NEXORA FINANCE GROUP Effective Date: October 24, 2025 Last Updated: October 24, 2025 PRIVACY POLICY:

1. INTRODUCTION AND COMMITMENT TO PRIVACY

Nexora Finance Group (“Firm,” “we,” “us,” “our”) is a proprietorship firm registered  in India, which operates through the website being www.nexorafinancegroup.com (hereinafter referred to as  “Site”) and  is engaged in the business  of loan facilitation services as a Lending Service Provider (hereinafter referred to as “LSP”) for our regulated lending partners (hereinafter referred to as “Lenders”). We are committed to protecting the privacy and security of the personal data of our users (“Individual”, “User,” “you,” “your”). This Privacy Policy (hereinafter referred to as “Policy”) provides a detailed account of our practices and procedures regarding the collection, use, processing, storage, disclosure, and protection of your personal information. This Policy explains how we collect, use, process, disclose and safeguard your personal data while using our site and our curated loan facilitation services (hereinafter collectively referred to as “Services”).We are committed to protecting your privacy and ensuring the security of your personal data in compliance with the Digital Personal Data Protection Act 2023 including the Information Technology Act, 2000, and its rules, specifically the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 and other applicable Indian laws and regulatory guidelines issued by the Reserve Bank of India from time to time. By accessing our Site and voluntarily providing your personal data and information, an Individual affirms his / her   explicit and informed consent to the terms outlined in this Policy.

2. DEFINITIONS

• “Personal Data“ means any information and / or data that relates to a natural person, which, either directly or indirectly, in combination with other information available or likely to be available with us, is capable of identifying such person.
• “Sensitive Personal Data or Information” (hereinafter referred to as “SPDI”) includes information such as passwords, financial information (like Bank account, credit card, debit card, or other payment instrument details), and any other information deemed sensitive under the IT Rules, 2011. Your Permanent Account number is treated with the same level of security as SPDI.
• “Financial Partners” refers to the network of regulated entities, including Banks and Non-Banking Financial Companies (NBFCs), with whom we have partnered.
• “Data Principal” refers to the user and / or the individual herein whose sensitive and personal data is processed.
• “Data Fiduciary” refers to the entity which determines the loan processing purpose, which is often our lending partner or us.
• “Data Processor” refers to an entity which processes data on behalf of a data fiduciary.
• “Consent” refers to a clear and specific indication of the User’s agreement with the terms and policies of this proprietorship firm.
• “Individual” refers to the person who uses and accesses our site to avail credit facilities from lending institutions and / or financial partners.

 

3. WHAT INFORMATION / DATA WE COLLECT (DATA MINIMIZATION PRINCIPLE)

We adhere to the principle of data minimization and collect only the information that is strictly necessary to provide our services of loan facilitation, adhering to Reserve Bank of India guidelines and the DPDP Act. Upon registration, we collect the following Personal Information:

•  Personal Identification Data: Such as full name, date of birth, Permanent Account Number of the Individual and AADHAR details. Such details so obtained from the Individual may be used for KYC confirmation by us or our Lenders.
• Financial & Credit Information: Including bank details, income details and credit reports from Credit Information Companies.
• Employment Details: Information about Individual’s occupation, name of Employer and place of employment.
• Contact Data: A verifiable mobile phone number and a valid email address.

       We specifically state that we do not access Individual’s mobile phone resources like contact lists or media. Camera, microphone or location access for a one-time KYC may be requested with Individual’s prior consent. We do not store biometric data. .

4. HOW DO WE COLLECT YOUR INFORMATION:

  Required information of the Individual’s private information is collected through:

• Directly from the Individual – When Individual uses or accesses our online site or communicate with us.

• From Third Parties – Including our lending partners, credit information companies and other service providers.

• Automated means – Via cookies and similar technologies for data / information usage.

       

5. LEGAL BASIS AND PURPOSE OF DATA COLLECTION AND PROCESSING

Our legal basis for collecting and processing Individual’s Personal Information is that individual’s explicit consent, provided at the time of registration. The information is collected for the sole and specific purpose of:

• Facilitating Loan Inquiries: To act as a service provider by securely transmitting Individual’s Identity, Contact, and Financial Data to our Financial Partners to enable them to process applications, assess Individual’s creditworthiness, verify identity, eligibility for loan products and facilitate credit disbursal.
• Legal & Regulatory Compliance: To meet the regulatory requirements from RBI and compliance under PMLA Act and DPDP Act and to respond to legal requests, if any.
• Enabling Communication: To allow our Financial Partners to communicate with the Individual directly regarding your loan inquiry.
• Internal Record Keeping: For maintaining records as required by law and for internal administrative purposes.
• Service Improvement: To analyse usage of our services and enhance the efficiency and timely delivery of our services.
• Fraud Prevention: To detect and prevent fraudulent activities.

We will not use Individual’s Personal Information for any purpose other than that for which Individual’s explicit consent has been obtained.

6. CONSENT MECHANISM

Individual’s consent is obtained through a clear affirmative action. Before you submit your information and make the one-time registration payment of Rs. 360/- (Rupees Three Hundred Sixty only), Individual will be required to check a box that explicitly states: “I have read and agree to the Terms and Conditions and the Privacy Policy. I hereby provide my explicit consent to Nexora Finance Group to collect, process, and share my Name, Email, Phone Number, and PAN with its network of banks and NBFCs for the purpose of evaluating my eligibility for a loan.”

7. DATA DISCLOSURE AND ONWARD TRANSFER

We do not disclose Individual’s data and / or personal information without explicit consent, except in specific situations. Sharing of Individual’s data and / or personal information may occur with:

• To Financial Partners: Individual acknowledges that the core of our services involves the disclosure and transfer of your Personal Information to multiple Financial Partners for loan processing, sanctioning and reporting.

• To Legal Authorities: We may disclose your Personal Information if required to do so by law or in the good faith belief that such action is necessary to (a) comply with  legal obligations, if any; (b) protect and defend the rights or property of the firm; (c) prevent or investigate possible wrongdoing in connection with the Service; or (d) protect the personal safety of Users of the Service or the public.
• To Service Providers: Third parties assisting with our operations and businesses are contractually bound to protect Individual’s data and / or personal information.
• No Commercial Sale: We do not sell, trade, or rent your Personal Information to third parties for marketing or any other commercial purposes.

.

8. DATA RETENTION POLICY

We will retain Individual’s Personal Information for a period of 180 days from the date of collection, which is necessary to fulfil the purpose for which it was collected, provide our services, resolve disputes, establish legal defences, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws, if any. After this period, Individual’s Personal Information will be securely and permanently deleted from our active systems.

9. YOUR RIGHTS AS A DATA SUBJECT

As a User, the Individual shall have the following rights concerning data and / or personal information:

• Right to Access and Review: Individual can request access to and review the Personal Information we hold about the same Individual by contacting our Grievance Officer.
• Right to Correction: Individual has the right to correct or update any inaccurate or deficient Personal Information.
• Right to Data Erasure: Request deletion of data which are no longer required, subject to legal obligations and compliance, if any.
• Right to Grievance Redressal: Lodge complaints with our Grievance Officer of the Data Protection Board.
• Right to Withdraw Consent: Individual has the right to withdraw consent at any time by writing to our Grievance Officer. Please note that withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Upon withdrawal, we will cease processing your data but may retain it in accordance with Section 7 of the Information Technology Act, 2000.

To exercise these rights, please contact our Grievance Officer.

10. DATA SECURITY PRACTICES

We are committed to protecting Individual’s data and have implemented robust security measures in line with the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, to protect data and / or personal information of the Individual. These measures include:

• Encryption: All data transmitted between Individual’s browser and our Site is encrypted using Transport Layer Security (TLS). Data at rest is also encrypted.
• Data Storage Location: Data of Indian citizens is stored on servers within India, in consonance with Reserve Bank of India guidelines.
• Access Control: We have implemented strict role-based access controls to ensure that only authorized personnel have access to Individual’s Personal Information on a need-to-know basis.
• Regular Audits: We conduct periodic security audits of our infrastructure to identify and patch vulnerabilities.

10. USE OF COOKIES

Cookies are used to improve user experience and analyse traffic. Individual can manage cookies through browser settings, which may impact site functionality.  

11. GRIEVANCE REDRESSAL MECHANISM / CONTACT US:

In accordance with the Information Technology Act, 2000, and the rules made thereunder, a Grievance Officer is appointed to address Individual’s concerns and grievances regarding the processing of Individual’s Personal Information.

• Name of Grievance Officer: Amit Kumar Das
• Designation: Grievance Officer
• Email: info@nexorafinancegroup.com
• Address: Floor No.: GROUND FLOOR Building No./Flat No.: 158 Road/Street: BLOCK-A ,BANGUR AVENUE Nearby Landmark: in the lane of shiv Mandir Locality/Sub Locality: Bangur Avenue City/Town/Village: Kolkata District: North Twenty Four Parganas State: West Bengal PIN Code – 700055

We will acknowledge receipt of your grievance within 24 hours and will resolve it within 15 days from the date of receipt.

12. UPDATES TO THIS PRIVACY POLICY

We reserve the right to update or change our Privacy Policy at any time. We will notify Individual of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top. Individual is advised to review this Privacy Policy periodically for any changes.

12. GOVERNING LAW AND JURISDICTION

This Privacy Policy shall be governed by and construed in accordance with the laws of the Republic of India. Any dispute arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the competent courts in Kolkata, West Bengal.