Privacy Policy

Last modified: January 15, 2025

Introduction

At Finalan, we are committed to protecting your privacy and ensuring the security of your personal and financial information. This Privacy Policy explains how we collect, use, share, and protect information when you use our software solutions designed for Microfinance Institutions and Society Banks.

Contact Information:
Email: privacy@finalan.com
Phone: [Your Phone Number]
Address: [Your Business Address]

This policy applies to all information collected through our software platform, website, and related services. By using our services, you consent to the practices described in this policy.

Information We Collect

Personal Information:

  • Name, email address, phone number, and business contact details
  • Job title, department, and organizational information
  • Login credentials and user account information
  • Communication preferences and language settings

Financial Information:

  • Bank account details and transaction records
  • Loan application and approval data
  • Credit scores and financial assessments
  • Payment history and transaction patterns
  • Financial statements and regulatory reports

Identity Verification Data:

  • Government-issued identification documents
  • Know Your Customer (KYC) documentation
  • Address verification documents
  • Biometric data (where legally permitted and necessary)

Technical Information:

  • IP addresses, device identifiers, and browser information
  • Usage patterns, session logs, and system access records
  • Software version information and configuration data
  • Error logs and performance metrics
How We Use Your Information

Service Provision:

  • Providing and maintaining our software platform
  • Processing financial transactions and loan applications
  • Generating reports and analytics for your institution
  • Providing customer support and technical assistance

Compliance and Security:

  • Complying with Anti-Money Laundering (AML) regulations
  • Conducting Know Your Customer (KYC) verification
  • Fraud detection and prevention
  • Risk assessment and management
  • Regulatory reporting and audit requirements

Business Operations:

  • Improving our software and services
  • Conducting system maintenance and updates
  • Training and quality assurance
  • Research and development of new features
Information Sharing and Disclosure

We may share your information in the following circumstances:

Regulatory Authorities:

  • Central banks and financial regulatory bodies
  • Tax authorities and government agencies
  • Law enforcement agencies (when legally required)
  • Audit and compliance authorities

Business Partners:

  • Banking partners for transaction processing
  • Credit bureaus for credit assessment
  • Payment processors and financial service providers
  • Technology vendors (under strict data processing agreements)

Legal Requirements:

  • Court orders and legal proceedings
  • Anti-money laundering investigations
  • Fraud prevention and detection
  • Protection of our rights and property

With Your Consent: We may share information for other purposes with your explicit consent.

Data Security Measures

We implement comprehensive security measures to protect your information:

Technical Safeguards:

  • End-to-end encryption for data transmission and storage
  • Multi-factor authentication and access controls
  • Regular security audits and vulnerability assessments
  • Secure data centers with 24/7 monitoring
  • Data backup and disaster recovery procedures

Administrative Safeguards:

  • Employee background checks and security training
  • Role-based access controls and principle of least privilege
  • Regular security awareness training
  • Incident response and breach notification procedures

Physical Safeguards:

  • Secure data center facilities
  • Controlled access to server rooms
  • Environmental controls and monitoring
  • Equipment disposal and destruction protocols
Your Privacy Rights

You have the following rights regarding your personal information:

Access Rights:

  • Request access to your personal information
  • Obtain copies of data we hold about you
  • Understand how your data is being processed

Correction Rights:

  • Request correction of inaccurate information
  • Update your personal and contact details
  • Modify your communication preferences

Deletion Rights:

  • Request deletion of your personal information (subject to regulatory requirements)
  • Account closure and data removal
  • Right to be forgotten (where applicable)

Portability Rights:

  • Request data in a portable format
  • Transfer data to another service provider

Note: Some rights may be limited by regulatory requirements that mandate data retention for financial institutions.

Data Retention

We retain your information as follows:

Active Account Data: While your account is active and for the duration of our business relationship.

Financial Records: As required by applicable financial regulations, typically 5-7 years after account closure or transaction completion.

Compliance Data: KYC and AML data retained as required by regulatory authorities.

Technical Logs: System logs and security data retained for 12-24 months for security and audit purposes.

Marketing Data: Until you withdraw consent or we determine it's no longer necessary.

Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience:

Essential Cookies:

  • Authentication and session management
  • Security and fraud prevention
  • System functionality and navigation

Analytics Cookies:

  • Usage statistics and performance monitoring
  • Feature usage analysis
  • System optimization data

Preference Cookies:

  • Language and regional settings
  • User interface preferences
  • Accessibility settings

You can control cookie settings through your browser, but disabling essential cookies may affect system functionality.

International Data Transfers

If we transfer your data internationally, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses
  • Binding corporate rules
  • Certification schemes
Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will notify you of material changes through:

  • Email notification to registered users
  • Prominent notice on our website
  • In-app notifications
Compliance with Regulations

This policy is designed to comply with applicable privacy and data protection laws, including:

  • General Data Protection Regulation (GDPR)
  • Local data protection and privacy laws
  • Financial sector regulations
  • Cross-border data transfer requirements
Contact Information

For privacy-related questions, concerns, or requests, please contact us:

Privacy Officer:
Email: privacy@eadmin.co.in
Phone: (+91) 98009 09899
Address: Bethuadahri, Near Bethuadahri BDO Office, Nakashipara, Nadia, West Bengal, India pin-741126

Response Time: We will respond to your privacy requests within 30 days or as required by applicable law.

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.