Udgir Mudra
Udgir MudraCredit Manager

Legal

Data Retention and Deletion Policy

1. Governance Framework

At Udgir Mudra, we recognize that data privacy is a lifelong commitment, not just a one-time compliance check. This policy outlines the lifecycle of your personal data within our ecosystem, defining how long we store it and the protocols for its permanent destruction. This document operates in conjunction with our Privacy Policy and adheres strictly to the Prevention of Money Laundering Act (PMLA), 2002, and RBI guidelines for Digital Lending.

2. Retention Standards by Data Category

We do not practice indefinite data storage. Your information is retained only as long as necessary to fulfill the specific purpose for which it was collected, or as required by Indian law.

2.1 Financial and KYC Records (Statutory Retention)

Data Types: KYC documents (PAN, Aadhaar), loan agreements, repayment history, transaction logs, and credit bureau reports.

Retention Period: As a regulated credit product, we are legally mandated to retain these records for a minimum of ten (10) years from the date of the cessation of the transaction or closure of your account.

Purpose: To comply with anti-money laundering (AML) regulations, facilitate tax audits, and resolve potential legal disputes.

2.2 User Profile and Contact Information

Data Types: Mobile number, email address, residential address, and profile preferences.

Retention Period: Retained for the entire duration of your active membership. Upon account deletion request, this data is removed from active databases within 30 days, subject to the statutory retention mentioned in Clause 2.1.

2.3 Technical Telemetry and Device Data

Data Types: IP addresses, device hardware specs, crash logs, and app usage analytics.

Retention Period: Retained on a rolling basis for eighteen (18) months.

Purpose: Used for fraud detection modeling, system debugging, and improving platform stability.

3. Data Deletion and Account Closure

We empower users to control their digital footprint. However, as a financial service provider, the "Right to Erasure" is not absolute and is subject to regulatory constraints.

3.1 Voluntary Deletion Request

You may request the deletion of your account via the "Settings" menu in the Udgir Mudra app or by emailing our Data Protection Officer.

Processing Time: Valid requests are processed within 30 days.

Conditions for Deletion: You can only delete your account if:

  • There are no outstanding credit dues or pending repayments.
  • There are no active disputes or investigations associated with your account.

3.2 What Happens After Deletion?

Once a deletion request is approved:

  • Immediate Action: Your login credentials are disabled, and you will lose access to the app.
  • Anonymization: Marketing data and non-essential behavioral data are permanently erased or anonymized.
  • Archival: Essential financial records (as defined in 2.1) are moved to a secure, offline "Cold Storage" archive to fulfill legal obligations. This archive is isolated from regular business operations.

4. Dormancy Protocol

To minimize data exposure, accounts that show no activity (login or transaction) for a continuous period of twelve (12) months will be classified as "Dormant."

  • We will notify you via email 30 days prior to this classification.
  • If no action is taken, non-essential data associated with dormant accounts will be automatically purged or archived to secure storage.

5. Secure Disposal

When the retention period expires, data is not just "deleted" but securely destroyed.

  • Digital Records: Overwritten using industry-standard wiping algorithms to prevent recovery.
  • Physical Records: If any physical documents exist, they are shredded and pulped.

6. Contact for Data Rights

If you wish to exercise your data rights or have questions regarding specific retention timelines, please contact us:

Email: business@udgirmudra.com

Official Website: https://www.udgirmudra.com

Last Updated: December 2025