EMERALD – DATA Privacy Policy who is covered by the Privacy Policy?

This policy is applicable to all the existing customers, prospect customers and persons (“User”) who visit the office/branch and/or any ‘Digital Property’ belonging to Emerald Leasing Finance and Investment Company Limited (“Emerald”) and its subsidiary namely, Eclat Net Advisors Private Limited (“Eclat Net”) and 3rd party Loan Service Providers.

The reference made to (i) Emerald in this Policy would mean and include Eclat Net and (ii)the term Digital Property would mean and include website, mobile application and/or any other electronic application.

Your valuable consent: This Privacy Policy explains about the type of information of the User that Emerald collects, its purpose, its salient features etc. as detailed below. By using our website/application and by availing various products/services from Emerald and its subsidiary, User consents to the terms of this Privacy policy (“Privacy Policy”) in addition to the terms of use of mobile application, website and product documents. We encourage User to read this Privacy Policy regarding the collection, use, and disclosure of information by User from time to time to keep itself updated with the changes and updates that we make to this policy.

This Data Privacy Policy is not applicable to independent data held by third-parties, but will continue to be applicable to:
● Personal information collected or processed by third parties on behalf of Emerald, and
● Personal information of third-parties collected by Emerald.

Types of information
This policy is applicable to any information:
a) in the nature of personal / sensitive personal information of the User provided to Emerald,

b) that may be collected by Emerald server from User’s browser, mobile app or mobile
device, including cookies;

c) which may or may not be personally identifiable and/or traffic information; and

d) which may be collected by Emerald, its dealers, agents/agencies/Digital lending partners/Loan service providers, including the server from the User’s browser mobile appor mobile device.

For brevity sake, the above types of information is collectively referred as “Information”
inthis Policy.
Purpose
Information collected from User may be used by Emerald for the following listed
“Purposes”:

a) to provide the User with the services incidental and/or ancillary to the business of Emerald;

b) to promote the products/services of Emerald;

c) for evaluation of the existing Emerald products/services, and/or develop products/services;

d) to render service to User and/or to enhance / improvise the Products/Services.

e) to comply with Applicable Laws / regulations, including credit reporting;

f) for performing KYC of the customer, service provider, user etc.

g) to the extent permitted by Applicable Law / regulations, share or process User’s information in connection with the products / services provided by Emerald and/or any third party.

Salient Features:
a) Emerald respects the privacy of User in accordance with prevailing Law/regulation thatgoverns privacy and always strives to uphold the standards in protecting the same.

b) The Information shall not be shared with any external organization unless the same is necessary to enable Emerald to provide services, meet legal and/or regulatory compliance requirement and/or to enable the completion of a transaction, rendition of services, pursuant to applicable norms/process or pursuant to the terms and conditions applicable to such Information as agreed with Emerald.

c) Emerald may use the Information to enhance the User’s experience and may make
subsequent offers to the User about its products/services.

Cookies
Cookies are small data files that a website stores on your computer/electronic device. While cookies have unique identification nos., personal information (name, a/c no, contactnos. etc.) SHALL NOT be stored on the cookies. Emerald may:

a) use persistent cookies which are permanently placed on User’s computer to store non- personal (Browser, ISP, OS, Clickstream information etc.) and profiling information (age, gender, income etc.);

b) use Information stored in the cookies to improve User experience by throwing up relevant content where possible;

c) use the cookies to store User preferences to ease User’s navigation on the website/electronic/mobile application.

Data Governance and trainings
Securing User Information is of paramount importance to Emerald. Following are some of the initiatives by Emerald to secure privacy of the User’s Information:

a) Emerald has reasonable management, technical and administrative measures in place to protect Information within Emerald.

b) Sound technical controls around Information and underlying systems are in place.

c) Emerald adheres to multiple regulatory and statutory requirements like RBI’s Master Direction for NBFC, Guidelines for Prepaid payment instruments, NPCI guidelines for Data localization, VKYC etc.

d) In all contractual arrangements, we require Emerald employees, third party agencies/loan service providers to comply with appropriate compliance standards including obligations to protect any information and applying appropriate measures for the use and transfer of information.

e) Any acts involving (i) unauthorized usage/ sharing of Information, (ii) breach of security procedures; (iii) usage of Information for unlawful gain (iv) breach of IT policy/procedure; and (v) breach of confidentiality as per employment terms and/or Code of Conduct, shall warrant appropriate disciplinary action as per Company’s Policy.

Service Providers
We may employ third-party service providers and individuals due to the following reasons(not exhaustive):

• To facilitate Emerald’s products/ services;

• To provide the service on behalf of Emerald;

• To perform any ancillary service related to products/services of Emerald;

• To assist Emerald in analysing how the services are used; and

• To assist Emerald in evaluating and improvising our service standards.

• To collect information from credit bureau and publicly available resources.

• To assist in verifying the credit related information from any credit reporting agency or credit bureau to assess the credibility of person.

User is hereby informed that the third-party service provider/agent/agencies will have access to your Information on a need-to-know basis to assist Emerald in rendering serviceand are restricted from using the same for any other reason. The third-party service provider is obligated not to disclose or use the Information for any other purpose.

Security
We value User’s trust in providing Information with Emerald. Hence, Emerald continuously strives to use commercially reasonable efforts in protecting such Information. We store and process personal information in a secured manner. We use reasonable safeguard to preserve the integrity and security of information provided against loss, theft, unauthorized access disclosures, reproduction use or amendment. To achieve the same, we use reasonable security practices and procedure as mandates under applicable laws for the protection of information. Information provided shall be secured on servers within India as per the applicable laws. However, no method of transmission, whether in physical form or over the internet, or method of electronic storage is 100% secure and may be subjected to unintentional risks, due to reasons beyond the control of Emerald.

Responsibility of User
User acknowledges the following:

a) Emerald and/or its employees /assigns will not contact the User directly for disclosure of any sensitive and personal information unless required for the above-mentioned Purposes. Hence, User is solely responsible to exercise proper due diligence to verify the identity of the individual(s) contacting before disclosing any personal and sensitive personal data/ information by reaching out to the Emerald’s nearest branch or Emerald’s official customer care number accessible on its website before making any disclosure.

b) Emerald will not be liable / responsible for any breach of privacy owing to User’s
negligence.

c) User shall only use the official website/links of Emerald for availing product/services by inputting the domain information on the address bar or downloading the authorized App of its Digital Lending Agent.

d) User is completely aware about the potential risk of data/privacy breach and User shall be solely liable for any unauthorized disclosure/ breach personal/ sensitive personal information etc. and any direct/ indirect loss suffered by User due to User’s conduct. Hence, User shall exercise utmost caution to ensure that User’s personal data/ Sensitive personal data (including but not limited to any Passwords, financial information, account details, etc.) are not shared/ stored/ made accessible through: any physical means with or without User’s knowledge (disclosure to any person/ third-party etc.) or through any electronic means, by exercising the following precautions/ safety measures:

(1) User shall always check if “https” appears in any website’s address bar before making any online transaction, to ensure that the webpage is encrypted;

(2) User shall avoid using third- party extensions, plug-ins or add-ons on the/your web browser, as it may result in the risk of tracking or stealing of User’s personal details;

(3) User shall always type the information and not use the auto-fill option on web- browser and mobile apps to prevent the risk of storage of my personal/ sensitive personal information;

(4) User shall NOT access darknet, unauthorized/ suspicious website, suspicious
online platforms, downloading information from unreliable sources;

(5) User shall ensure to disable cookies before accessing any domain/website, to ensure that User’s personal information is not tracked by any third-party, unless otherwise consciously permitted by User by accepting the same, for which, User alone will be responsible for the consequences thereof;

(6) User shall not respond to any generic emails from an unknown/ unidentified source;

(7) User shall check the Privacy Policy of website/ application to know the type of information that may be collected from User and the manner in which it may be processed by the website/ application before accepting/ proceeding/ transaction on any website/ application;

(8) User shall always verify and install authentic web/mobile applications from reliable source on User’s computer/Laptop/tab/ipad/ smart phone or any other electronic device;

(9) User shall NOT access any unidentified weblinks, bitly link or any other electronic links shared over electronic platform (such as email, sms, social media, websites);

Retention of Information
Emerald may retain User’s Information if it is required to provide services or as long as itis required for business purpose. Retention of Information will be as per applicable law/regulatory requirements in India. Information may be retained for an extended period (i) in case of requirement of any investigations under law or as part of any requirement before Courts/ Tribunals/ Forums/ Commissions etc and (ii) to enhance / improvise the products /services of Emerald.

Updating Information
Emerald has defined processes in place to enable the providers of information, as and when requested by them, to review the information they had provided and ensure that any personal information or sensitive personal data or information found to be inaccurate or deficient shall be corrected or amended as feasible. Emerald shall not be responsible for the authenticity of the personal information, sensitive personal data, or information supplied by the provider of information. Emerald is permitted to cross refer/verify the data provided by customers through verification of documents submitted by them as per the process laid out in the ‘AML / KYC Policy’. The said verification may require the information provided by customer be disclosed on government portal or agencies which support in cross verification process and the same is consented by customer.

User hereby grant consent /approval under applicable laws and regulations for using their personal information by emerald.

Emerald is permitted to secure the data of customer as available or shared and take all necessary steps including shift of data in order to abide by due applicable laws of India.

Disclosure
The Information provided may be disclosed to:

1. RBI, SEBI, CIBIL, Credit Bureaus, Credit Rating Agencies, Databanks, KYC Registration Agencies (KRAs), collection partner and other such agencies, solely for the purpose of processing transaction requests for serving user better;

2. Another business entity to carry out any business activity or re-organization, amalgamation, restructuring of business or for any other reason whatsoever;

3. Any actual or proposed assignee, transferee, participant or sub-participant of Emerald;

4. To comply with applicable law, directions from Government agencies mandated under law for prevention and investigation of offences, or to comply with an order issued by a competent court.

5. Any judicial, government or regulatory bodies, statutory authorities, quasi-judicial authorities;

6. Any other banks, NBFCs or financial institutions;

7. Auditors, professional advisors;

8. Any Affiliate, business partners, associate, office of Emerald and to their employees;

9. Any other third-party service providers.

We may share users information with third parties under a confidentiality agreement for provision of Services which inter alia restricts such third parties from further disclosing the information unless such disclosure is for the purpose as detailed under that confidentiality agreement.

Emerald may transfer sensitive personal data or information to any other entity or person located in India that is adhered to by Emerald under the IT Rules of 2011. Transfer of information shall be allowed only if it is necessary for the performance of lawful contract entered into between Emerald or any person on its behalf and the information provider or where the information provider has consented to such transfer. Adequate protection mechanism shall be provided for personal information when it is transferred outside Emerald’s network. Reasonable due diligence activities shall be conducted to ensure that the third party has appropriate security & privacy controls in place prior to sharing of any personal information (including sensitive personal data or information)

Website & links to Other Sites
Emerald’s website/ electronic/mobile application and that of its authorized Digital Lending Partner’s may contain links to other sites. If User clicks on a third-party link, User may be directed to that site. It may be noted that such external sites are not operated by Emerald or its authorized Loan service providers and is beyond the control of Emerald. Therefore, Emerald strongly advises the User to review the privacy terms/policy of such external websites/electronic applications. Emerald has no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Amendment of Privacy Policy
Emerald may amend/update the Privacy Policy from time to time as required under law. Thus, User is advised to review this page periodically for any changes, since any such changes will be effective immediately after they are updated/ posted on this page.

Severability and Exclusion
We have taken every effort to ensure that this Policy adheres with the applicable laws. The invalidity or unenforceability of any part of this Policy shall not prejudice or affect the validity or enforceability of the remainder of this Policy. This Policy does not apply to any information other than the information collected by Emerald. This Policy shall be inapplicable to any unsolicited information user provide us through any means. This includes, but is not limited to, information posted in any public areas. All unsolicited information shall be deemed to be nonconfidential and the Company shall be free to use and/ or disclose such unsolicited information without any limitations.

Governing Law and Dispute Resolution
This Policy shall be governed by and construed in accordance with the laws of India. The courts at Chandigarh, India shall have exclusive jurisdiction in relation to any disputes arising out of or in connection with this Policy.

No Waiver
The rights and remedies available under this Policy may be exercised as often as necessary and are cumulative and not exclusive of rights or remedies provided by law. It may be waived only in writing. Delay in exercising or non- exercise of any such right or remedy does not constitute a waiver of that right or remedy, or any other right or remedy.

Contact Us
In case if user may want to share their concern, we welcome user to easily reachout to us through multiple contact options displayed on https://www.emeraldfin.com/contact/.

Grievance Officer
Emerald has a structured grievance redressal mechanism in practice where all grievances will be attended as per a defined time schedule as mentioned in grievance Redressal policy available at https://www.emeraldfin.com/grievance-redressal-policy/.
Customers can write to us at info@emeraldfin.com or reach out to us on our registered address at SCO Number 7, Industrial Area Phase 2, Chandigarh – 160002.

Grievance Officer Details:
Name: Ajay Tiwari
Email ID: info@emeraldfin.com Phone Number: 9915571659