Data Protection

Privacy Policy

Your privacy and data security are our top priorities

1. Scope and Applicability

This Privacy Policy sets out the requirements for ensuring that we, Capup Financial Services Private Limited "Capup" (formerly known as Pupil Finance Private Limited), a Non-Banking Financial Company - Investment and Credit Company (NBFC-ICC) registered with the Reserve Bank of India, collect, use, retain and disclose personal information in a fair, transparent and secured manner in compliance with applicable laws and RBI regulations.

This Privacy Policy is applicable to the personal information (including sensitive personal data or information) of:

  • Capup's customers and borrowers
  • Users of the website, mobile applications (if any), and social media accounts of Capup
  • Employees, consultants, and contractors of Capup
  • Vendors and service providers of Capup
  • Any other person whose personal information is collected, used, retained or disclosed by Capup

2. Information We Collect

Personal Information

We collect personal information necessary for providing financial services, including but not limited to:

  • Name, date of birth, gender, and contact details
  • Identity proof (Aadhaar, PAN, Passport, Voter ID, Driving License)
  • Address proof and photographs
  • Financial information (income, bank statements, credit history)
  • Employment details and business information
  • KYC (Know Your Customer) documents as mandated by RBI
  • Transaction history and repayment records

3. Purpose of Data Collection

We collect and process personal information for the following purposes:

  • Processing loan applications and credit assessments
  • Compliance with KYC norms and RBI regulations
  • Prevention of fraud and money laundering
  • Credit information reporting to Credit Information Companies (CICs)
  • Communication regarding loan status, repayment schedules, and account updates
  • Legal and regulatory compliance
  • Improving customer service and product offerings

4. Data Sharing and Disclosure

We may share your personal information with:

  • Credit Information Companies (CICs): As mandated by RBI, we report credit information to CIBIL, Experian, Equifax, and CRIF High Mark
  • Regulatory Authorities: Reserve Bank of India and other statutory authorities as required by law
  • Service Providers: Third-party service providers for loan processing, verification, and collection activities
  • Legal Requirements: When required by court orders, legal processes, or government authorities

We ensure that all third parties with whom we share data maintain appropriate data protection standards.

5. Data Security Measures

Secure Storage

All personal data is stored securely using industry-standard encryption and security protocols. Physical documents are stored in secure, access-controlled facilities.

Access Control

Access to personal information is restricted to authorized personnel only on a need-to-know basis. We maintain audit trails of all data access.

Data Backup

Regular backups are maintained to prevent data loss. Backup data is also encrypted and stored securely.

Staff Training

Our staff is regularly trained on data protection and privacy requirements to ensure compliance.

6. Data Retention

We retain personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. As per RBI guidelines, we maintain customer information and transaction records for a minimum period as specified by regulatory requirements, typically not less than 8 years from the date of cessation of the relationship.

7. Your Rights as a Customer

Right to Access

You have the right to request access to your personal information held by us.

Right to Correction

You can request correction of inaccurate or incomplete personal information.

Right to Withdraw Consent

You may withdraw consent for processing of your personal data, subject to legal and contractual restrictions.

Right to Grievance Redressal

You have the right to raise concerns about data privacy through our grievance redressal mechanism.

8. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enhance user experience. You can control cookie preferences through your browser settings. However, disabling cookies may affect the functionality of certain features on our website.

9. Contact Information for Privacy Concerns

For any queries or concerns regarding this Privacy Policy or the handling of your personal information, please contact:

Email: support@capupnow.com

Address: 3rd Floor, 4th Cross Road, Behind Shivaji Talkies, Bangalore 560002

10. Regulatory Compliance

This Privacy Policy is designed to comply with:

  • Reserve Bank of India (RBI) Master Directions and Guidelines for NBFCs
  • Information Technology Act, 2000 and Rules thereunder
  • Digital Personal Data Protection Act, 2023 (as applicable)
  • RBI Master Direction on KYC
  • RBI Fair Practices Code for NBFCs

11. Changes to this Privacy Policy

Capup may periodically revise or update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or for other operational reasons. The updated Privacy Policy will be posted on our website with the effective date. Continued use of Capup's services after the effective date of the revised Privacy Policy constitutes acceptance of the changes. We encourage you to review this Privacy Policy periodically.

12. Disclaimer

Please note that this Privacy Policy does not create any contractual or other legal rights in or on behalf of any party, nor is it intended to do so. This policy is a statement of our commitment to protecting your privacy and should be read in conjunction with our Terms and Conditions.

Last Updated: March 2026
Effective Date: March 2026

Back to Home