Dwinger Private Limited (formerly Dwinger Securities and Financial Services Limited) (“Dwinger”) is a Non-Deposit Taking Non-Banking Finance Company registered with the Reserve Bank of India (“RBI”). The Company is presently in the business of providing short-term loans and advances.

These principles of Processing the Clients’ Personal Data (hereinafter also referred to as “principles”) describe how we, Dwinger (hereinafter also referred to as “we,” “us,” or “our”), process Personal Data of our Clients and any other Data Principals (hereinafter also referred to as “you”) in relation to the services and products we offer. These principles apply if you use, have used, have expressed an intention to use, or are in any other way related to our products or services, or in case you have expressed your wish to receive any information about our products or services.

1. Definitions

• Client – A natural person who uses, has used, or has expressed an intention to use the products or services offered by Dwinger or expressed a wish to receive information about Dwinger’s products or services.
• Contract – A contract concluded between Dwinger and the Client.
• Data Protection Regulations – Any applicable laws and regulations regulating the processing of Personal Data, namely the Digital Data Protection (DPDP) Act 2023.
• Data Principal – A natural person to whom personal data relates.
• Dwinger – Dwinger Private Limited, bearing CIN: U51109WB1995PTC069849, with Head office address situated at 19/837, Sector-19, Indiranagar, Lucknow, Uttar Pradesh – 226016, India; phone: {phone}; e-mail: {email}.
• Multitude Group – Dwinger Agents Private Limited together with companies in which the majority shareholder is directly or indirectly Dwinger’s parent undertaking, Multitude AG (Registry Code CHE-455.352.012) (Grafenauweg 8, 6300 Zug, Switzerland).
• Personal Data – Any information about an individual who is identifiable by or in relation to such data.
• Processing – Any operation or set of operations performed on Personal Data, whether by automated means or not, such as collection, recording, organisation, structuring, storing, adaptation, alteration, retrieval, use, alignment or combination, indexing, disclosure by transmission, granting access to, making enquiries, transfer, viewing, restriction, erasure, destruction, etc.

2. Data Fiduciary

• Dwinger Agents Private Limited is responsible for the Processing of your Personal Data and, for those reasons, is the data fiduciary. As Dwinger is a company established under the laws of the Republic of India, the Processing of your Personal Data shall be governed by the laws of India.

3. Collecting Your Personal Data

Dwinger Agents Private Limited collects your Personal Data in the following ways:

• Contact and communication data through communications made to us.
• When you apply for a loan or request other services or products from us, you provide your Personal Data directly to us or through an authorized third-party loan service provider. We also collect Personal Data from external sources, including but not limited to public and private registers used to identify and verify your identity and perform credit and risk assessments.

4. Personal Data Processed

Given the financial nature of our services and products, Dwinger processes Personal Data for the following purposes:

• Concluding and performing the Contract with our Client, including identity verification and credit/risk assessments.
• Compliance with legal obligations such as anti-money laundering (AML) and terrorist financing regulations (KYC verification). 
• Safeguarding our rights, including establishing, exercising, and defending legal claims. 
• Assessing and improving service quality, customer support, and product offerings. 
• Evaluating potential service providers and enhancing our service quality. 
• Internal records and statistical analysis. 
• Website security to ensure a safe and secure interaction with our systems. 
• Ensuring the best user experience. 
• Fulfilling any other purposes specified at the time of data collection. For these purposes, Dwinger processes the following Personal Data: Identification data (e.g., name, personal ID, date of birth, nationality, ID document copies, facial recognition data, voice, picture, signature, address).
• Contact data (e.g., address, phone number, email, preferred language).
• Banking data (e.g., bank ID, account details, transaction history, with consent).
• Professional data (e.g., employer details, job title, work history).
• Financial data (e.g., salary, assets, liabilities, tax details).
• Source of funds data (e.g., employer, transaction partners, business activities, income sources).
• Creditworthiness data (e.g., payment history, past damages, AML compliance, politically exposed person status).
• Legal compliance data (e.g., responses to official inquiries from authorities, tax offices, courts, RBI).
• Communications data (e.g., emails, call recordings).
• Product/service-related data (e.g., contract performance, transactions, applications, complaints).

5. Automated Decision-Making and Profiling

• Dwinger employs automated decision-making and profiling to determine whether a Client’s application for products or services is approved or rejected. 
• Decisions are based on application data, external data sources, prior payment behavior, and financial history. No sensitive personal data, such as health or genetic information, is processed. 
• Automated decision-making is essential for contract execution, identity verification, creditworthiness assessment, fraud prevention, and AML compliance. 
• As decisions are automated, some Clients may not qualify for our products or services. We continuously test our models to ensure fairness, effectiveness, and accuracy. If you wish to contest an automated decision, please contact us as outlined in Section 10.
• Dwinger uses profiling to assess financial stability and determine eligibility for enhanced credit offers or additional products. However, this does not affect existing contracts, and Clients can independently apply for new financial services.

6. Disclosing Personal Data

• Due to the financial nature of Dwinger’s products and services, we may share Personal Data for transaction processing, customer account maintenance, and regulatory reporting. 
• Personal Data is shared only with trusted and vetted partners, legal entities, and third parties required by law. 
• Dwinger may disclose Personal Data to:
• Business partners offering co-branded products/services.
• Data processors (e.g., legal advisors, marketing firms, data storage providers, IT services).
• Credit reference agencies conducting creditworthiness checks.
• Regulatory bodies and law enforcement agencies when required by law.

For further details on data processing, security, and your rights, please refer to our official privacy policy or contact us at pooja@dwingeragents.com.