Privacy Policy

Dreamplug Advisory Solutions Pvt. Ltd.

We at DASPL i.e. Dreamplug Advisory Services Private Limited and the CRED Group Entities, (“the Company/DASPL/We/Us”) are committed to protecting the privacy and security of your personal information. Your privacy is important to us and maintaining your trust is paramount.

TThis Privacy Policy explains how we collect, use, process and disclose information about you. By using our website/app and affiliated services, you consent to the terms of our privacy policy (“Privacy Policy”) in addition to our Terms of Use (Terms of Use). We encourage you to read this Privacy Policy regarding the collection, use, and disclosure of your information from time to time to keep yourself up to date with the changes & updates that we make to this Policy

This Privacy Policy describes our privacy practices for all websites, products and services that are linked to or provided by us. However, this policy does not apply to those affiliates and partners that have their own privacy policy. In such situations, we recommend that you read the privacy policy on the applicable site. Any capitalised terms not defined hereunder shall hold the same definition as provided under the Insurance On-boarding Terms of Use.

1. Information we collect

The following information is collected by or on behalf of DASPL.
1.1 Information You provide us

When you start using the CRED App and any of its products, we ask you to provide certain information as part of the registration process, and in the course of your interface with the CRED App and its products. We will collect this information through various means and in various places through the CRED App or its products, including account registration forms, contact us forms, when availing of any products of the CRED App, or when you otherwise interact with the CRED App, including at customer support.

By submitting information through our platform, you confirm that you are either providing your own information or that you possess the necessary authority or consent to provide the information of third parties.

At the time of registration for the CRED App, we ask for the following personal information: Name (First Name, Last Name); Mobile Number; Email ID; Date of Birth; PAN Card. At the time of registration for any of the products or services on the CRED App, we may ask for your vehicle registration number and ownership details, identity proof documents.

When you choose to explore or avail specific products, we require additional information:

For Loan Against Mutual Funds/ Securities (LAS):

To enable this seamless process and determine your loan eligibility, we require access to your

Both DASPL and our partners are bound by strict confidentiality obligations to ensure your data is protected and not used for any other purpose.

For CRED Insurance:

We may explicitly seek additional information including address, payment or banking information, credit score, credit/debit card details, vehicle registration number and other vehicle information, driving license number, any other governmental identification numbers or documents, financial information including as defined under Master Direction - Non-Banking Financial Company - Account Aggregator (Reserve Bank) Directions, 2016 and any other information specific to the products / services being availed. You may choose to provide such information if you wish to use the DASPL Services or any other products or services provided by the CRED App.

We will also maintain a record of the information you provide to us or CRED when using customer support services and other related activities. However, we do not provide this information to any third party without your permission, or utilize the same for any purposes not set out hereunder.

From time to time, during your use of the CRED App, or CRED Insurance, DASPL may require access to certain additional information such as SMS and contact details. Prior to accessing any such additional information, explicit consent shall be sought from you. Please note that even after consent has been provided by you, we only read transactional or promotional SMS and do not open, access or read any personal SMS.

Where you opt to provide device permissions such as contact list access, storage access including image and other media files, location and/or NFC access permission, CRED may collect data from the same, store it in compliance with privacy laws in India and utilize the same for providing various services. You retain the right to revoke the aforementioned access by updating access permissions within your device's settings.

Certain features may be restricted, unavailable or unusable if you choose not to provide certain information. For example: You may not be able to complete availing an insurance policy if you choose to not verify your KYC details.

For Loan Against Mutual Funds/Securities (LAS), we use data to assess your portfolio for significant market fluctuations that may impact your loan to value (LTV) and to ensure that your pledged securities are not liquidated without your acknowledgement, except as required by law or the terms of the loan agreement. By explicitly consenting, you authorize DASPL to fetch your portfolio and transactional data for the sole purpose of providing the Loan Against Mutual Funds/Securities (LAS) product and ensuring service stability

1.2 Information created when You use Our Services

We collect information relating to your use of our Loan Against Mutual Funds/ Securities (LAS), it includes details of the loan you avail, such as the final loan amount, interest rate, tenure, EMI schedule, and the specific Mutual Funds you choose to pledge as collateral, dynamic information related to your active loan, such as limit re-assessments if the market value of your pledged securities changes, your repayment history, and the overall status of your loan account

For CRED Insurance, we collect your transaction details related to your use of our DASPL Services including the type of services you requested, the payment method, amount and other related transactional and financial information. Further, when you visit CRED Insurance, we may log certain information such as your IP address, browser type, mobile operating system, manufacturer and model of your mobile device, geolocation, preferred language, access time, and time spent. We will also collect information about the pages you view within the CRED App and other actions you take while visiting CRED Insurance.

1.3 Information We Collect from Third Parties

To initiate your Loan Against Mutual Funds/ Securities (LAS) application, you grant us explicit consent typically through an OTP verification authorizing us to securely retrieve your investment data directly from regulated Mutual Fund Registrar and Transfer Agents (MF-RTAs) like MF Central. This data consists of your consolidated Statement of Holdings (SoH), which details your mutual fund schemes, the number of units you hold, and their current market value. This information is used for the sole and exclusive purpose of assessing your portfolio to determine your loan eligibility and calculate the precise credit limit we can offer.

For CRED Insurance, we may, on your consent, request certain third parties to provide information about you to further personalize your experience on CRED Insurance, and provide certain services that cannot be accessed by all users of CRED Insurance. We may also access details about vehicles registered by You (including corresponding challans) which are publicly available on the government Parivahan services or otherwise, via third party service providers. We may also require you to verify the above details when you access CRED Insurance or other products of the CRED App. You may also verify / confirm the data from the government Parivahan services. You understand that we may collect or update your personal information from government agencies, publicly available information, or controlled authorities such as KYC registration services.

In order to access CRED Insurance, you will be required to complete KYC processes, complete insurance application journey and share information required therein to avail the Insurance from the relevant Insurer. This may also be required to complete an on-boarding journey with our insurance partners, which may involve DASPL (directly or via CRED, the Insurers, and third party service providers) fetching your KYC data from one or more KYC registers.

If you choose to link and connect your email account and SMS with CRED, DASPL may access the same for purposes including collecting your insurance policy premium payments, expiry dates, renewal dates, RC and other vehicle details, and other financial or transactional information to be able to do the following.

DASPL’s access to the email account(s) is authorized through the email provider’s access mechanism. If you permit DASPL to track your accounts (via the CRED), the CRED website/App will securely store all details for each of your email accounts, including your sign-in user name and authorisation tokens for tracked accounts.

You can choose to enable us to access one or more of your email accounts by explicitly consenting to each single account separately. Please note that your consent to any of the above is purely voluntary. You can de-link the access to your email any time you wish.

We only read emails related to your insurance products such as policy issuance confirmation, policy documents and other policy details, expiry / renewal dates and reminders, biller details etc. and do not open, read or access any personal e-mails. For the sake of clarity, DASPL employs automated processes for accessing and analysing information provided by you; where we may need to use our algorithm to access a password-protected document utilizing information provided by you. For further information on how we process email and the security protocol we follow click here.

We may receive additional information about you, such as information to help detect fraud and safety issues, from third party service providers and/or partners, and combine it with information we have about you. We may receive information about you and your activities through partnerships, or about your experiences and interactions from our partner ad networks.

2. How We Use the Information we collect

We may use, store and process the information provided by you to (1) improve the services offered through our platform, including CRED Insurance, CRED Money and Loan Against Mutual Funds/Securities (LAS), (2) create and maintain a trusted and safe environment on our platform (such as complying with our legal obligations and compliance with our policies) and (3) provide, personalise, measure and improve our products and services.

The information collected through different channels such as contact list access, vehicle details, insurance details, storage access including image and other media files, location and/or NFC access, allows us to collect statistics about our website/app usage and effectiveness, personalise the experience for the users of the CRED App / website, as well as to customize our interactions with you and to enhance the scope of the services provided. The following paragraphs describe in more detail how we use your personal information.

2.1 Providing, understanding and improving service offered through the CRED Insurance, Loan Against Mutual Funds/ Securities (LAS) and CRED Money

Any information provided by you in the CRED App will be used for execution of the contract of services via the CRED App including enabling you to use CRED Insurance, Loan Against Mutual Funds/Securities (LAS) and CRED Money, in legitimate business interests, and for regulatory compliance purposes, authenticating and processing your transaction(s) or for any other purposes for which you have granted access to such information to us, based on your interaction with the CRED App. CRED Insurance will securely store account details for each of your credit card, bank accounts, and other payment mode details including your sign-in user name and authorisation tokens for tracked accounts. This information will be used to enable CRED Insurance to enable automatic access to analyze, extract, and store information securely from such accounts for use on CRED Insurance

To conduct identity verification, recommend suitable Insurance Product(s), to complete a financial transaction such as collection of premium for the Insurance Product you choose, to remind you to renew any insurance policy or make any payments, or to conduct any other activities in connection with any insurance products availed by you, we may share certain personal and financial information (such as your full name, phone number, email ID, age, gender, location, device information, IP address, KYC data, identity proof or address proof, bank account information, credit card details or other payment mode details) provided by you with authorised third-parties, for instance, the Insurers, our business partners, third party service providers, financial teams/institutions, or postal/ government or regulatory authorities connected with or involved in fulfilment of the said process, if any. This does not include any information collected from e-mails. We may also contact you as part of our customer satisfaction surveys or for market and product research purposes.

For Loan Against Mutual Funds/Securities (LAS), to facilitate your loan application from start to finish, which includes verifying your identity using your PAN, securely fetching your investment portfolio from Mutual Fund Registrar and Transfer Agents (MF-RTAs) upon your consent, calculating your loan eligibility and credit limit, facilitating the secure pledging of your securities, and processing your loan application through to final disbursal, we may share certain personal and financial information (such as your full name, PAN, KYC data, investment portfolio details, and bank account information) provided by you with CRED and its Lending Partner(s) (NBFCs/Banks), other service providers involved in the fulfilment of the said loan process.

We may use the information collected to perform internal operations necessary to provide our services, including to troubleshoot software bugs and operational problems, to conduct data analysis, testing and research and to monitor and analyse usage and activity trends. We process this personal information for these purposes given our legitimate interest in improving the CRED App and its services.

In order to expand the scope of our services, we may from time to time, seek additional information from you. Any such collection of additional information and documents shall be subject to an explicit & purpose specific consent sought from all Users.

2.2 Safety, security and resolution of issues

We may use your personal information, created as part of your use of the CRED App, to ensure that your access and use of the DASPL Services and CRED Money is in compliance with our legal obligations (such as anti-money laundering regulations). For the Loan Against Mutual Funds/Securities (LAS) service, this includes using data to fetch your portfolio for significant market fluctuations that may impact your loan and to ensure your securities are managed in accordance with the loan offerings and applicable regulations. We may share such information with our Insurers, lending partners, advisors, third party service partners and providers for a seamless experience for you.

We may also use the information to create and maintain a safe environment and use the same to detect and prevent fraud, spam, abuse, security incidents and other harmful activity.

We use the information we collect (including recordings of customer support calls) to assist you when you contact our customer support services to investigate and resolve your queries, monitor and improve our customer support responses. Certain online transactions may involve us calling you. This may also involve online chats. Please be aware that it is our general practice to monitor and in some cases record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.

We intend to protect your personal information and to maintain its accuracy as confirmed by you. We implement reasonable physical, administrative, and technical safeguards to help us protect your personal information from unauthorised access, use, and disclosure. For example, we encrypt all sensitive personal information such as credit card information when we transmit such information over the internet. We also require that our commercial partners and vendors protect such information from unauthorised access, use, and disclosure.

We blend security at multiple steps within our products in the CRED App with state of the art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us to defend our systems ranging from low hanging issues up to sophisticated attacks. You can read more about CRED’s security on the CRED App (including our DASPL Services)here

We are committed to protecting your data. If you are a security enthusiast or a researcher and you have found a possible security vulnerability on our products, we encourage you to report the issue to us responsibly. You could submit a bug report to us at security@daspl.co.in with detailed steps required to reproduce the vulnerability. We shall put best of our efforts to investigate and fix the legitimate issues in a reasonable time frame, meanwhile, requesting you not to publicly disclose it.

2.3 Sharing and Disclosure of data with Third Parties

As required by law, at times we might be required to disclose your personal information including personal, transactional and financial information to Insurers, our lending partners, relevant regulatory, governmental, judicial, or quasi-judicial authorities and also to our advisors such as law firms and audit firms while responding to request from the regulatory authorities. In some cases, when we believe that such disclosure is necessary to protect our rights, or the rights of others, or to comply with a judicial proceeding, court order, or legal process served on our website/app we would share such information pursuant to a lawful request from law enforcement agencies.

Insurance Products offered through CRED Insurance are offered in partnership with Insurers and other commercial partners of DASPL. While availing such Insurance Products, any data shared by you as well as the data collected from your use of CRED Insurance shall be shared with the Insurers and other commercial partners of DASPL with whom DASPL has partnered.

Their use of this data shall be subject to their terms and conditions and privacy policy which may include sharing of this data with their sub-contractors.

Subject to explicit and prior consent from you, we may use information created by your use of CRED Insurance, not including information collected from other sources such as e-mails etc. for marketing purposes. This consent is purely voluntary and you may at any time choose not to receive marketing materials from us by following the unsubscribe instructions included in each e-mail you may receive, by indicating so when we call you, or by contacting us directly.

For Loan Against Mutual Fund/Securities (LAS), your personal and financial information, including investment portfolio data fetched from MF Central, is shared with CRED and our regulated lending partner(s) (NBFCs/Banks) only after your explicit consent and solely for the purpose of managing your loan journey. Similarly, your PAN and contact details are shared with MF-RTAs to fetch your investment portfolio after obtaining your explicit consent. These parties are bound by strict confidentiality obligations.

Further, if you want to remove your contact information from all our lists and newsletters, please click on the unsubscribe button on the emailers or send an email request to insurance.support@daspl.co.in

Subject to explicit and prior consent from you, we may disclose certain information including information that is created by your use of CRED Insurance and CRED Money to CRED’s subsidiaries, affiliate entities and partners that are not acting as our suppliers or business partners. For the sake of clarity, we do not sell or lease such information.

We may display targeted or non-targeted third party online advertisements on the CRED App. We may also advertise our activities on or provide links to other websites/apps. We may collaborate with other website/app operators as well as network advertisers to do so.

We request you to read and understand such concerned third party privacy policies to understand their practices relating to advertising, including what type of information they may collect about your internet usage. No personally identifiable information is shared with any third party online advertiser or website or app as part of any such activity. DASPL does not provide any information relating to your usage to such website operators or network advertisers.During your use of CRED Insurance, you may come across links to third party websites/apps that are not affiliated with CRED / DASPL. DASPL and other CRED Group Entities are not responsible for the privacy practices or the content of those other websites, or for any acts/ omissions by such third parties in the course of your transaction with them.

3.Retention of Information and Data Storage

DASPL collects only such information as is necessary to facilitate CRED Money, Loan Against Mutual Funds/Securities (LAS), and other DASPL Services on the CRED App.

For Loan Against Mutual Funds/ Securities (LAS), any investment portfolio 'Data' fetched from MF Central on your behalf is stored and retained only in accordance with the contractual obligations with our partners and as required by Applicable laws.

As a part of the application process for any Insurance Product, DASPL may share the data previously provided by you with the Insurer(s). You may also have to provide additional information as a part of the application process. Any information provided specifically for the purpose of accessing Insurance Products or generated upon successfully receiving the insurance policy and other services from the Insurers, will be retained to the extent required by DASPL to carry out its obligations as a corporate agent as set out in its contracts with the Insurer(s).

In respect of the information specifically provided as a part of the application process for Insurance Products, DASPL & the Insurers shall collectively decide and abide by the mutual understanding arrived at on matters regarding the storage of customer data including the type of data that can be stored, the length of time for which data can be stored, restrictions on the use of data, data destruction protocol, standards for handling security breach etc.

Moreover, any such information collected for enhancing customer experience is not retained beyond the reasonable period as permitted under the Applicable Laws. If you have revoked your consent, we may retain certain data for audit purposes or as required under Applicable Laws.

All data shall be stored in servers located within India.

You may revoke access to various access permissions such as contacts permission and SMS permission through the app settings or similar function of your mobile operating system. You may also request deletion of your data or revoke access through the CRED App or we can be reached using the contact information on our “Contact Us” page. Provided, however, that notwithstanding such a request, we may be required to retain certain transactional and account data in order to comply with our legal and regulatory obligations, both in our capacity as a corporate agent for insurance products and as a SEBI-registered Investment Adviser in relation to mutual fund investment services under the Loan Against Mutual Funds/Securities (LAS) product

4. Cookies

We use data collection technologies such as cookies on certain parts of CRED Insurance to analyse service usage, understand user interactions, measure promotional effectiveness, and enhance trust and safety. For clarity, cookies are small files placed on your device’s storage that help us deliver and improve the services offered through CRED Insurance. Certain features are only available through the use of cookies. For example, cookies allow you to enter your password less frequently during a session and enable us to curate services that are better aligned with your interests.

You may choose to decline cookies if your device permits; however, this may limit your ability to use certain features on CRED Insurance , and you may be required to re-enter your password more frequently.

5. Changes to Privacy Policy

DASPL reserves the right to change this policy from time to time. Any changes shall be effective immediately upon the posting of the revised Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices.

6. Privacy Questions and Access

If you have questions, concerns, or suggestions regarding our Privacy Policy, we can be reached using the contact information on our “Contact Us” page or at insurance.support@daspl.co.infor CRED Insurance and support@cred.club for Loan Against Mutual Funds/ Securities (LAS). In certain cases, you may have the ability to view or edit your personal information online. In the event your information is not accessible online and you wish to obtain a copy of particular information you provided to us, or if you become aware the information is incorrect and you would like us to correct it, please contact us immediately.

Before we are able to provide you with any information or correct any inaccuracies, however, we may ask you to verify your identity and to provide other details to ascertain your identity and to help us to respond to your request. We will contact you within 30 days of your request.

7. Compliances

We have implemented required systems, policies, and procedures in order to maintain industry standard best practices and applicable controls.

DASPL’s use of information received from Google APIs will adhere toGoogle API Services User Data Policy including the Limited Use requirements.

8. Grievance Redressal Officer

In the event that you have a grievance regarding our privacy policy or data usage practices, you may reach out to our Grievance Redressal Officer any time at grievance@daspl.co.in Our Grievance Redressal Officer will redress your grievances within one month from the date of receipt of your grievance.