By accessing the Platform or any of its parts, you indicate your agreement to this Privacy Policy and consent to the processing of your personally identifiable information (Personal Information, Sensitive Personal Data, or Information) by Empire Peak Lending Investors Inc.
(“we” or “our” or “us” or “Peranyo”). This Privacy Policy is integral to and subject to the Terms of Use of the Platform.
Users are strongly advised to thoroughly read this privacy policy. By clicking on buttons such as “login,” “I agree to Peranyo’s privacy policy,” “I agree and consent to the collection, use, disclosure, storage, transfer and/or processing of my personal data for the purpose stated in, and under the terms of, Peranyo’s privacy policy,” or similar statements available on Peranyo’s registration page, you acknowledge that you have read and understood the terms of this privacy policy and have agreed and consented to the collection, use, disclosure, storage, transfer, and/or processing of your personal data as described herein.
For the purposes of this Privacy Policy, users of the Services may be customers/applicants/borrowers/consumers or any other persons using Services or accessing our Platform (“user” or “you” or “your”).
Account
The unique account you create to access our Services or parts of our Services.
Affiliate
An entity that controls, is controlled by, or is jointly controlled by a party, where “control” means ownership of 50% or more of shares, equity, or other securities entitled to vote for directors or other governing bodies.
Application
The software program named “Peranyo” downloaded and used on the device.
Device
Any device that can access the Service, such as a computer, cellphone, or digital tablet.
Personal Data
Any information that relates to an identified or identifiable individual..
Service
Represents the current application.
Service Provider
Any natural or legal person who processes this data on behalf of the Company. Refers to third-party companies or individuals employed by the Company to facilitate the Services or assist in analyzing the use of the Services.
Usage Data
Data collected automatically, generated by using the Services or from the service infrastructure itself.
You
The individual accessing or using the Service or the Company, or another legal entity on whose behalf such individual is accessing or using the Service.
KYC
Know Your Customer, a comprehensive review of the customer to understand the legitimacy of their identity and prevent fraud.
To create an account on the platform, users must provide basic information required for service customization, including:
Device Information
Device brand/model, iOS Version
Used to check the mobile phone operating environment for service security and provide personalized products and services.
Personal Information
Mobile phone number, Basic information: name, ID number, gender, birthday, education, location, etc.
Contact information: Emergency contact name/phone.
Occupation information: Occupational identity, occupation type, industry, monthly income.
Used for mobile phone number login, identifying the real identity of users, and making risk decisions to ensure service security.
Camera
Used solely for photographing document information.
Phone number
Obtained to assist in identifying the user’s identity for account and fund security.
Where possible, mandatory and optional fields are indicated. Users have the option not to provide information by choosing not to use a particular service or feature on the Platform.
We also collect user account data which includes email address and user public profile information like name, photo, ASID depending on the social media or networking platform used by You like Google or Facebook to log-into an app. This information is required as a part of registration process to access our Service and it is also used to auto-populate relevant fields in the course of the interface of the App.
We further collect other identifiable information such as your transactions history on the Platform when you set up a free account with us as further detailed below. While you can browse some sections of our Platform without being a registered member as mentioned above, certain activities (such as availing of loans from the third party lenders on the Platform) require registration and for you to provide the above details.
The Platform will clearly display the personal information it is collecting from you, and you have the option to not provide such personal information. However, this will limit the services provided to you on the Platform.
Information the App collects, and its usage, depends on how you manage your privacy controls on your device. When you install the App, we store the information we collect with unique identifiers tied to the device you are using. We collect information from the device when you download and install the App and explicitly seek permissions from You to get the required information from the device.
The information we collect from your device includes the hardware model, build model, RAM, storage unique device identifiers like IMEI, serial number, SSAID SIM information that includes network operator, roaming state, MNC and MCC codes, WIFI information that includes MAC address and mobile network information to uniquely identify the devices and ensure that no unauthorized device acts on your behalf to prevent frauds.
We collect information about your device to provide automatic updates and additional security for your Account is not in use on someone else device. Additionally, this information provides us with valuable feedback Your identity as the device owner and your device behavior, allowing us to improve our service and provide you with an enhanced customized user experience.
We require camera access to scan and capture the required KYC documents thereby allowing us to auto-fill relevant fields.
As a part of our KYC process, we require access to your camera to enable you to initiate your KYC process. This permission allows us or our authorized agents to perform your Photo KYC while also taking screenshots of your original Officially Verified Documents that you present during your Photo KYC process. Photo KYC enables you to complete your KYC digitally, smoothly and efficiently. Your photo shall be recorded and retained for regulatory purpose along with original Official Verified Documents. We will delete the images after we have determined your risk profile.
The App links to a registered third-party SDK, collecting data for credit risk assessment. Security measures are implemented to protect personal information, including encryption, role-based access control, and industry-leading security solutions.
Our third-party service provider employs separation of environments and segregation of duties and have strict role-based access control on a documented, authorized, need-to-use basis. The stored data is protected and stored by application-level encryption. They enforce key management services to limit access to data.
Furthermore, our registered third party service provider provides hosting security – they use industry-leading anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, and application control solutions.
Automatic tracking of user behavior for internal research and analysis. Information includes IP address, URL, and other relevant data. Cookies are used to improve the user experience. We use this information to do internal research on our users’ demographics, interests, and behaviour to better understand, protect and serve our users and improve our services. This information is compiled and analyzed on an aggregated basis. We also collect your Internet Protocol (IP) address and the URL used by you to connect your computer to the internet, etc. This information may include the URL that you just came from (whether this URL is on our Website or not), which URL you next go to (whether this URL is on our Website or not), your computer browser information, and your IP address.
Cookies are small data files that a Website stores on Your computer. We will use cookies on our Website similar to other lending websites / apps and online marketplace websites / apps. Use of this information helps Us identify You in order to make our Website more user friendly. Most browsers will permit You to decline cookies but if You choose to do this it might affect service on some parts of Our Website.
If you choose to get a loan through the Platform, we collect information about your applying behavior.
We retain this information as necessary to resolve disputes, provide customer support and troubleshoot problems as permitted by law.
If you send us personal correspondence, such as emails or letters, or if other users or third parties send us correspondence about your activities or postings on the Website, we collect such information into a file specific to you.
The intended purpose of collecting information provided by you is to:
Establish identity and verify the same
To complete your photo kyc
Monitor, improve and administer our platform
Provide our service i.E. Perform credit profiling for the purpose of facilitating loans to you.
Design and offer customized products and services offered by ourselves /our third party financial partners
Analyse how the platform is used, diagnose service or ID Card Number problems and maintain security
Send ID Card Number rations notifications, information regarding the products or services requested by you or process queries and applications that you have made on the platform
Manage our relationship with you and inform you about other products or services we think you might find of some use
Conduct data analysis in order to improve the services / products provided to the user
Use the user information in order to comply with country laws and regulations
Conduct kyc for ourselves /our third party lending partners based on the information shared by the user
Use the user information in other ways permitted by law to enable you to take financial services from our lending partners.
We will use and retain the information for such periods as necessary to provide you the services on the platform, to comply with our legal obligations, to resolve disputes, and enforce our agreements.
Use And Disclosure Of Your Personal And Other Information
We understand the importance of your information and ensure that it is used for the intended purpose only.
We access, store and use the information we collect from you in accordance with the applicable laws to provide our Services, to research and develop new ones subject to the limitations set out in this Privacy Policy.
Information is used for dispute resolution, problem troubleshooting, safety promotion, analytical analysis, marketing, service improvement, and other purposes outlined in this Privacy Policy.
Resolve disputes
Troubleshoot problems
Help promote a safe service
Analytical analysis
Marketing purposes
Measure consumer interest and satisfaction in our products and services
Inform you about online and offline offers, products, services, and updates
Customize your experience
Detect and protect us against suspicious or illegal activity, fraud and other criminal activity
Enforce our terms and conditions
Improvement of our services and as otherwise described to you at the time of collection
In our efforts to continually improve our product and service offerings, we collect and analyze demographic and profile data about our users’ activity on our platform.
Third-party services, such as Firebase and Appsflyer, are used for analytics and payment processing. Privacy policies of these services should be referred to for further details.
Analytic
We may use third-party Service providers to monitor and analyze the use of our Service.
Firebase
Firebase is an analytic service provided by Google Inc.
You may opt-out of certain Firebase features through your mobile device settings, such as your device advertising settings or by following the instructions provided by Google in their Privacy Policy: https://policies.google.com/privacy
We also encourage you to review the Google’s policy for safeguarding your data: https://support.google.com/analytics/answer
For more information on what type of information Firebase collects, please visit the How Google uses data when you use our partners’ sites or apps web-page: https://policies.google.com/technologies/partner-sites
Appsflyer
Their Privacy Policy can be viewed at https://www.appsflyer.com/cn/product/security-and-privacy/
Payments
We may provide paid products and/or services within the Service. In that case, we may use third-party services for payment processing (e.g. payment processors).
We will not store or collect Your payment card details. That information is provided directly to Our third-party payment processors whose use of Your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
The Company uses re-marketing services to advertise to You after You accessed or visited our Service. We and Our third-party vendors use cookies and non-cookie technologies to help Us recognize Your Device and understand how You use our Service so that We can improve our Service to reflect Your interests and serve You advertisements that are likely to be of more interest to You.
These third-party vendors collect, store, use, process and transfer information about Your activity on Our Service in accordance with their Privacy Policies and to enable Us to:
Measure and analyze traffic and browsing activity on Our Service Show advertisements for our products and/or services to You on third-party websites or apps Measure and analyze the performance of Our advertising campaigns
You may opt-out of all personalized advertising by enabling privacy features on Your mobile device such as Limit Ad Tracking (iOS) and Opt Out of Ads Personalization (iOS). See Your mobile device Help system for more information.
We may share information, such as hashed email addresses (if available) or other online identifiers collected on Our Service with these third-party vendors. This allows Our third-party vendors to recognize and deliver You ads across devices and browsers. To read more about the technologies used by these third-party vendors and their cross-device capabilities please refer to the Privacy Policy of each vendor listed below.
Google Ads (Ad-words) re-marketing service is provided by Google Inc.
You can opt-out of Google Analytic for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
Google also recommends installing the Google Analytic Opt-out Browser Add-on https://tools.google.com/dlpage/gaoptout for your web browser. Google Analytic Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytic.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy
Facebook re-marketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/516147308587266 To opt-out from Facebook’s interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217 For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
The right to change, modify, add, or remove portions of this Privacy Policy at any time is reserved. Users are encouraged to periodically review the page for the latest information.
Accessing Your Information / Contacting Us
At any point of time Users can choose to edit/modify or delete/withdraw any Personal Information shared for use of the Platform. Please note that deleting or withdrawing information may affect the Services we provide to you. In case of modification of Personal Information, Users will be required to furnish supporting documents relating to change in Personal Information for the purpose of verification by the Company.
You may contact us to exercise your rights at cs@peranyo.com
Users have choices regarding the information collected and its usage, including device-level settings, account deletion, and content removal requests.:
Device-level settings: Your device may have controls that determine what information we collect. For example, you can modify permissions on your iOS device for access to Camera or Audio permissions.
Delete your entire App account.
You can also request to remove content from our servers based on applicable law or by writing to our Grievance Officer.
The Platform intends to protect your information and to maintain its accuracy as confirmed by you. We implement reasonable physical, administrative and tech ID Card Number safeguards to help us protect your information from unauthorized access, use and disclosure. For example, we encrypt all information when we transmit over the internet. We also require that our registered third party service providers protect such information from unauthorized access, use and disclosure.
Our Platform has stringent security measures in place to protect the loss, misuse and alteration of information under control. We endeavour to safeguard and ensure the security of the information provided by you. We use Secure Sockets Layers (SSL) based encryption, for the transmission of the information, which is currently the required level of encryption in Sri Lankan as per applicable law.
We blend security at multiple steps within our products with the state of the art technology to ensure our systems maintain strong security measures and the overall data and privacy security design allow us to defend our systems ranging from low hanging issue up to sophisticated attacks.
In addition, the Website and App have been certified for the following security certifications:
ISO 9001: being the international standard that details requirements for a quality management system (QMS). Organizations use the standard to demonstrate the ability to consistently provide products and services that meet customer and regulatory requirements with the requisite security protections.
ISO 27001 (formally known as ISO/IEC 27001:2005): is a specification for an information security management system (ISMS) and is the suggested level of certification required under the Information Technology Act, 2000. An ISMS is a framework of policies and procedures that includes all legal, physical and ID Card Number controls involved in an organization’s information risk management processes.
We aim to protect from unauthorized access, alteration, disclosure or destruction of information we hold, including:
We use encryption to keep your data private while in transit
We offer security feature like an OTP verification to help you protect your account
We review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems
We restrict access to personal information to our employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations
Regular reviews ensure compliance with this Privacy Policy and applicable laws. Data transfers comply with legal frameworks, and security certifications are maintained.
We ensure that ID Card Number number is not disclosed in any manner
We or our affiliates maintain your information on servers located in Singapore . Data protection laws vary among countries, with some providing more protection than others. We also comply with certain legal frameworks relating to the transfer of data as mentioned and required under the Information Technology Act, 2000 and rules made thereunder
When we receive formal written complaints, we respond by contacting the person who made the complaint. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of your data that we cannot resolve with you directly
By using the Platform and providing information, users consent to the collection, sharing, disclosure, and usage of information in accordance with this Privacy Policy.
If we decide to change our Privacy Policy, we will post those changes on this page so to make you aware of the information we collect, how we use it, and under what circumstances we share and disclose it.
For any questions or concerns, users can contact:
CORPORATE NAME:Empire Peak Lending Investors Inc.
COMPANY REGISTRATION NO. CS201919994
CERTIFICATE OF AUTHORITY NO. 3191
EMAIL: cs@peranyo.com