S.B.N. LEASING AND FINANCE LIMITED is an NBFC, we enables customers easy and seamless access to credit. What’s more, everything we do is focused on making it easier for customers to buy what they need at their convenience.

Privacy Policy

This Privacy Policy (“Policy”) is published in compliance with the provisions of the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and other applicable laws, including but not limited to the guidelines issued by the Reserve Bank of India (“RBI”) and anticipated provisions of the Digital Personal Data Protection Act, 2023 (“DPDP Act”).

This Policy governs the manner in which S.B.N. Leasing and Finance Limited, a company incorporated under the Companies Act, 2013, having its registered office at Office Nos. 205 & 206, Second Floor, Neelkanth Chambers-II, Plot No.14, LSC, Saini Enclave, Delhi, East Delhi, Delhi- 110092, India (hereinafter referred to as “Company”), collects, uses, processes, stores, discloses, and protects Personal Information of users .

1. DEFINITIONS

a. “Personal Information” shall mean any information that relates to a natural person, which, either directly or indirectly, in combination with other information, is capable of identifying such person, and shall include “Sensitive Personal Data or Information” as defined under applicable law.

b. “Processing” shall mean and include any operation or set of operations performed on Personal Information including collection, recording, organisation, structuring, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction.

2. COLLECTION OF INFORMATION

We may collect and process the following categories of Personal Information, including but not limited to:

- Name, date of birth, gender, photograph

- Contact details including address, phone number, email address

- Identity and KYC documents such as PAN, Aadhaar, Passport, Voter ID

- Financial data including bank account information, UPI ID, income details

- Loan-related data, credit scores, and repayment history

- IP address, browser type, device identifiers, and geolocation data

- Any other information as may be required in connection with our services or as mandated by law

3. PURPOSE OF COLLECTION AND PROCESSING

The Company shall collect, use, retain, and otherwise process Personal Information lawfully for the following purposes:

- To conduct identity and address verification in compliance with KYC/AML norms

- To evaluate loan applications, perform credit risk assessments, and manage credit operations

- To enable communication with Users and provide customer support

- To ensure compliance with applicable laws, directions, and regulatory requirements

- For fraud prevention, investigation, and cyber-security purposes

- For internal record-keeping, analytics, audit, and business process enhancement

- For any other lawful purpose connected with the Company’s business activities

4. CONSENT AND AUTHORISATION

By accessing the Website and/or availing of our services, you expressly consent to the collection, use, storage, and processing of your Personal Information in accordance with this Policy.

You acknowledge and agree that such consent is valid, lawful, and informed for the purposes of the Information Technology Act, 2000, and the DPDP Act. You may withdraw your consent at any time by submitting a written request to the Grievance Officer. However, such withdrawal may affect the provision of services and may result in discontinuation of any ongoing transaction or engagement.

5. DISCLOSURE OF INFORMATION

The Company may disclose or transfer Personal Information under the following circumstances:

- To statutory, regulatory, or governmental authorities or bodies, as mandated under applicable law

- To credit bureaus, credit information companies, or rating agencies

- To authorised third-party service providers engaged by the Company for services such as payment processing, IT support, verification, or data storage, subject to strict confidentiality obligations

- To legal counsel, auditors, consultants, and affiliates, for lawful business purposes

- In connection with a merger, acquisition, reorganisation, or sale of assets

We do not sell, trade, or rent Personal Information to any third parties for unsolicited marketing purposes.

6. DATA RETENTION

The Company shall retain Personal Information for such period as may be necessary for the fulfilment of the purposes stated herein, or as mandated under applicable laws, including but not limited to the Prevention of Money Laundering Act, 2002 and directions issued by the RBI.

Post-termination or closure of services, data may be retained for a minimum period of eight (8) years or such other period as required for regulatory compliance or dispute resolution.

7. DATA SECURITY

The Company implements appropriate technical and organisational security measures to safeguard Personal Information against unauthorised access, alteration, disclosure, or destruction, including but not limited to:

- Use of SSL encryption and secure access protocols

- Firewalls, intrusion detection systems, and access controls

- Periodic IT audits and security assessments

- Training and sensitisation of personnel handling sensitive data

While we endeavour to provide reasonable security, no system can be guaranteed to be entirely secure. The Company shall not be liable for any breach that occurs despite reasonable care and security safeguards.

8. COOKIES AND TRACKING TECHNOLOGIES

The Website may use cookies and other similar technologies to enhance User experience, understand usage patterns, and personalise content and services. Users may manage cookie preferences through browser settings; however, disabling cookies may impair the full functionality of the Website.

9. USER RIGHTS

Subject to applicable law, you shall have the right to:

- Access your Personal Information held by us

- Request rectification of inaccuracies in your data

- Withdraw consent for data processing (to the extent permitted by law)

- Lodge a complaint with the Data Protection Board (once operational)

- Seek erasure of data in specified circumstances

All such requests must be made in writing to the Grievance Officer at the contact details provided below.

10. GRIEVANCE REDRESSAL

In accordance with Rule 5(9) of the IT Rules, 2011, and the DPDP Act (upon enforcement), the Company has designated a Grievance Officer to address any discrepancies or grievances regarding the processing of Personal Information.

All complaints shall be acknowledged within 24 (twenty-four) hours and resolved within 30 (thirty) days of receipt.

11. AMENDMENTS TO THIS POLICY

The Company reserves the right to amend or modify this Policy at any time without prior notice. Any material changes shall be notified via the Website or by email (if applicable). The continued use of the Website or services post such changes shall constitute deemed acceptance of the revised Policy.

12. GOVERNING LAW AND JURISDICTION

This Policy shall be governed by and construed in accordance with the laws of India. Any disputes arising under or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts located at [Insert City/State].

BY ACCESSING THE WEBSITE OR USING OUR SERVICES, YOU HEREBY ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREED TO BE BOUND BY THIS PRIVACY POLICY