Udgir Mudra
Udgir MudraCredit Manager

Legal

Privacy Policy

1. Governance and Scope

Udgir Mudra ("we," "us," or "the Platform") is committed to safeguarding the privacy of our users ("you"). As a Data Fiduciary, we operate in strict adherence to the Information Technology Act, 2000, and the Digital Personal Data Protection Act, 2023 (DPDPA).

This Privacy Policy outlines how we process your personal data to facilitate credit card services and financial assessments. By accepting this policy, you explicitly consent to the data practices described herein.

Data Security Declaration: To avoid leakage and misuse of this information, We will transfer user data to the following address: https://st.udgirmudra.com

2. Data Collection and Usage

To evaluate your creditworthiness, comply with Know Your Customer (KYC) norms, and prevent fraud, we require access to specific data points. We only collect data based on your explicit permissions.

A. Identity and Communication

Mobile Number: We collect your mobile number to create your unique user identity (User ID), send One-Time Passwords (OTPs), and facilitate essential service notifications.

Email Address: Your email is required for sending monthly statements, transaction alerts, and policy updates. It also serves as a recovery channel for your account.

B. Verification and KYC

Camera and Visual Media: We require camera access to capture documents and selfies for "Liveness Detection" and KYC verification. This ensures that the applicant is a real person and prevents identity theft. We do not access your photo gallery unless you proactively upload a document.

C. Credit Risk and Financial Assessment

Installed Application Inventory: We collect a list of installed applications on your device. This data is used for alternative credit scoring by analyzing your financial behavior and identifying potential risk factors (e.g., presence of multiple lending apps or gambling apps).

Call Log History: We request permission to view your call logs strictly for identity verification and fraud prevention. This helps us validate that the SIM card is active on the device and allows us to verify the device owner's authenticity via automated verification calls. We do not record calls.

Emergency Contact Details: You will be asked to nominate specific individuals as emergency references. We collect their contact details to establish communication solely in events where you are unreachable for an extended period regarding your credit obligations.

D. Device Fingerprinting and Security

To prevent device cloning and unauthorized access, we collect the following technical telemetry:

  • Device Identifiers: Including IMEI, SSAID, Android ID, and Advertising ID (GAID) to uniquely identify your handset.
  • Storage Status: To ensure sufficient space for app functions.
  • Battery Information: Battery level and health status to detect emulator usage.
  • Hardware Specs: CPU model, RAM capacity, and screen resolution.
  • Sensor Data: Gyroscope and accelerometer readings to verify human interaction.
  • Network State: IP address, Wi-Fi connection status, and MAC address.
  • Bluetooth: Information on paired devices to assess the device environment.
  • Crash Logs: In the event of an app failure, we collect anonymous stack trace data to diagnose technical faults and improve stability.

E. Location Data

Approximate Location: We collect coarse location data (non-precise) to verify your current residence area for serviceability checks and to prevent login attempts from suspicious geolocations.

3. Purpose of Data Processing

Your data is utilized for the following legitimate purposes:

  • Credit Underwriting: To assess your repayment capacity and determine your credit limit.
  • Service Delivery: To process transactions, issue credit cards, and manage your credit cycle.
  • Regulatory Compliance: To fulfill obligations under the Prevention of Money Laundering Act (PMLA) and RBI guidelines.
  • Security: To detect anomalies, prevent money laundering, and secure your financial assets.

4. Disclosure and Sharing of Information

We maintain strict confidentiality of your data. Disclosure occurs only under the following conditions:

  • Credit Information Companies (CICs): As a credit product, we are mandated to report your repayment behavior to bureaus like CIBIL, Equifax, etc.
  • Service Partners: We may share minimal necessary data with third-party vendors (e.g., card printing agencies, payment gateways) under strict Non-Disclosure Agreements (NDAs).
  • Legal Requirements: We may disclose data to law enforcement agencies or courts if required by Indian law.

5. Data Retention and Lifecycle

We retain your personal data only as long as necessary to provide our services or as required by law.

  • Active Accounts: Data is retained throughout the lifecycle of your credit relationship with us.
  • Post-Closure: In compliance with financial regulations, transaction and KYC records are archived for a minimum of ten (10) years after account closure.
  • Deletion: You may request data deletion by contacting us. However, regulatory data (such as loan repayment history) cannot be deleted immediately and must be retained for the statutory period.

6. User Rights and Grievance Redressal

You have the right to access, correct, or withdraw consent for your data. To exercise these rights or report a grievance, please contact our Grievance Officer.

Email: business@udgirmudra.com

Website: https://www.udgirmudra.com

Full Policy URL: https://www.udgirmudra.com/privacy-policy

We are committed to resolving all privacy-related grievances within 30 days as per the applicable laws.

7. Updates to this Policy

Udgir Mudra reserves the right to amend this policy to reflect changes in legal requirements or business operations. Significant changes will be notified to you via the app or registered email. Continued use of the app implies acceptance of the revised terms.

Last Updated: December 2025