 1 above) or as long as required to fulfill our legal or business obligations or as prescribed by a regulatory body including the Reserve Bank of India and the Securities and Exchange Board of India. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data and on the basis of applicable legal requirements.
After expiry of the applicable retention periods, your Personal Data will be deleted. Note that we may retain certain information if necessary for our own legitimate business interests such as fraud prevention and enhancing users’ safety and security or to fulfil our legal and contractual obligations and compliance requirements. For more information on data retention periods, please contact us by using the information in Section 12 below.
You may have certain rights relating to your Personal Data. These rights may include the right to:
Manage, review or withdraw your consent;
Access your Personal Data held by us;
Know more about how we process your Personal Data;
Know about the identities of the Data Fiduciaries with whom the Personal data has been shared along with the categories of personal data so shared;
Rectify inaccurate Personal Data and ensure it is updated and complete;
Erase or delete your Personal Data unless retention is required under applicable law; and
Withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.
To exercise any of the abovementioned rights, you may contact us using the information in Section 12 below.
We use appropriate technical and organizational measures as per prevalent industry standards to protect the Personal Data that we collect and process. We have implemented information security policies, rules and technical measures to protect the Personal Data under our control from unauthorized access, improper use or disclosure, unauthorized modification and unlawful destruction or accidental loss. In addition, all our employees and data processors (i.e., those who process your Personal Data on our behalf) are obliged to respect the confidentiality of the Personal Data of all users of our Website and those who use the Uni Services. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data.
While information security risks are always evolving, so are the controls. The controls, so implemented, are periodically reviewed as part of internal and external audits. If you have questions about the security of your Personal Data, please contact us using the details in Section 12.
Note that we are not liable for any third-party breaches to the security of your information.
All our customer data securely resides inside on one or more data centres located within India.
Our Website or applications may have links to third-party websites/apps. Your use of these features may result in the collection, processing or sharing of information about you by such third parties, depending on the feature. We are not aware of the practices of such third parties and will not be responsible for any processing by such third parties of your data.
We may update this Privacy Notice from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. If we do, we will update the “effective date” at the top. If we make a material update, we may provide you with a notice such as by posting a notice on our website or apps or by contacting you directly, or where required under applicable law and feasible, seek your consent to these changes.
We encourage you to periodically review this Privacy Notice to stay informed about our collection, processing and sharing of your Personal Data.
If you have a concern about any aspect of our privacy practices, including the way we have handled your Personal Data, please contact us using the details below:
Grievance Redressal Officer: Danish Mizra
Email Id: gro@uni.club
Phone Number: 080 6821 6821
You may also write to care@uni.club in case of any issues.
For any grievances related to consent or to withdraw your consent please reach out to care@uni.club
“Personal Data” means any data about an individual who is identifiable by or in relation to such data.
“Group Companies” means, with respect to a Uni entity, any entity that directly or indirectly controls, is controlled by, or is under common control with such Uni entity, whereby “control” (including, with correlative meaning, the terms “controlled by” and “under common control”) means the possession, directly or indirectly, of the power to direct, or cause the direction of the management and policies of such person, whether through the ownership of voting securities, by contract, or otherwise.
“Uni Services” means the defined Services under Uni’s Terms and Conditions
“Sub-Processor” means third-party businesses engaged by Uni for performing personal data processing on its behalf.
“Data Fiduciary(ies)” means any person who alone or in conjunction with other persons determines the purpose and means of processing of personal data.
| Vendor Name | Purpose |
|---|---|
Razorpay | Payment gateway |
Amazon Web Services | Cloud services |
Setu | Bank account verification |
Cashfree | Payment Gateway |
YM | Communications |
Moengage | Marketing campaigns |
Freshdesk | Care management tool |
CRIF |
|
CIBIL |
|
Hyperverge |
|
Gupshup | SMS Service |
Karza | PAN and address validation |
PayU | Risk underwriting |
Bureauld | Internet Binding, Phone and Email Intelligence |
Delhivery | Logistics |
Mongo DB | Database service provider |
Poweredge Analytics and Services Private Limited | Technology Service Provider |
Ongrid | Physical Verification |
Karix | RCS Messaging |
