Collection of Personal Information
Most features of the Website/Mobile App would require registration, which may require you to provide your details such as an email address, a password and other information.
In case you avail the services you would be required to provide Personal Information like your Name, PAN, Bank Account Number ["KYC/ KYD information"] at the time of registration /activation of such services/ facility. Such KYC information shall be used/shared/maintained/accessed/stored with/by third party technology service provider/main distributor/AMCs/RTAs/authorised service providers in order to enable/ facilitate/ complete/ process the services and report generation.
From time to time, the Website/Mobile App may also request other Personal Information to provide you with other benefits of the Services. On all such occasions, you will have the opportunity to provide or to decline to provide that Personal Information, unless specified otherwise.
In order to benefit from the full functionality of the services, you would need to provide your Account Credentials to allow the Website/ Mobile App, to provide Account Aggregator Services and Offer/deals/cash back/discounts and related curation services to access your account data from the financial institutions/ service providers where your accounts are maintained, so that you can use/see consolidated view of various Accounts and avail the offer/deals/cash back/discounts on your various linked and non linked Credit Cards. All such Account Credentials and data collected from such Accounts are stored by our Third Party service provider, Yodlee, in their highly secured servers. The section "Your data is secure" describes the various security mechanisms followed.
Use of Personal Information
The Website/ Mobile App uses and discloses your Personal Information only as follows:
1.) To fulfill / complete your requests for products and services offered, or subscribed or availed by you on the Website/Mobile App.
2.) To deliver to you any administrative notices, money alerts, advice, notifications and communications relevant to your use of the Services.
3.) To analyze Website/Mobile App usage and improve the services offered.
4.) For market research, project planning, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity.
5.) To Third Party Service Providers that provide services to O2O and are bound by these same privacy restrictions.
6.) To improve features, tailor the Website/Mobile App to your interests, and to get in touch with you whenever necessary.
7.) To enable payments to you in the form of commissions, marketing support services, and/ or business support services, among others.
For any of these purposes, we may use group companies / affiliates, third party vendors, agents, contractors, consultants or service providers (individually a â€˜Third Party Service Providerâ€™ and collectively, the "Third Party Service Providers") We may also use them to help us in providing the features of the Website/Mobile App, such as sending email messages on our behalf, collecting fees for such services, and notifying or contacting you regarding any problem with such Services or hosting and operating a particular feature or functionality. Such Third Party Service Providers are bound by privacy restrictions which are similar to the restrictions mentioned in this Policy.
Sharing and disclosure of Personal Information
We will not sale, rent, trade or disclose your Personal Information with any affiliated or unaffiliated third parties, except as mentioned above and also to:
1.) Provide you the product and services
2.) Transaction processing and report generation
3.) To enable payments to you in the form of commissions, marketing support services, and/ or business support services, among others.
4.) Conform with any legal requirements or comply with legal process(es)
5.) Enforce the terms and conditions of the products or services
6.) Protect the interests of O2O, its Affiliates, or its members, constituents, or of other persons
O2O may make anonymous or aggregate Personal Information, and disclose or use such data only in a non-personally identifiable manner for purposes of research, advertising, comparison to organizations approved by O2O.
When you choose to delete your account from the Website/Mobile App, your data will be permanently expunged from primary servers and further access to your account will not be possible. The Website/Mobile App will also promptly disconnect any connection it had established to your linked accounts and delete all Account Credentials.
Notwithstanding anything above, portions of your data, consisting aggregate data derived from your Account Information, may remain on our servers indefinitely. Your data may also remain on backup server or media. We keep these backups to ensure our continued ability to provide the Services to you in the event of malfunction or damage to primary production servers.
Promotional Communication from the Website/Mobile App
The Website would provide you with periodic summaries of your Account Information and send email / SMS alerts. The Website/Mobile App also allows you to subscribe to email newsletters, research information, notifications and from time to time may transmit emails / SMS promoting the Website/Mobile App or third-party products or services. You have the ability to opt-out of receiving our promotional emails / SMS, notification and to terminate your newsletter subscriptions or notification facility as the case may be by following the instructions on the Website/Mobile App. Opting out in this manner will not end transmission of service-related emails / SMS - such transactional alerts.
Third Party Services and Websites
Blogs and other Forums on the Website
If you use a bulletin board, blog or chat room on the Website/Mobile App, you should be aware that any information you submit there can be read, collected or used by other users/visitors and could be used to send you unsolicited messages. The Website/Mobile App and O2O are not responsible for any personal information you choose to submit in these forums. These forums shall be hosted by the Website/Mobile App or by our third Party Service Providers on O2Oâ€™s behalf.
When you register for the Services, the Website/Mobile App requires a Login ID and a password from you for your privacy and security. You are responsible for maintaining the confidentiality of your Login ID and password and you may not provide these credentials to any third party. We recommend that you change your password periodically.
While accessing your linked accounts online or linked credit cards, the Website/Mobile App use a combination of firewall barriers, encryption techniques and authentication procedures, among others, to maintain the security of your online session, and to protect Website/ Mobile App accounts and systems from unauthorized access. From the time you submit your Login ID and password, these communications between your computer/mobile and the Website/Mobile App are encrypted using at least appropriate technologies & methods. This enables client and server applications to communicate in a way that is designed to prevent eavesdropping, tampering and message forgery. The Website/ Mobile App also encrypts your Website/Mobile App password so that your password cannot be recovered, even by us.
For enhanced security, all Account Credentials of other Financial Institutions provided by you, for your use / consolidated view maybe encrypted and stored with third party service providers.
O2O may access your information from other service providers, financial institutions, and/ or social media sites such as Facebook and Google and uses the same through secure connections for delivering various services. All our servers are located in a secure facility. Access requires multiple levels of authentication.
In respect of KYC information provided by you for enabling, such information may also be available with third party technology service provider/main distributor/AMCs/RTAs/authorised service providers and treated as proprietary and confidential in nature by them and to be used/shared/maintained/processed by them only on need to know basis for service enablement.