Lets Chat Pay Online

Privacy Policy

Back
Introduction

Manappuram Asset Finance Ltd. (hereafter referred to as “MAAFIN,” “Company”) values your trust and is committed in protecting stakeholder’s personal information. This Privacy Policy explains in detail how the Company collects, use, share, store, and safeguard information related to its customers, employees, vendors, and website/app users.

The Company process personal data in compliance with applicable Indian laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023.

Approach is guided by the principles of fairness, transparency, accountability, and respect for individual privacy.

Scope

This Privacy Policy applies to all personal data processed by MAAFIN in the following contexts:

  • Customers availing financial products and services offered by the Company
  • Employees, job applicants, contractors, and consultants
  • Vendors, service providers, and business partners engaged with the Company
  • Visitors to the Company website, mobile applications, or other digital platforms
  • Any third parties interact with MAAFIN through official communication channels
Information

Personal Information

The Company may collect personal details including but not limited to:

  • Name, gender, date of birth, nationality, and marital status
  • Identity and address proof (e.g., PAN, Aadhaar, Passport, Driving License, Voter ID)
  • Contact details (phone number, email address, residential address)
  • Employment details, qualifications, income, and occupation information
  • Financial information (bank account details, credit/debit card details, payment history)
  • Photographs, video recordings, and biometric details (where applicable)
  • Data submitted through forms, applications, contracts, or interactions with our representatives
  • Digital identifiers such as IP addresses, device information, and browser data when using our online platforms of the Company

Sensitive Personal Information (SPI)

As per IT Rules, 2011, SPI may include:

  • User credentials
  • Financial details (bank account, credit/debit card, payment instruments)
  • Biometric data (fingerprints, facial recognition, iris scans)
  • Health/medical records
  • Sexual orientation
  • Any other personal data categorized as “sensitive” under law
Use of Information

Personal information is used for legitimate business, legal, and regulatory purposes, such as:

  • Verifying your identity and performing due diligence (KYC compliance)
  • Processing applications, loans, financial products, transactions, and payments
  • Providing, customizing, and improving the Company financial products and services
  • Sending important service updates, regulatory notifications, or communication regarding accounts
  • Conducting internal audits, compliance checks, fraud prevention, and risk management
  • Carrying out research, analytics, surveys, and customer support activities
  • Marketing and promotional communications (where permitted)
  • Meeting contractual obligations with customers, employees, and partners
  • Responding to requests from courts, Law agencies or government agencies
Sharing and Disclosure of Information

The Company shares personal information under the following circumstances:

  • Service Providers/Partners: With trusted third parties who provide services such as IT support, payment processing, marketing assistance, and data hosting, which are bound by confidentiality and security agreements.
  • Regulatory/Government Authorities: With regulatory bodies, government authorities, or law enforcement agencies when required by applicable laws.
  • Group/Affiliate Companies: With affiliated companies for operational, administrative, or service-enhancement purposes.
  • Business Transfers: In case of mergers, acquisitions, or restructuring, personal data may be transferred to the new entity.
  • With Consent: With explicit consent, wherever legally permitted.

The company does not sell, lease, or rent your personal data to unaffiliated third parties under any circumstances.

Data Security

The Company implements appropriate technical, organizational, and security measures to protect personal data from unauthorized access, misuse, loss, or alteration. These include:

  • Role-based access controls (ensuring only authorized staff can access data)
  • Encryption, firewalls, and secure servers for sensitive information
  • Regular monitoring and auditing of IT systems and processes
  • Employee fidelity agreements and periodic training on data protection
  • Incident response plans and security drills

In the event of a data breach, the Company will notify affected parties and regulators where legally required, undertake Root Cause Analysis.

Data Retention

The Company retains personal information only for as long as necessary to:

  • Fulfil the purpose for which it was collected
  • Comply with applicable legal, regulatory, and contractual requirements
  • Resolve disputes and enforce agreements

When the data is no longer required, it is securely archived, anonymized, or permanently destroyed in compliance with legal and regulatory standards.

Stakeholder Rights

Depending on applicable law, stakeholder may have the following rights:

  • Right to Access: Request a copy of the personal data which the Company holds about the Stakeholder
  • Right to Correction: Request corrections or updates to inaccurate or incomplete information
  • Right to Withdraw Consent: Withdraw consent for processing activities where applicable (e.g., marketing communications)
  • Right to Restriction/Objection: Raise concerns or restrict certain processing activities
  • Right to Deletion: Request deletion of your personal data, subject to regulatory requirements
  • Right to Data Portability: Where applicable, request transfer of your personal data in a structured, commonly used format

To exercise these rights, please contact the Company at or via the contact details in Section 12.

Cookies & Tracking

The Company website uses cookies, web beacons, and similar technologies to enhance browsing experience. These may include third-party tools such as Google Analytics for traffic analysis and performance monitoring. Cookies may be used to:

  • Improve website functionality
  • Analyze website traffic and user behavior
  • Provide personalized content and targeted advertisements
  • Maintain security and prevent fraudulent activity

Stakeholders can manage or disable cookies through browser settings; however, this may limit certain features of the Company website.

Cross-Border Data Transfer

In some cases, stakeholder data may be stored or processed outside India (for example, by global cloud service providers or international partners). In such cases, the Company ensures that:

  • The recipient country has adequate data protection standards, or
  • Standard contractual clauses and agreements are in place to ensure that personal data is protected.
Disclaimer

While MAAFIN takes reasonable steps to ensure accuracy and protection of personal data, the Company cannot guarantee absolute security due to inherent risks in data transmission over the internet or electronic storage. Users are encouraged to take precautions, such as safeguarding login credentials and using secure devices.

Contact Information

For questions, concerns, or complaints regarding this Privacy Policy or your personal data, please contact:

Data Protection Officer

Manappuram Asset Finance Ltd.
111/105 Opposite Nattika FIRKA Co-operative Rural Bank,
Valapad, Thrissur District,
Kerala, Pin 680 567
Email: cto@maafin.in
Phone: 9061612340

Manappuram Asset Finance Limited © 2025 | Privacy Policy | Terms and Conditions Site by Cedar Software Technologies

Enquiry Locate Us