Britwell LogoBritwell

Privacy Policy

Compliant with DPDP Act 2023, RBI Guidelines & KYC Requirements

Last Updated: January 2025

Introduction

Britwell ("we," "our," or "us") is committed to protecting your privacy and personal data in accordance with the Digital Personal Data Protection Act, 2023 (DPDP Act), Reserve Bank of India (RBI) guidelines, and other applicable laws. As a Direct Selling Agent (DSA) for various banks and Non-Banking Financial Companies (NBFCs), we handle sensitive financial and personal information with the highest standards of security and compliance.

This Privacy Policy explains how we collect, use, process, store, and protect your personal data when you use our services, visit our website, or interact with us in any capacity.

Information We Collect

Personal Information

Name, address, contact details, date of birth, PAN, Aadhaar

Financial Information

Income details, bank statements, credit history, employment information

KYC Documents

Identity proofs, address proofs, income documents, photographs

Digital Footprint

Website usage, cookies, IP address, device information

KYC Information (As per RBI Guidelines)

  • • Customer Identification Program (CIP) documents
  • • Customer Due Diligence (CDD) information
  • • Enhanced Due Diligence (EDD) for high-risk customers
  • • Beneficial ownership information for entities
  • • Source of funds and income verification
How We Use Your Information

Loan Processing & Facilitation

Processing loan applications, conducting eligibility assessments, and facilitating loan approvals with our partner banks and NBFCs.

KYC & Compliance

Verifying your identity, conducting due diligence, and ensuring compliance with RBI's KYC norms and Anti-Money Laundering (AML) requirements.

Risk Assessment

Evaluating creditworthiness, assessing loan risks, and determining appropriate loan products and terms.

Communication & Support

Providing updates on loan status, customer support, and relevant financial product information.

Data Sharing & Disclosure

We share your information only with your explicit consent and for legitimate business purposes:

Partner Banks & NBFCs

We share your loan application and KYC information with our partner financial institutions for loan processing and approval.

Partners include: SBI, HDFC Bank, ICICI Bank, Axis Bank, Bajaj Finserv, Tata Capital, and other RBI regulated entities.

Credit Information Companies

CIBIL, Experian, Equifax, and CRIF High Mark for credit score verification and reporting as per RBI guidelines.

Regulatory Authorities

RBI, FIU-IND, and other regulatory bodies as required by law for compliance and reporting purposes.

Service Providers

Technology partners, verification agencies, and other service providers under strict confidentiality agreements.

Data Protection & Security

Technical Safeguards

  • • 256-bit SSL encryption for data transmission
  • • Advanced firewall and intrusion detection systems
  • • Regular security audits and penetration testing
  • • Secure cloud infrastructure with backup systems
  • • Multi-factor authentication for access control

Organizational Measures

  • • Role-based access control and need-to-know basis
  • • Regular employee training on data protection
  • • Confidentiality agreements with all staff
  • • Incident response and breach notification procedures
  • • Data Protection Officer (DPO) oversight
Your Rights Under DPDP Act 2023

You have the following rights regarding your data:

Right to Information

Know what data we collect and how it's used

Right to Correction

Request correction of inaccurate data

Right to Erasure

Request deletion of personal data (subject to legal requirements)

Right to Grievance Redressal

File complaints regarding data processing

Data Retention Policy

KYC Documents

Retained for 5 years after account closure as per RBI guidelines (Master Direction on KYC)

Transaction Records

Maintained for 5 years as required by Prevention of Money Laundering Act (PMLA)

Loan Application Data

Retained for the duration of loan tenure plus 3 years for audit and compliance purposes

Marketing Data

Retained until you withdraw consent or for 2 years from last interaction, whichever is earlier

Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze website usage, and provide personalized services.

Essential Cookies

Required for website functionality and security

Analytics Cookies

Help us understand website usage and improve services

Marketing Cookies

Used to deliver relevant advertisements (with consent)

Contact Us - Data Protection

For any privacy-related queries or to exercise your rights:

Data Protection Officer

dpo@britwell.in
+91 96993 37148

Grievance Officer

grievance@britwell.in

Response within 30 days as per DPDP Act

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes through:

  • • Email notification to registered users
  • • Prominent notice on our website
  • • SMS notification for significant changes

Effective Date: This Privacy Policy is effective from January 1, 2025, and supersedes all previous versions.