Schema
Effective Date: 1 August 2021
Last updated: 30th June 2026
Inditab Esolutions Private Limited ("EaseMyDeal", "we", "us") values your privacy and ensures that your personal information is handled with the highest standards of care. This Privacy Policy governs your information when you use our platform—whether via website, mobile app, APIs, or white-label integrations—and is an integral part of our Terms & Conditions.
1.1 This Privacy Policy is incorporated by reference into the Terms & Conditions and governs data handling procedures; for service performance, refunds, and dispute forums, refer to the T&C. Covers all EaseMyDeal users accessing services like: recharges, bill payments (BBPS), credit card payments, gold & gift PPI, loans, travel bookings, wallet services, and micro-transactions.
1.2 When accessed via partner whitelabel or API integrations, partner terms govern service delivery; EaseMyDeal's data processing remains strictly limited to disclosed purposes and subject to contractual safeguards with partners.
1A. Applicability & Scope
1A.1 For loan and credit products, EaseMyDeal acts solely as a Lending Service Provider / sourcing (lead) partner of RBI-regulated lenders. EaseMyDeal is NOT a lender, does not lend from its own funds, and does not take credit decisions. All lending, underwriting, sanction, disbursement, servicing and recovery are carried out by the Regulated Entity (the lender).
1A.2 Current lending partner: Vivifi India Finance Private Limited, a Non-Banking Financial Company registered with the Reserve Bank of India (Certificate of Registration No. N-09.00447; CIN U65923TG2016PTC110767), which offers the product u201cFlexSalaryu201d. The lender is the Data Fiduciary for loan data and is accountable for its storage and security. We will update this section if lending partners change; the current list of registered NBFC/bank partners is also disclosed in the apps store listing.
1A.3 As a Lending Service Provider, EaseMyDeal stores only the minimal data necessary to facilitate the introduction (such as your name, contact details and basic eligibility inputs). Detailed credit, KYC and financial data are collected and held by the lender. All such data is stored on servers located in India.
1A.4 Before you avail a loan, the lender provides a Key Fact Statement (KFS) setting out the loan amount, Annual Percentage Rate (APR), tenure, all fees and the cooling-off/look-up period. EaseMyDeal does not charge you any fee for facilitation that is not disclosed in the KFS.
2.1 Personal Identifiers: Name, Mobile No, Email ID, date of birth, contact details, KYC documents (PAN, Masked Aadhaar, etc.), device identifiers, IP address, and login credentials. Device identifiers and IP addresses are collected for security, fraud prevention, session management, and regulatory audit trails.
2.2 Transactional & Behavioral Data: Recharge & bill details, credit card/loan applications, travel itineraries, transaction histories, and in-app usage analytics. For loan facilitation, we do NOT collect precise (GPS) location; any location reference is approximate and derived only where you provide it. Device fingerprints/identifiers are used strictly for fraud prevention and security, not for harvesting your personal content.
2.3 Sensitive Data: Masked Aadhaar, encrypted financial credentials, and medical or health data if availed via services.
2.4 Cookies & Tracking Data: Session cookies, behavioral analytics, marketing pixels, and device fingerprints.
2.4 Cookies & Tracking Data: Session cookies, behavioral analytics, marketing pixels, and device fingerprints.
3.1 Consent: By default, opt-in for data use beyond service delivery (e.g., marketing, personalization).
3.2 Performance of Contract: Necessary for executing service agreements between the User and EaseMyDeal or third-party providers. Essential transaction facilitation, KYC/AML verification, dispute handling, and settlement processing are performed on the basis of executing the service agreement between the User and EaseMyDeal or third-party service providers.
3.3 Regulatory Compliance: Obligations under RBI, NPCI, IT Act 2000, DPDP Act 2023, SEBI, and more. Regulatory compliance (RBI, NPCI, FIU, IT Act 2000, DPDP Act 2023, SEBI, and other applicable laws) constitutes a legal obligation that permits processing without consent where required by law.
3.4 Legitimate Interests: Improving platform security, preventing fraud, and optimizing service delivery—unless overridden by User rights.
5.1 Service Execution: Shared with banks, NBFCs, issuers (gold/gift PPI), partners (travel, bill payment), and credit bureaus. For loan facilitation, your loan application data is shared, on your consent, with the RBI-registered lender and its authorised service providers solely to process your loan. For other services, we share data with the relevant banks, PPI issuers, billers/aggregators and credit bureaus as required to deliver that specific service. We disclose the identity of the recipient lender to you before the data is shared.
5.2 Registered Consent: For loan facilitation services (sharing credit reports, scores) -- User must provide informed consent, retractable anytime.
5.3 Legal & Risk: Disclosed to regulators, law enforcement, or courts under lawful demand; suspicious activity reports may be filed without prior notification to the User.
5.4 Corporate Transfers: In mergers or acquisitions, data will be transferred under equivalent protection.
5.5 No Third-Party Sale: User data will not be sold, rented, or traded.
8A. Account & Data Deletion
8A.1 You can delete your EaseMyDeal account and associated personal data at any time, by writing to our Officer at support@easemydeal.com from your registered email with the subject Account & Data Deletion.
8A.2 On receiving a verified request, we will delete or irreversibly anonymise your personal data within 7 working days, except data we are required by law (e.g., RBI, PMLA, GST, Income-tax) to retain. Such legally-retained records (typically 5u20137 years) are kept securely, access-restricted, and used only for compliance, and are deleted when the retention period ends.
8A.3 Where a loan is active or amounts are outstanding, account closure may be completed only after the loan relationship with the lender is settled; in such cases we will delete all data that is not legally required to be retained.
8A.4 We will confirm completion of your deletion request in writing. Withdrawing consent or deleting your account may mean we can no longer offer you certain services.
Strictly segregated: necessary, analytics, performance, functional, and marketing cookies.
Users must be 18+. We do not knowingly collect data from minors. Use of the platform by minors is only under parental/guardian supervision.
Compliant with DPDP:
Structured policies ensuring Confidentiality, Integrity, and Availability. Managed by a Risk Management Committee with regular board reporting.
Data shared via APIs only under strict agreements, limiting access to specific data elements and purposes. Logs are maintained for audit and tracking.
Policy updated periodically. Significant changes announced via in-app notification or email, with "Last Updated" timestamp prominently displayed.