Your Data and Your Loan: How AFI Uses Your Information Securely
When you apply for a loan, you are not just filling out a form. You are sharing things that matter. Your name. Where you live. How much you earn. Your bank details. All of it personal. All of it important.
At Ayaan Finserve India (AFI), we understand that. We are an RBI-registered NBFC. That means we operate under rules set by the Reserve Bank of India. But beyond the regulations, we have a simple belief: Your information belongs to you. We are just here to handle it with care while we help you get the financial support you need.
This page walks you through what we collect, why we collect it, and how we keep it safe. For complete legal details, please refer to our formal Privacy Policy and Terms and Conditions.
What Information AFI Collects
We ask for only what we need. Nothing extra.
| What We Collect | Examples | Why We Need It |
|---|---|---|
| Personal Details | Name, date of birth, PAN, address | To know who you are and verify your identity |
| Financial Info | Bank account, income details, credit card numbers | To send your loan money and set up repayments |
| Transaction Data | Loan applications, repayment history, account activity | To understand your eligibility and manage your account |
| KYC Documents | Aadhaar, PAN card, passport, voter ID | To follow RBI’s KYC rules |
| Device & Location | IP address, device type, location during application | To prevent fraud and confirm it is really you |
We do not sneak around collecting things we do not need. Every time we ask for something, we tell you why. And we keep it only as long as necessary.
How We Use Your Information
Your data has a job to do. Here is what we use it for.
Loan Processing
- Look at your application
- Check if you qualify
- Verify your documents
- Send the money to your account
- Set up your repayment schedule
Customer Support
- Answer your questions
- Sort out any issues with your account
- Let you know what is happening with your loan
Legal Compliance
- Follow the rules set by regulators
- Report to credit bureaus like CIBIL
- Keep records the law asks us to keep
- Spot and stop fraud
One thing we never do. Sell your information. That is not how we work.
The Four Pillars of Our Security
We built our security around four simple ideas.
- Confidentiality: Only people who need to see your data can see it. Everyone else stays out.
- Integrity: Your data stays accurate. No one can change it without proper authorization.
- Availability: Your data is there when you need it. We work hard to keep our systems running.
- Authenticity: We make sure it is actually you doing things on your account. Not someone pretending.
The Technology We Use to Protect You
Good intentions are fine. But we back them up with actual technology.
| Security Control | How We Do It |
|---|---|
| Maker-Checker | Every important transaction needs two people. One creates. A different person approves. Mistakes get caught. |
| Role-Based Access | People see only what their job requires. A customer support person sees different things than a tech person. |
| Audit Trails | We keep logs of everything. Who accessed what. When. Why. Helps us spot anything unusual. |
| Encryption | Your data gets scrambled when it moves and when it sits in storage. Even if someone intercepted it, they could not read it. |
| Data Localization | All your data stays on servers in India. RBI requires this. We follow it. |
| Regular Audits | Security experts check our systems regularly. We find problems before they become problems. |
Following RBI and DPDPA Rules
We take rules seriously. Not because we have to. Because they are there to protect you.
RBI Digital Lending Directions
- Explicit Consent: We ask your permission separately for different things
- Purpose Limitation: We use your data only for what you agreed to
- Transparency: No hidden clauses
Digital Personal Data Protection Act (DPDPA) 2023
- Consent: We process your data only after you say yes
- Minimization: We collect only what we actually need
- Accountability: We take responsibility for the data we hold
When you share your Aadhaar or PAN for KYC, we use it only for verification. Nothing else.
Your Rights Over Your Data
Your data belongs to you. Here is what you can do with it.
Right to Access
Want to know what information we have about you? Just ask. We will share it in a clear format.
Right to Correction
If your address changed or there is a mistake in our records, tell us. We will fix it.
Right to Deletion
After your loan is closed and the required time passes, you can ask us to delete your data. We will do it.
Important: RBI rules say we have to keep some records for a certain number of years. We cannot delete before that.
Right to Withdraw Consent
You gave us permission to use your data. You can take it back. Just let us know.
Right to Grievance
If something does not feel right, you can raise it. We have a process to address your concerns.
How Long We Keep Your Data
We do not hold onto your data forever. But we also cannot delete it right away. The law sets some limits.
| Type of Data | How Long We Keep It |
|---|---|
| KYC Records | 10 years after account closes |
| Transaction Records | 10 years after account closes |
| Application Data | 10 years after closure or rejection |
| Logs and Audit Trails | 2 to 5 years |
Once the time is up and there is no legal reason to keep your data, we delete it or make it anonymous.
Special Cases: When Life Throws a Curveball
We understand that life does not always go as planned. In the event of a borrower’s death or verified financial distress, we do not follow the standard collection process. Instead, we initiate a settlement process designed to be fair and compassionate. Throughout such exceptional situations, our data security and privacy safeguards remain fully in place.
Frequently Asked Questions
1. Does AFI sell my personal information to third parties?
No. We do not sell your information. Not to anyone. Not ever.
2. Is my banking information safe when I upload it?
Yes. We encrypt your banking information both when it is moving and when it is stored.
3. Why does AFI need to track my location?
We track location only during the application process to confirm it is really you and to help detect fraud.
4. How long does AFI retain my data?
RBI rules require us to keep KYC and transaction records for 10 years after your account closes.
5. Who can I contact if I have concerns about my data privacy?
Grievance Officer: Amit Khanna
Email: nodalofficer@afiloans.co.in
We acknowledge your email within 24 hours and work to resolve concerns within 30 days.
6. Is my data shared with credit bureaus?
Yes. We report loan and repayment information to credit bureaus like CIBIL, Experian, and CRIF Highmark.
7. Can I stop receiving marketing messages?
Yes. Click unsubscribe in emails, reply STOP to SMS, or contact support. We will still send important loan-related messages.
A Word From Us
Data security is not something we set up once and forget. It is something we work on every day. As technology changes, we update our practices. As new threats appear, we adapt. But the core stays the same. Your information is yours. We are just holding it for you.
If you ever have questions about how your data is being handled, reach out. We are happy to explain.
Disclaimer: This page gives an overview of our data security practices. For complete details, please refer to our official Privacy Policy, Terms and Conditions, and Collection Policy. AFI is an RBI-registered NBFC and complies with all applicable laws and regulations.
