Privacy Policy

Dreamplug Advisory Solutions Pvt. Ltd.

We at DASPL i.e. Dreamplug Advisory Services Private Limited and the CRED Group Entities, (“the Company/DASPL/We/Us”) are committed to protecting the privacy and security of your personal information. Your privacy is important to us and maintaining your trust is paramount.

This Privacy Policy explains how we collect, use, process and disclose information about you. By using our website/app and affiliated services, you consent to the terms of our privacy policy (“Privacy Policy”) in addition to our Terms of Use (Terms of Use). We encourage you to read this Privacy Policy regarding the collection, use, and disclosure of your information from time to time to keep yourself up to date with the changes & updates that we make to this Policy.

This Privacy Policy describes our privacy practices for all websites, products and services that are linked to or provided by us. However, this policy does not apply to those affiliates and partners that have their own privacy policy. In such situations, we recommend that you read the privacy policy on the applicable site. Any capitalised terms not defined hereunder shall hold the same definition as provided under the Insurance On-boarding Terms of Use.

1. Information we collect

The following information is collected by or on behalf of DASPL.
1.1 Information You provide us

When you start using the CRED App and any of its products, we ask you to provide certain information as part of the registration process, and in the course of your interface with the CRED App and its products. We will collect this information through various means and in various places through the CRED App or its products, including account registration forms, contact us forms, when availing of any products of the CRED App, or when you otherwise interact with the CRED App, including at customer support

By submitting information through our platform, you confirm that you are either providing your own information or that you possess the necessary authority or consent to provide the information of third parties.

At the time of registration for the CRED App, we ask for the following personal information: Name (First Name, Last Name); Mobile Number; Email ID; Date of Birth; PAN Card. At the time of registration for any of the products or services on the CRED App, we may additionally ask for your vehicle registration number and ownership details, identity proof documents.

Pursuant to the products and services availed by You from time to time (including the DASPL Services), we may explicitly seek additional information including address, payment or banking information, credit score, credit/debit card details, vehicle registration number and other vehicle information, driving license number, any other governmental identification numbers or documents, financial information including as defined under Master Direction - Non-Banking Financial Company - Account Aggregator (Reserve Bank) Directions, 2016 and any other information specific to the products / services being availed. You may choose to provide such information if you wish to use the DASPL Services or any other products or services provided by the CRED App.

We will also maintain a record of the information you provide to us or CRED when using customer support servicesand other related activities. However, we do not provide this information to any third party without your permission, or utilize the same for any purposes not set out hereunder.

From time to time, during your use of the CRED App or CRED Insurance, DASPL may require access to certain additional information such as SMS and contact details. Prior to accessing any such additional information, explicit consent shall be sought from you. Please note that even after consent has been provided by you, we only read transactional or promotional SMS and do not open, access or read any personal SMS.

Where you opt to provide device permissions such as contact list access, storage access including image and other media files, location and/or NFC access permission, CRED may collect data from the same, store it in compliance with privacy laws in India and utilize the same for providing various services. You retain the right to revoke the aforementioned access by updating access permissions within your device's settings.

Certain features may be restricted, unavailable or unusable if you choose not to provide certain information. For example: You may not be able to complete availing an insurance policy if you choose to not verify your KYC details.

1.2 Information created when You use CRED Insurance

We collect information relating to your use of CRED Insurance through the use of various technologies. This includes transaction details related to your use of our DASPL Services including the type of services you requested, the payment method, amount and other related transactional and financial information. Further, when you visit CRED Insurance, we may log certain information such as your IP address, browser type, mobile operating system, manufacturer and model of your mobile device, geolocation, preferred language, access time, and time spent. We will also collect information about the pages you view within the CRED App and other actions you take while visiting CRED Insurance.

1.3 Information We Collect from Third Parties

We may, on your consent, request certain third parties to provide information about you to further personalize your experience on CRED Insurance, and provide certain services that cannot be accessed by all users of CRED Insurance. We may also access details about vehicles registered by You (including corresponding challans) which are publicly available on the government Parivahan services or otherwise, via third party service providers. We may also require you to verify the above details when you access CRED Insurance or other products of the CRED App. You may also verify / confirm the data from the government Parivahan services. You understand that we may collect or update your personal information from government agencies, publicly available information, or controlled authorities such as KYC registration services.

In order to access CRED Insurance, you will be required to complete KYC processes, complete insurance application journey and share information required therein to avail the Insurance from the relevant Insurer. This may also be required to complete an on-boarding journey with our insurance partners, which may involve DASPL (directly or via CRED, the Insurers, and third party service providers) fetching your KYC data from one or more KYC registers.

If you choose to link and connect your email account and SMS with CRED, DASPL may access the same for purposes including collecting your insurance policy premium payments, expiry dates, renewal dates, RC and other vehicle details, and other financial or transactional information to be able to do the following

DASPL’s access to the email account(s) is authorized through the email provider’s access mechanism. If you permit DASPL to track your accounts (via the CRED), the CRED website/App will securely store all details for each of your email accounts, including your sign-in user name and authorisation tokens for tracked accounts.

You can choose to enable us to access one or more of your email accounts by explicitly consenting to each single account separately. Please note that your consent to any of the above is purely voluntary. You can de-link the access to your email any time you wish.

We only read emails related to your insurance products such as policy issuance confirmation, policy documents and other policy details, expiry / renewal dates and reminders, biller details etc. and do not open, read or access any personal e-mails. For the sake of clarity, DASPL employs automated processes for accessing and analysing information provided by you; where we may need to use our algorithm to access a password-protected document utilizing information provided by you. For further information on how we process email and the security protocol we follow click here.

We may receive additional information about you, such as information to help detect fraud and safety issues, from third party service providers and/or partners, and combine it with information we have about you. We may receive information about you and your activities through partnerships, or about your experiences and interactions from our partner ad networks.

2. How We Use the Information we collect

We may use, store and process the information provided by you to (1) improve the services offered through CRED Insurance and CRED Money, (2) create and maintain a trusted and safe environment on CRED Insurance and CRED Money (such as complying with our legal obligations and compliance with our policies) and (3) provide, personalise, measure and improve our products and services.

The information collected through different channels such as contact list access, vehicle details, insurance details, storage access including image and other media files, location and/or NFC access, allows us to collect statistics about our website/app usage and effectiveness, personalise the experience for the users of the CRED App / website, as well as to customize our interactions with you and to enhance the scope of the services provided. The following paragraphs describe in more detail how we use your personal information.

2.1 Providing, understanding and improving service offered through the CRED Insurance and CRED Money

Any information provided by you in the CRED App will be used for execution of the contract of services via the CRED Appincluding enabling you to use CRED Insurance and CRED Money, in legitimate business interests, and for regulatory compliance purposes, authenticating and processing your transaction(s) or for any other purposes for which you have granted access to such information to us, based on your interaction with the CRED App

To conduct identity verification, recommend suitable Insurance Product(s), to complete a financial transaction such as collection of premium for the Insurance Product you choose, to remind you to renew any insurance policy or make any payments, or to conduct any other activities in connection with any insurance products availed by you, we may share certain personal and financial information (such as your full name, phone number, email ID, age, gender, location, device information, IP address, KYC data, identity proof or address proof, bank account information, credit card details or other payment mode details) provided by you with authorised third-parties, for instance, the Insurers, our business partners, third party service providers, financial teams/institutions, or postal/ government or regulatory authorities connected with or involved in fulfilment of the said process, if any. This does not include any information collected from e-mails. We may also contact you as part of our customer satisfaction surveys or for market and product research purposes.

We may use the information collected to perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems, to conduct data analysis, testing and research and to monitor and analyse usage and activity trends. We process this personal information for these purposes given our legitimate interest in improving the CRED App and its services.

In order to expand the scope of our services, we may from time to time, seek additional information from you. Any such collection of additional information and documents shall be subject to an explicit & purpose specific consent sought from all Users.

CRED Insurance will securely store account details for each of your credit card, bank accounts, and other payment mode details including your sign-in user name and authorisation tokens for tracked accounts. This information will be used to enable CRED Insurance to enable automatic access to analyze, extract, and store information securely from such accounts for use on CRED Insurance.

2.2 Safety, security and resolution of issues

We may use your personal information, created as part of your use of the CRED App, to ensure that your access and use of the DASPL Services and CRED Money is in compliance with our legal obligations (such as anti-money laundering regulations). We may share such information, with our Insurers, advisors, third party service partners and providers for a seamless experience for you.

We may use the information to create and maintain a safe environment and use the same to detect and prevent fraud, spam, abuse, security incidents and other harmful activity.

We use the information we collect (including recordings of customer support calls) to assist you when you contact our customer support services to investigate and resolve your queries, monitor and improve our customer support responses. Certain online transactions may involve us calling you. This may also involve online chats. Please be aware that it is our general practice to monitor and in some cases record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.

We intend to protect your personal information and to maintain its accuracy as confirmed by you. We implement reasonable physical, administrative, and technical safeguards to help us protect your personal information from unauthorised access, use, and disclosure. For example, we encrypt all sensitive personal information such as credit card information when we transmit such information over the internet. We also require that our commercial partners and vendors protect such information from unauthorised access, use, and disclosure.

We blend security at multiple steps within our products in the CRED App with state of the art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us to defend our systems ranging from low hanging issue up to sophisticated attacks. You can read more about CRED’s security on the CRED App (including our DASPL Services) here

We are committed to protecting your data. If you are a security enthusiast or a researcher and you have found a possible security vulnerability on our products, we encourage you to report the issue to us responsibly. You could submit a bug report to us at security@daspl.co.inwith detailed steps required to reproduce the vulnerability. We shall put best of our efforts to investigate and fix the legitimate issues in a reasonable time frame, meanwhile, requesting you not to publicly disclose it.

2.2 Sharing and Disclosure of data with Third Parties

As required by law, at times we might be required to disclose your personal information including personal, transactional and financial information to Insurers, relevant regulatory, governmental, judicial, or quasi-judicial authorities and also to our advisors such as law firms and audit firms while responding to request from the regulatory authorities. In some cases, when we believe that such disclosure is necessary to protect our rights, or the rights of others, or to comply with a judicial proceeding, court order, or legal process served on our website/app we would share such information pursuant to a lawful request from law enforcement agencies.

Insurance Products offered through CRED Insurance are offered in partnership with Insurers and other commercial partners of DASPL. While availing such Insurance Products, any data shared by you as well as the data collected from your use of CRED Insurance shall be shared with the Insurers and other commercial partners of DASPL with whom DASPL has partnered. Their use of this data shall be subject to their terms and conditions and privacy policy which may include sharing of this data with their sub-contractors.

Subject to explicit and prior consent from you, we may use information created by your use of CRED Insurance, not including information collected from other sources such as e-mails etc. for marketing purposes. This consent is purely voluntary and you may at any time choose not to receive marketing materials from us by following the unsubscribe instructions included in each e-mail you may receive, by indicating so when we call you, or by contacting us directly. Further, if you want to remove your.

contact information from all our lists and newsletters, please click on the unsubscribe button on the emailers or send an email request to insurance.support@daspl.co.in.

You further consent to share certain information, including financial information, with CRED’s subsidiaries, affiliate entities and partners for facilitating the provision of products and services, notifying you about offers, marketing programmes, and for development of new products and services or features therein.Subject to explicit and prior consent from you, we may disclose certain information that is created by your use of CRED Insurance and CRED Money to CRED’s subsidiaries, affiliate entities and partners that are not acting as our suppliers or business partners. For the sake of clarity, we do not sell or lease such information.

We may display targeted or non-targeted third party online advertisements on the CRED App. We may also advertise our activities on or provide links to other websites/apps. We may collaborate with other website/app operators as well as network advertisers to do so. We request you to read and understand such concerned third party privacy policies to understand their practices relating to advertising, including what type of information they may collect about your internet usage. No personally identifiable information is shared with any third party online advertiser or website or app as part of any such activity. DASPL does not provide any information relating to your usage to such website operators or network advertisers.During your use of CRED Insurance, you may come across links to third party websites/apps that are not affiliated with CRED / DASPL. DASPL and other CRED Group Entities are not responsible for the privacy practices or the content of those other websites, or for any acts/ omissions by such third parties in the course of your transaction with them.

3. Retention of Information and Data Storage

No data or information pertaining to the user is collected by DASPL, other than information collected to facilitate CRED Money and DASPL Services on CRED Insurance. We will only retain your data for as long as it is necessary to fulfil the purposes outlined in the Terms of Use or the purposes of which you have otherwise been informed. Moreover, any such information collected for enhancing customer experience is not retained beyond the reasonable period as permitted under the Applicable Laws. If you have revoked your consent, we may retain certain data for audit purposes or as required under Applicable Laws.

As a part of the application process for any Insurance Product, DASPL may share the data previously provided by you with the Insurer(s). You may also have to provide additional information as a part of the application process. Any information provided specifically for the purpose of accessing Insurance Products or generated upon successfully receiving the insurance policy and other services from the Insurers, will be retained to the extent required by DASPL to carry out its obligations as a corporate agent as set out in its contracts with the Insurer(s).

In respect of the information specifically provided as a part of the application process for Insurance Products, DASPL & the Insurers shall collectively decide and abide by the mutual understanding arrived at on matters regarding the storage of customer data including the type of data that can be stored, the length of time for which data can be stored, restrictions on the use of data, data destruction protocol, standards for handling security breach etc.

All data shall be stored in servers located within India.

You may revoke access to various access permissions such as contacts permission and SMS permission through the app settings or similar function of your mobile operating system. You may also request deletion of your data or revoke accessthrough the CRED App or we can be reached using the contact information on our “Contact Us” page. Provided however, DASPL as a corporate agent and the Insurers may still retain data as required under applicable law and to the extent that any insurance policies are live under any Insurance Products.

4. Cookies

We use data collection devices such as “cookies”, etc. on certain parts of CRED Insurance to help analyse the DASPL Services, user interaction with CRED Insurance, measure promotional effectiveness, and promote trust and safety. For the sake of clarity, “cookies” are small files placed on your device hard-drive/storage that assist us in providing the services offered through CRED Insurance. Please be informed that we offer certain features via CRED Insurance that are only available through the use of a “cookie

We also use cookies to allow you to enter a particular password less frequently during a session. Cookies also help us obtain information that assists us in curating the Services more targeted to your interests. You are always free to decline our cookies if your device permits, although in that case you may not be able to use certain features on CRED Insurance and you may be required to provide a password more frequently during a session.

5. Changes to Privacy Policy

DASPL reserves the right to change this policy from time to time. Any changes shall be effective immediately upon the posting of the revised Privacy Policy. We encourage you to periodically review this page for latest information on our privacy practices.

6. Privacy Questions and Access

If you have questions, concerns, or suggestions regarding our Privacy Policy, we can be reached using the contact information on our “Contact Us” page or at insurance.support@daspl.co.in.In certain cases, you may have the ability to view or edit your personal information online. In the event your information is not accessible online and you wish to obtain a copy of particular information you provided to us, or if you become aware the information is incorrect and you would like us to correct it, please contact us immediately.

Before we are able to provide you with any information or correct any inaccuracies, however, we may ask you to verify your identity and to provide other details to ascertain your identity and to help us to respond to your request. We will contact you within 30 days of your request.

7. Compliances

We have implemented required systems, policies, and procedures in order to maintain industry standard best practices and applicable controls.

DASPL’s use of information received from Google APIs will adhere to Google API Services User Data Policy including the Limited Use requirements.

8. Grievance Redressal Officer

In the event that you have a grievance regarding our privacy policy or data usage practices, you may reach out to our Grievance Redressal Officer any time at grievance@daspl.co.in. Our Grievance Redressal Officer will redress your grievances within one month from the date of receipt of your grievance.