Apply Now — Free
Instant Rupees Financial Services Pvt. Ltd. Effective Date: April 4, 2025 Last Updated: April 4, 2025

PRIVACY POLICY - INSTANT RUPEES

No paperwork. No branch visit. Just verify your mobile number and get your personalised loan limit instantly. 100% digital, fully secure, available across all 28 states in India.

1. INTRODUCTION

Welcome to Instant Rupees. Instant Rupees Financial Services Pvt. Ltd. ("Instant Rupees", "we", "our", or "us") is an RBI Registered Non-Banking Financial Company (NBFC) incorporated under the Companies Act, 2013, with its registered office in Delhi, Delhi, India. We operate the website www.instantrupees.com and our mobile application (collectively, the "Platform"). We provide personal loan services and related financial products to individuals across India. We understand that your personal and financial information is sensitive. This Privacy Policy explains:
  • What personal data we collect from you
  • Why we collect it and how we use it
  • Who we share it with and under what circumstances
  • How we store and protect your data
  • Your rights as a data principal under applicable Indian law
  • How to contact us with questions or concerns
By accessing or using our Platform, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this Policy, please do not use our Platform or services.  

2. WHO THIS POLICY APPLIES TO

This Privacy Policy applies to:
  • All visitors to our website and mobile application
  • All individuals who register on our Platform
  • All loan applicants, whether or not a loan is ultimately sanctioned
  • All existing and former borrowers
  • Anyone who contacts us through any channel including phone, email, chat, or social media
 

3. INFORMATION WE COLLECT

We collect personal data that is necessary to assess your loan eligibility, process your application, disburse loans, and comply with our legal and regulatory obligations. The categories of data we collect are: 3.1 Information You Provide Directly
  • Identity Information: Full name, date of birth, gender, nationality
  • Contact Information: Mobile number, email address, residential address (current and permanent)
  • Government-Issued Identification: Aadhaar number (last 4 digits only post-verification), PAN card number
  • Employment & Income Details: Employer name, designation, monthly income, employment type (salaried/self-employed/business owner), years of experience
  • Bank Account Details: Bank account number, IFSC code, bank name and branch
  • Loan Preferences: Desired loan amount, purpose of loan, preferred repayment tenure
3.2 Information Collected Through eKYC & Regulatory Processes
  • Aadhaar-Based eKYC: With your explicit consent, we retrieve your name, address, date of birth, and photograph from UIDAI via the Aadhaar OTP-based eKYC process. We do not store your full Aadhaar number.
  • DigiLocker Data: With your explicit consent, we access documents such as PAN card, income tax returns, or salary slips from your DigiLocker account for verification purposes.
  • Account Aggregator Data: With your explicit consent through the RBI-regulated Account Aggregator framework, we retrieve your bank statements to assess your income and repayment capacity.
  • CIBIL / Credit Bureau Data: We access your credit report from licensed credit information bureaus (such as TransUnion CIBIL, Equifax, Experian, or CRIF High Mark) as part of our credit assessment process.
3.3 Information We Collect Automatically When you visit our website or use our mobile app, we may automatically collect:
  • Device Information: Device type, operating system, browser type and version, unique device identifier
  • Usage Data: Pages visited, time spent on each page, links clicked, search terms used
  • Network Information: IP address, internet service provider, approximate geographic location (city/state level)
  • App Permissions (Mobile): We may request access to camera (for selfie verification), microphone (for video KYC if applicable), and storage (for uploading documents if needed). All permissions are requested with your explicit consent and can be withdrawn at any time from your device settings.
  • Cookies and Tracking Technologies: We use cookies and similar technologies for session management, security, analytics, and improving user experience. Please refer to our Cookie Policy section below for more details.
3.4 Information From Third Parties We may receive information about you from:
  • Credit information bureaus (CIBIL, Equifax, Experian, CRIF High Mark)
  • Government databases (UIDAI, Income Tax Department via DigiLocker, MCA)
  • Banking and financial institutions through the Account Aggregator framework
  • Our marketing and referral partners, where you have consented to share your data with them
  • Fraud prevention and identity verification service providers
 

4. HOW WE USE YOUR INFORMATION

We use your personal data for the following specific purposes: 4.1 Loan Processing & Servicing
  • Verifying your identity and eligibility for a personal loan
  • Conducting credit assessment and determining loan amount, interest rate, and tenure
  • Processing your loan application, sanction, and disbursal
  • Managing your loan account — including sending EMI reminders, statements, and repayment confirmations
  • Processing prepayments, part-payments, and foreclosure requests
4.2 Legal & Regulatory Compliance
  • Complying with Know Your Customer (KYC) requirements mandated by RBI
  • Complying with Anti-Money Laundering (AML) and Prevention of Money Laundering Act (PMLA) obligations
  • Reporting to credit information bureaus as required by law
  • Maintaining records as required by the Companies Act, Income Tax Act, GST laws, and other applicable regulations
  • Responding to requests from courts, regulators, law enforcement, or government authorities
4.3 Risk Management & Fraud Prevention
  • Assessing and managing credit risk
  • Detecting, preventing, and investigating fraud, identity theft, and other financial crimes
  • Monitoring transactions for suspicious activity
4.4 Communication & Customer Support
  • Sending you application status updates, loan sanction letters, and repayment schedules
  • Responding to your queries, complaints, and feedback
  • Notifying you of important changes to our services, policies, or terms
  • Sending service-related SMS, email, and push notifications (transactional communications)
4.5 Marketing & Promotional Communications
  • Sending you information about our loan products, offers, and features that may be relevant to you — only with your prior consent
  • Conducting customer satisfaction surveys
  • Personalising your experience on our Platform
You may opt out of marketing communications at any time by clicking the unsubscribe link in our emails, replying STOP to our SMS messages, or contacting us at privacy@instantrupees.com. Opting out of marketing communications will not affect transactional or service-related messages. 4.6 Product Improvement & Analytics
  • Analysing usage patterns to improve our website, app, and loan products
  • Conducting internal research and data analytics
  • Testing and developing new features and services
 

5. LEGAL BASIS FOR PROCESSING YOUR DATA

We process your personal data under the following legal bases as applicable under the Digital Personal Data Protection Act, 2023 (DPDPA) and other applicable laws:
Purpose Legal Basis
Loan application processing Performance of contract / Pre-contractual steps
KYC and identity verification Legal obligation (RBI KYC Master Directions)
Credit bureau reporting Legal obligation
Fraud prevention Legitimate interest / Legal obligation
Marketing communications Your explicit consent
Product analytics Legitimate interest
Regulatory reporting Legal obligation
 
  1. DATA SHARING & DISCLOSURE
We do not sell your personal data to third parties. We may share your data with the following categories of recipients, strictly on a need-to-know basis and under appropriate data protection agreements: 6.1 Regulatory & Government Bodies
  • Reserve Bank of India (RBI)
  • Credit Information Companies (CIBIL, Equifax, Experian, CRIF High Mark)
  • Financial Intelligence Unit - India (FIU-IND)
  • Income Tax Department, GSTN, and other government authorities
  • Courts and law enforcement agencies when required by law
6.2 Service Providers & Technology Partners
  • KYC & eKYC providers: UIDAI-authorised eKYC service providers
  • Account Aggregator partners: RBI-licensed Account Aggregator entities
  • Cloud & infrastructure: Secure cloud storage and hosting providers operating within India
  • Payment & banking partners: Banks and payment gateways for loan disbursal and EMI collection via NACH
  • Analytics providers: Web and app analytics platforms (data processed in anonymised/aggregated form)
  • Communication providers: SMS gateway, email service, and push notification providers
  • Fraud & verification providers: Third-party identity verification and fraud detection services
All our service providers are contractually bound to handle your data securely and use it only for the specific purpose for which it was shared. 6.3 Co-lending & Business Partners If your loan is co-originated or co-lent with a banking or financial institution, relevant loan and identity data will be shared with that partner institution strictly for the purposes of the co-lending arrangement, as permitted under RBI co-lending guidelines. 6.4 Business Transfers In the event of a merger, acquisition, restructuring, or sale of Instant Rupees or its assets, your personal data may be transferred to the acquiring entity. You will be notified of any such change and your data will continue to be protected under terms no less protective than this Privacy Policy. 6.5 With Your Consent We may share your data with any other party with your explicit prior consent.  

7. DATA LOCALISATION & STORAGE

In compliance with RBI guidelines and applicable Indian law:
  • All personal and financial data of Indian users is stored exclusively on servers located within the territory of India.
  • We do not transfer your personal data outside India without your explicit consent and without ensuring adequate data protection safeguards as required under applicable law.
  • Your loan-related data is retained for a minimum period of 8 years from the date of loan closure or last transaction, as required under applicable financial regulations.
  • Marketing and analytics data is retained for a maximum of 3 years or until you withdraw consent, whichever is earlier.
  • Data collected solely for eligibility checks (where no loan is disbursed) is retained for 2 years and then securely deleted.
 

8. DATA SECURITY

We implement and maintain comprehensive technical, organisational, and physical security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction: Technical Measures:
  • 256-bit AES encryption for all data at rest
  • TLS 1.3 encryption for all data in transit
  • Multi-factor authentication for all internal system access
  • Regular penetration testing and vulnerability assessments
  • Intrusion detection and real-time security monitoring systems
  • Secure API integrations with all third-party partners
Organisational Measures:
  • Role-based access control — employees access only the data required for their specific function
  • Mandatory data security and privacy training for all employees
  • Confidentiality agreements with all staff and third-party partners
  • Dedicated Data Protection Officer (DPO) overseeing all data processing activities
  • Documented data breach response and notification procedures
Physical Measures:
  • Restricted access to data centres and server rooms
  • 24×7 security monitoring at all physical infrastructure locations
Despite our best efforts, no data transmission over the internet or electronic storage system can be guaranteed to be 100% secure. In the event of a data breach that is likely to result in risk to your rights or interests, we will notify the appropriate regulatory authority and affected individuals as required by law.  

9. COOKIES POLICY

What Are Cookies? Cookies are small text files stored on your device when you visit a website. They help us recognise you, remember your preferences, and understand how you use our Platform. Types of Cookies We Use
Cookie Type Purpose Duration
Essential Cookies Required for the Platform to function - login sessions, security Session
Functional Cookies Remember your preferences such as language, location 1 year
Analytics Cookies Understand how users interact with our Platform (anonymised data) 2 years
Marketing Cookies Serve relevant ads on third-party platforms (with your consent) 90 days
Managing Cookies You can control and delete cookies through your browser settings at any time. Please note that disabling essential cookies may affect the functionality of our Platform. For marketing cookies, you may also opt out through your device's ad settings or by contacting us.  

10. YOUR RIGHTS AS A DATA PRINCIPAL

Under the Digital Personal Data Protection Act, 2023 (DPDPA) and applicable Indian law, you have the following rights regarding your personal data: 10.1 Right to Access You have the right to request a summary of the personal data we hold about you and information about how it is being processed. 10.2 Right to Correction You have the right to request correction of any inaccurate, incomplete, or outdated personal data we hold about you. 10.3 Right to Erasure You have the right to request deletion of your personal data in certain circumstances — for example, where the data is no longer necessary for the purpose it was collected, or where you withdraw your consent. Please note that this right is subject to our legal and regulatory obligations to retain certain data for specified periods. 10.4 Right to Grievance Redressal You have the right to have your privacy-related complaints and grievances addressed in a timely manner. 10.5 Right to Withdraw Consent Where we process your data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal. 10.6 Right to Nominate Under the DPDPA, you have the right to nominate another individual who can exercise your data rights in the event of your death or incapacity. To exercise any of these rights, please contact us at: 📧 privacy@instantrupees.com. We will respond to all valid requests within 30 days. In complex cases, we may extend this period by an additional 30 days and will inform you accordingly.  

11. CHILDREN'S PRIVACY

Our services are intended solely for individuals who are 18 years of age or older. We do not knowingly collect, process, or store personal data of individuals below the age of 18. If we become aware that we have inadvertently collected personal data from a minor, we will take immediate steps to delete such data from our systems. If you believe that we may have collected data from a minor, please contact us immediately at privacy@instantrupees.com.  

12. THIRD-PARTY LINKS

Our Platform may contain links to third-party websites, apps, or services — including payment gateways, government portals (such as DigiLocker or UIDAI), and social media platforms. This Privacy Policy does not apply to those third-party platforms. We encourage you to read the privacy policies of any third-party platforms you visit. We are not responsible for the privacy practices or content of any external websites or services.  

13. GRIEVANCE OFFICER

In accordance with the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023, we have appointed a Grievance Officer to address your privacy-related concerns:   Grievance Officer Instant Rupees Financial Services Pvt. Ltd. 📧 grievance@instantrupees.com All grievances will be acknowledged within 48 hours and resolved within 30 days of receipt. If you are not satisfied with our response, you may escalate your complaint to the Data Protection Board of India once it is operationalised under the DPDPA, or approach the Reserve Bank of India Ombudsman Scheme for loan-related complaints.  
  1. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or regulatory guidance. When we make material changes, we will:
  • Update the "Last Updated" date at the top of this Policy
  • Display a prominent notice on our website and/or mobile app
  • Notify you via email or SMS where we have your contact details and where the change is significant
We encourage you to review this Privacy Policy periodically. Your continued use of our Platform after any changes constitutes your acknowledgment of the updated Policy.  
  1. CONTACT US
For any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact us: 📧 privacy@instantrupees.com 🌐 www.instantrupees.com/privacy-policy 📍 Instant Rupees Financial Services Pvt. Ltd.  
  1. GOVERNING LAW
This Privacy Policy is governed by and construed in accordance with the laws of the Republic of India, including but not limited to:
  • The Information Technology Act, 2000 and rules made thereunder
  • The Digital Personal Data Protection Act, 2023
  • The Reserve Bank of India Act, 1934 and RBI Master Directions
  • The Prevention of Money Laundering Act, 2002
Any disputes arising out of or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Delhi, Delhi, India. © 2025 Instant Rupees Financial Services Pvt. Ltd. All rights reserved. This Privacy Policy was last reviewed and approved on April 4, 2025. Quick Summary (Plain Language) We collect your name, mobile number, income details, and identity documents only to process your loan. We never sell your data. We store everything securely in India. You can request access, correction, or deletion of your data at any time by emailing us at privacy@instantrupees.com. We follow all RBI and Indian government data protection rules.

Ready to Get Your Personal Loan?

Join 50 lakh+ Indians who got instant funds. Check your eligibility — it's free and takes 30 seconds.

⚡ Check My Loan Limit — Free

Toll-free · Available 24/7 · No spam calls