Privacy Policy
Last updated: April 2026
Credlyne is committed to protecting your personal data in line with India's Digital Personal Data Protection Act, 2023 and the RBI Digital Lending Guidelines.
1. Data we collect
Identity data (PAN, Aadhaar reference, name, DOB), contact data (mobile, email), employment data (employer, salary, tenure), financial data (bank statements via Account Aggregator, bureau data with consent), device and usage data.
2. Purpose of processing
Eligibility assessment, KYC verification, loan origination by partner NBFCs, repayment processing, fraud prevention, regulatory reporting.
3. Consent and lawful basis
All sensitive financial data is collected only via explicit consent under the Account Aggregator framework or signed agreements. You can withdraw consent at any time via the user dashboard.
4. Data sharing
We share data with: partner NBFCs for loan origination, RBI-licensed Account Aggregators, credit bureaus, KYC providers (Karza, Signzy, Hyperverge), and regulators when legally required. We never sell your data.
5. Data retention
As required under RBI master directions and the IT Act — typically 7 years post loan closure for KYC and transaction records.
6. Your rights
Right to access, correction, erasure, grievance redressal, and nomination per the DPDP Act. Contact dpo@credlyne.com.