top of page

Privacy Policy

Last Updated: 29/06/2026

                                                                                                       PRIVACY POLICY / PRIVACY NOTICE

This Privacy Policy (“Policy/Notice”) is a privacy notice issued by Shuhari Tech Ventures Private Limited (“NIRA”, “we”, or “us” or “our”) and is aimed at  informing the users, members, unregistered visitors, and any person(s) using or accessing the Platform (as defined below) (hereinafter collectively referred to as the “Users” or “you” or “your” or “yours”) of the practices in relation to the storage, use, processing, and disclosure of personal data that you have chosen to share with us, when you use or access our website hosted at  https://www.nirafinance.com/ (“Website”) and/ or download and use our mobile application namely NIRA (“App”) and/or avail our Services. 
The Website and the App shall hereinafter be collectively referred to as (the “
Platform”). 

The Digital Personal Data Protection Act, 2023 ("DPDPA") has been enacted, and the Digital Personal Data Protection Rules, 2025 ("DPDP Rules") were notified on November 13, 2025. The DPDPA and the DPDP Rules are being brought into force in a phased manner, and certain provisions are not yet in effect. Accordingly:

1. This Policy has been drafted in anticipation of the full commencement of the DPDPA and the DPDP Rules, based on the DPDPA as enacted and the DPDP Rules as notified.

2. Upon commencement of the remaining provisions of the DPDP Rules including rules relating to consent frameworks, Data Fiduciary obligations, Data Principal rights, cross-border data transfer conditions, and significant Data Fiduciary designations this Policy will be reviewed and amended to ensure full compliance with such Rules.

3. Similarly, any guidelines, circulars, or directions issued by the Data Protection Board of India, the Ministry of Electronics and Information Technology (MeitY), or the Reserve Bank of India that affect the manner in which Personal Data is processed in the context of digital lending shall be reflected in an updated version of this Policy.

NIRA, through this Policy, aims to demonstrate its commitment towards protecting your personal data and respecting your privacy in compliance with the applicable laws including, DPDPA and DPDP Rules, the Information Technology Act, 2000 and Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information), Rules, 2011 (“SPDI Rules”), Reserve Bank of India’s (RBI)  (Non-Banking Financial Companies- Credit Facilities), Directions 2025  and any other guidelines that maybe issued by RBI from time to time (all of such guidelines, “RBI Guidelines”).  
This Policy is applicable to all the information collected, received, possessed, owned, controlled, stored, dealt with, shared with, accessed by, or handled by NIRA in respect of a User. Please read this Policy along with the Terms and Conditions available at https://www.nirafinance.com/terms-of-use .

1.SEPARATE AFFIRMATIVE ACTION AS CONSENT

Your consent to the use and processing of your Personal Data is not obtained merely by accessing or using the Platform. Your Consent shall be availed through a separate, explicit, and affirmative action such as ticking a checkbox or clicking an "I Accept" button at the relevant point in your user journey.
By giving such consent, you acknowledge that:

•    You have read and understood this Privacy Policy;
•    You understand the specific purpose for which your Personal Data is being collected;
•    You understand who your Personal Data may be shared with; and
•    You are providing consent of your
own free will, without coercion or undue influence.

•     Users acknowledge that they have the option to not provide or agree to the collection of personal data. If a User chooses to not grant us access to such personal data when requested, we will not be in a position to provide the User with the Services. In such an event, we encourage you to stop using the Services and accessing the Platform. In addition to this, in the event you do not consent to our access to your personal data, we may have to terminate, suspend or limit your access to the Services or Platform or part thereof, as may be the case.

•    We respect your right to decline or withdraw consent. However, certain Personal Data is necessary for us to provide specific services. Accordingly:
a)    If you choose
not to provide Personal Data that is essential to a particular Service (such as KYC data for loan processing, or bank account details for disbursement), we will not be able to provide that Service or part thereof to you.
b)    If you
withdraw consent for Personal Data that is necessary for the continued performance of a Service you are currently availing, we may need to suspend, limit, or discontinue that Service to the extent it relies on such data.

 

2. PURPOSE OF COLLECTION AND STORAGE OF INFORMATION

•    Our primary goal is accessing, collecting, processing and using your information (including personal data), is to provide you with a safe, efficient, smooth and customized experience of our Services. We collect and process minimal personal data of the User that are necessary for providing the Services and enabling your use of our Platform, including for any of the purposes set out in section 4 below.
•    In general, you can browse the Website of NIRA without disclosing your identity or revealing any personal data about yourself. However, to create an account on the Platform you will be required to provide us with certain information directly connected to the Services we provide through the Platform.
•    Where you access our Services through our App, any access to device features (such as camera, location, or storage) will be:
a)    Sought through explicit consent at the time of access; and
b)    Strictly limited to the purpose disclosed at the point of the consent request.

3. PERSONAL DATA WE COLLECT

3.1 NIRA collects the following types of data sets from you:

(a) Personal data collected directly from you with your explicit consent:
 
This type of data is the personal data you provide us. This includes:
 
(i) Identity and Profile-related Data: Personal data concerning the personal or material circumstances of an identified or identifiable User, e.g. name, gender, date of birth, password, password validation, marital status, family details, employment verification information and other similar details shared via the Platform to avail Services.
 
(ii) Contact data: Your email addresses, phone numbers, and postal address.  We do not access your device's contact list at any point.

(iii) KYC data: In connection with the Services and your use of the Platform, we may also require you to share, or we may collect

identification documents issued by government or other authorities to you, including details of or pertaining to Aadhaar, PAN card, voter ID, and ration card. For the purposes of onboarding/completing the KYC, we take your explicit consent for a one-time access of your mobile phone’s camera, microphone, location. With this access, you will be able to upload the images of employment ID, PAN card, KYC and NACH forms for completing the loan application for fast approval and disbursal from our lending partners. For Android users, the access to your mobile phone’s camera or location is taken based on permissions allowed by your device and as explicitly set by you. NIRA only uses the access for one time to complete the loan application form each time you avail of our Services. You may revoke access as per your device’s policies and applicable version once the application form is complete.

(iv) Financial data: Your past credit history fetched from credit information companies with your explicit consent, your income details, details of loans issued, or otherwise applied for through the Platform, payments and repayments thereof, your bank account details and bank account statements.

(v) SMS Data: We collect and transmit Transactional SMS data from your phone to verify and analyse your financial position, to determine your cash flow, credits, income, and spending pattern. Please note that such data is limited to details of the transactions contained in the SMS. Personal SMS data or sensitive information such as OTP, personal SMSs, account details, etc is filtered out and not stored.

(vi) Device Data: The information we collect from your device includes IP addresses, SDK version and mobile network information including carrier name, SIM Serial and SIM Slot, your profile information, time zone settings, location and device information for the purpose of onboarding. We collect information about your device to undertake fraud detection, provide automatic updates and additional security so that your account is not used in other people’s devices.

(vii) Marketing and communications data: This includes your preferences in receiving marketing messages from us and our third parties and your communication preferences.

(b) Personal data collected through your use of the Platform:

This type of data is the personal data collected through your use of the Platform and Services, and ancillary data required for the purposes of fraud detection. The information that the Platform collects, and its usage will solely depend on how you manage your privacy controls on your device. It includes:

1.    Usage Data: We track your usage of the Platform and Services. This information allows us to analyse our Users' demographics, interests, and behaviours to better understand, protect and serve our Users and improve our Services. This information is compiled and analysed on an aggregated, anonymized basis.

2.    Transaction data: Details of transactions that may occur through the Platform or in connection with the Services. For example, transaction data may include the Services you have sought or availed through the Platform or confirmations of such Services, such as loan applied/availed by you.

Please note, no biometric data is stored/ collected in the systems associated with the Platform.

(c) Personal Data Collected from Third Parties

This type of data is personal data about you received from various third parties and public sources including our third-party service providers for advertising and User analytics purposes, and other publicly available sources in connection with our provision of Services to you, or in connection with your use of the Platform or Services that you choose to avail.   Please note that we do not have any control over or any liability in relation to personal data that you may choose to make publicly available. For example, if you post reviews, comments, or messages on public sections of the Platform or on an application store (such as the Play Store), you do so at your own risk. We are not liable for any third-party misuse of such data.

 4. HOW WE USE YOUR PERSONAL DATA

4.1  This Section sets out the specific purposes for which NIRA or its affiliates uses and/or processes your personal data. Your personal data is used and/or processed only for the purposes described below.: 

 

a) To register you as a user of the Platform and verifying User identity;
b) Facilitating User’s usage of Platform and our Services;
c) To manage our relationship with you, including notifying you of changes to any Services;
d) For extension of loan and financial services to the User from regulated entities including but not limited to Banks, NBFC  other financial partners, etc;
e) To ensure compliance with all legal obligations of lending partners, vis-à-vis Know-your Customer, Prevention of Money Laundering, CKYCR (Central KYC Records Registry) requirements, etc for the purposes of facilitation of the loan/financial services;
f) For fraud prevention and detection;
g) To send User surveys and marketing communications that NIRA believes may be of User’s interest;
h) To facilitate for you repayment of the loans or recovery of outstanding payments on behalf of the lending partner;
i) To diagnose technical problems, provide support and help Users in addressing troubleshoot problems;
j) To send and receive communications, show advertisements, notifications and make promotional offers;
k) To prepare reports, review and filing as per applicable laws;
l) To contact Users regarding lenders and the various financial services being facilitated through NIRA, third party services and         offers;
m) To understand User preferences, requirements;
n) To permit User to participate in interactive features offered through the Platform;
o) To improve the content, our business and delivery models and protect the integrity of the Platform;
p) To increase/improve the Services offered on the Platform;
q) To ensure compliance with all applicable laws;
r) To respond to court orders, establish or exercise our legal rights, or defend ourselves against legal claims;
s) To perform our obligations that arise out of the arrangement we are about to enter or have entered with you; and
t) To enforce our Terms.
u) To analyse and measure the performance of our Services.

 

 

5. HOW YOUR PERSONAL DATA IS SHARED

5.1 NIRA may share your personal data with its affiliates only to the extent required for any of the purposes specified in Section 4 above. Except as required under applicable laws or pursuant to a court/government order or for purposes set forth in clause.

5.2 Subject to Section 5.1, we may share your personal data with the following categories of third parties, for the purposes described:
(a) Our regulated partners and lending partners, including Banks, NBFCs, and other financial institutions on the Platform, to facilitate the provision of financial services to you;
(b) Our third-party service providers engaged to provide the Services as described under our Terms of Use, or for the purposes of recovery of outstanding loan amounts;
(c) Our third-party analytics partners, to the extent required for data analysis undertaken to improve the Services provided to you through the Platform;
(d) Government authorities, courts, statutory bodies, or law enforcement agencies, where we are required by law or under legal obligation to do so, or where necessary to enforce our Terms of Use, protect the rights, property, or safety of NIRA, our Users, or others, or in the course of any court or regulatory proceedings;
(e) Our affiliates, holding companies, and group companies, for data processing and analysis, strictly limited to the purposes set out in Section 4 above; and
(f) Any entity with which we or our affiliates merge or by which we are acquired, or any successor entity in a reorganisation, amalgamation, or restructuring of our business, solely for the purpose of continuity of Services.

 

 

5.3 If you do not provide, or withdraw, consent for sharing of your personal data in the manner described above which are essential to provide services to you, we may not be able to provide the Services, or the relevant part thereof, to you.

​​

5.4 Third parties with whom we may share your data for providing services are available here. 

​6. COOKIES

6.1 NIRA may use "cookies" as required on the Website. “Cookies" is a term generally used for small text files a web site uses to recognize repeat users, facilitate the User's ongoing access to and use of the site, allow a site to track usage behaviour and compile aggregate data that will allow content improvements and targeted advertising, preferences etc. Cookies themselves do not personally identify the User, but it identifies User devices. Cookies also exist within mobile applications when a browser is needed to view certain content or display an advertisement within the application. Generally, cookies work by assigning a unique number to the computer that has no meaning outside the assigning site.
 
6.2 Users acknowledge and understand that NIRA cannot control the use of cookies or the resulting information by advertisers or third parties hosting data on NIRA’s Platform. If Users do not want information collected through the use of cookies, they may change the cookie settings.

 

7. WEB BEACONS

 

The web pages of the Website contain electronic images known as “web beacons”, sometimes called single-pixel gifs and are used along with cookies to compile aggregated statistics to analyse how the Website is used. Web beacons may also be used in some of NIRA’s emails so as to know which emails and links recipients have opened, allowing it to gauge the effectiveness of its customer communications and marketing campaigns.

 

8. DATA PROTECTION AND SECURITY

 

8.1 Pursuant to the DPDPA, DPDP Rules, Information and Technology Act, 2000, Rules and RBI Guidelines, NIRA endeavours to protect personal data (including sensitive personal data or information) of the Users.
 
8.2 We store and process your personal data on cloud servers located in India. Where data is processed outside India it is deleted from foreign servers and repatriated within 24 hours. Some of the safeguards we use are firewalls and bit data encryption using SSL, and information access authorization controls. We use reasonable safeguards to preserve the integrity and security of your information against loss, theft, unauthorized access, disclosure, reproduction, use or amendment. To achieve the same, we use reasonable security practices and procedures as mandated under applicable laws for the protection of your information. In the event NIRA becomes aware of a personal data breach that is likely to affect you, NIRA shall take such steps as may be required under applicable law, including the DPDPA and DPDP Rules.

 

9. DATA RETENTION AND ERASURE

9.1 Data Storage, Retention and Withdrawal of Consent

 

We will store your information and/or data for such period as may be required by NIRA/financial partners and other third-party processors and/or as required or permitted by applicable law. This includes (without limitation), for NIRA to: (i) provide its Services to you; (ii) defend future legal claims against us or our financial partners; (iii)  enforce or enabling NIRA or its financial partners to enforce its legal rights and obligations against you; (iv) to ensure compliance with its obligations and responsibilities or the financial partner’s obligations and responsibilities under applicable laws, as specified by the RBI and the minimum retention periods set out under law (including under the DPDPA and DPDP Rules). All the other details will be deleted upon your request for the deletion of the data, provided there is no active loan or Service being availed by you. 


You have the right to withdraw your consent at any time. You may request your data deletion through the app by following these steps or else you can write to us at support@nirafinance.com. Such a request shall be complied with by Us subject to the applicable laws and the terms of the loan availed through the Platform. You further understand and agree that neither the repayment of a loan/financial facility, nor the deletion of your account with the Platform, automatically rescinds the consents you have provided to us under the Privacy Policy.  You also understand that withdrawal of consent will not affect the lawfulness of any processing carried out by us on the basis of your consent prior to its withdrawal.
 

9.2 Data destruction protocol

(A) You can request the erasure of your personal data. We shall consider and address such requests in accordance with applicable laws, except as may otherwise be for compliance with applicable laws, for defence in a future legal action, and/or if there is an active loan or a Service is currently being availed by you. 

(B) Data deletion Timeline

When a user request for deletion of their data, unless otherwise required under law or contract in connection with the Services provided to you, we will securely remove it(or part thereof) from NIRA systems within 24 hours of receiving user' s request.

10. YOUR RIGHTS

Users providing personal data shall have the following rights under the DPDPA and DPDP Rules

10.1 Access information regarding data use: Users have the right to obtain (a) a summary of personal data processed; (b) processing activities undertaken by NIRA ; (c) identities of all persons/entities who are storing or have possession of the personal data, including any processors who are processing such data on behalf of NIRA; (d) a description of such personal data held by each person/entity; and (e) any other information as may be prescribed under the DPDPA and DPDP Rules.

10.2 Updating user information : Users are required to review and update their information available with NIRA as and when there are any changes. Users must also ensure that any personal data (including sensitive personal data or information) found to be inaccurate or deficient is corrected or amended without delay by notifying NIRA through the app.

10.3 Erasure of personal data : Users have a right to seek erasure of their personal data. Please refer to section 9.1 and 9.2 above.

10.4 Right to grievance redressal: Users have the right to a readily available means of grievance redressal in respect of any act or omission in relation to our obligations under applicable legislation. Please refer to Section 13  below for details regarding the grievance redressal mechanism.

10.5     Right to nominate : Users also have the right to nominate an individual who may, in case of death or permanent disability of the Users, exercise the rights of the User in relation to personal data provided hereunder.

 

11. THIRD-PARTY WEBLINKS

 

User acknowledges that the Platform may contain links to other websites. If a User clicks on a third-party link, the User will be directed to that website. Note that these external sites are not operated by NIRA. Therefore, it is strongly advised that Users review the privacy policy of these websites/external links. NIRA has no control over and assumes no responsibility for the content, privacy policies, or practices of any third-party sites or services.

12. CHANGES TO PRIVACY POLICY

In the event NIRA modifies this Privacy Policy, the same will be updated on the Platform. In case of any material changes to the Policy, the Users will be notified by means of a notice on Platform prior to the change becoming effective. The Users are encouraged to periodically review this page for the latest information on NIRA’s privacy practices. 

 

13. GRIEVANCE REDRESSAL OFFICER

 

NIRA has designated a Grievance Officer. Users can contact the Grievance Redressal Officer with respect to any complaints or concerns regarding the handling, storage, or disclosure of User Information. All queries, disputes, issues and questions regarding the Privacy Policy can be addressed at the following:

1.    Pranaya Kumar Biswal (General Queries)
2.    Sashikanta Parhi (Collection-related Complaints)
Email address: grievance@nirafinance.com,
Contact number: +91-7618789180

The Grievance Officer can be contacted between 10:30 a.m. to 6:00 p.m. from Monday to Friday except on public holidays.
We will endeavour to resolve any complaint or grievance that you may have regarding our use of your personal data within such time-period as may be permitted under applicable law.

14. COMPLAINTS TO LENDER

 

If the grievance is not resolved by NIRA within ten days of lodging the grievance, or if the customer is not satisfied with the response received from NIRA the customer may approach the Lender to have such grievance resolved. The grievance redressal mechanism of NIRA and respective lenders is available at https://www.nirafinance.com/support 

15. COMPLAINTS TO DATA PROTECTION BOARD

 

If the User believes that processing operations concerning him or her are carried out in violation of the applicable data protection legislation, such User shall have the right to lodge a complaint with the applicable data protection authority, the Data Protection Board of India.

bottom of page