Pursuant to the services provided by us, we will ask you to provide certain information as a part of the registration process, and in the course of the interface of CRED. We will collect this information through various means and in various places through the App Services, including account registration forms, contact us forms, or when you otherwise interact with us. We will ask you to provide only such information lawfully and operationally required for the App Services and necessary to be collected by us for effectively providing the same.
Personal information we collect may be in the nature of, inter alia,
We will also collect information relating to your use of our website/app through the use of various technologies. For example, when you visit our website/app, we may log certain information such as your IP address, browser type, mobile operating system, manufacturer and model of your mobile device, geolocation, preferred language, access time, and time spent. We will also collect information about the pages you view within our sites and other actions you take while visiting our website/app. Collecting information in this manner allows us to collect statistics about our website/app usage and effectiveness, personalise your experience whilst you are on our website/app, as well as customize our interactions with you and also assist in business development to enhance and expand the scope of the App Services.
We also maintain some records of Users who contact us for support, for the purpose of responding to such queries and other related activities. However, we do not provide this information to any third party without your permission, or utilize the same for any purposes not set out hereunder.
We may, on your consent, request certain third parties to provide information about you to further personalize your experience on our website/app, and provide certain services that cannot be accessed by all users of the website/app.
CRED is currently open only to credit card holders and to users who have a credit score greater than or equal to 750, determined through information supplied to us by third-party service providers that are expressly authorised by you to distribute such information (for example, Experian which is a credit information company registered under the Credit Information Companies (Regulation) Act, 2005). In order to check if you meet the eligibility criteria to become a member of CRED, you will be requested to provide Dreamplug with explicit consent to procure the same through the sign-up process of the App.
As part of activating an account with CRED, we may request your consent to connect with your email account for purposes of collecting your credit card bill details such as total amount due, minimum amount due and due date, and collecting such other information based on your merchant preferences, to be able to:
Please note that this giving this consent is not mandatory and is completely voluntary. Also, we only open emails from banks and credit card issuers and do not open. read or access any other mail including your personal emails.
We hereby confirm that no other personal information or emails, will be accessed. For the sake of clarity, CRED employs automated processes for accessing and analysing information provided by a User; where we may need to use our algorithm to access a password-protected document utilizing information provided by you. For further information on how we process email and the security protocol we follow click here.
The following paragraphs describe in more detail how we propose to use your personal information.
Any information provided by a User will be used solely for processing your transaction or for any other purposes for which you have granted access to such information to us, based on our mutual agreement / discussions / communications / correspondences. All personal information provided by you in our website/app which has been duly received and accepted by us will be used solely for the purpose of processing a transaction on the App. To enable such process, we may share information with authorised third-parties, for instance, our business partners, financial teams/institutions, or postal/government authorities involved in fulfilment of said transactions, if any. In connection with a transaction, we may also contact you as part of our customer satisfaction surveys or for market research purposes.
We may use information we collect about you to provide you with a personalised experience on our website/app, such as providing you with content in which you may be interested and making navigation on our sites easier.
As you access and use CRED, we may request access wherever applicable to your:
|1||SMS||Read OTP, alerting you against hidden charges in credit card statement and credit card bill payment reminders|
|2||Location||Rewards personalization through location specific offers & validating security of transactions on platform|
|3||Contact||Referral program and rewards personalization|
|4||Alerting you against hidden charges in credit card statement and credit card bill payment reminders|
Please note that we only read transactional or promotional SMS and do not open, access or read any personal SMS.
You can choose to provide explicit consent to connect your email accounts with your CRED account.
Once connected, the CRED website/app will securely access and analyze the contents of emails from banks, related to credit cards, for the purpose of keeping all the credit card account and statement details in one place, and remind the users of their credit card due payments and dates.
We encourage you to review your information prior to signing in through the applicable service.
You can choose to enable us to access one or more of your email accounts by connecting such account(s) with your CRED account. If you connect your email account, the CRED website/app will automatically access and analyze the contents of emails, from a small list of whitelisted senders that comprise of credit card issuing companies and banks, in your email account(s) on an ongoing basis for the purpose of identifying documents related to the applicable App Services availed by you, including credit card statements and reward related emails that may contain recent credit card statements, transactions, or linked rewards. This is to assist the user in collating details on the App, which will include common payment due dates, statements from the applicable services etc.
Once linked, the applicable information will then be extracted from your emails into your CRED account so that you may access the same through the CRED website/app on mobile and desktop.
CRED’s access to the email account/s is authorized through the email provider’s access mechanism. If you choose to have the CRED website/app track your credit card accounts, the CRED website/app will securely store account details for each of your credit card accounts, including your sign-in user name and authorisation tokens for tracked accounts. This information will be used to enable the CRED website/app to automatically access your applicable credit card statements to analyze, extract, and store information securely from such accounts for use in the CRED website/app.
You will be asked in each case whether you want to connect your email account.
You are free to de-link your email connection with CRED at any time. You may manage your connections to email and de-link the same at any time from the website/app.
For example, Google Mail’s permission settings are located at: myaccount.google.com/permissions. A user de-link the access to their email any time they wish at this URL.
We may use your personal information to support our activities such as notifying you of any upcoming campaigns/programmes conducted by us.
Subject to your express permission to use the information as described herein, the information you provide to us, as well as the information we have collected about you whether directly or indirectly, may be used by us for marketing purposes. You may at any time choose not to receive marketing materials from us by following the unsubscribe instructions included in each e-mail you may receive, by indicating so when we call you, or by contacting us directly.
Some of our campaigns/programmes/related events may be co-branded, that is sponsored by both the third parties and us. If you sign up for such campaigns/programmes/related events, please note that your information may also be collected by and shared with those third parties. We urge you to familiarise yourself with their privacy policies to gain an understanding of the manner in which they will handle information about you.
Certain online transactions may involve you calling us or us calling you. They may also involve online chats. Please be aware that it is our general practice to monitor and in some cases record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.
We provide social computing tools on our website/app to enable online sharing and collaboration among members who have registered to use them. These include forums, wikis, blogs, and other social media platforms.
As required by law, at times we might be required to disclose your personal information to relevant authorities. In some cases, when we believe that such disclosure is necessary to protect our rights, or the rights of others, or to comply with a judicial proceeding, court order, or legal process served on our website/app we would share such information.
In some cases, Dreamplug may use vendors or suppliers located in various countries to collect, use, analyse, and otherwise process information on its behalf. It is Dreamplug’s practice to require such vendors or suppliers to handle information in a manner consistent with Dreamplug’s policies.
Where, pursuant to strategic or other business reasons, Dreamplug decides to sell, buy, merge, or otherwise reorganise businesses in some countries. Such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of such information from sellers. It is Dreamplug’s practice to seek appropriate protection for information in these types of transactions.
We provide all Users with the opportunity to opt-out of receiving non-essential (promotional, marketing-related) communications from us on behalf of our partners, and from us in general, after setting up an account. If you want to remove your contact information from all our lists and newsletters, please click on the unsubscribe button on the emailers or send an email request to firstname.lastname@example.org.
We provide all our Users an option through which a User may request deletion of a specific Card stored on his/her account or the complete account through the support section on the Cred App. Following such request, we delete all such information related to the specific card/account including but not limited to profile information, card data, transaction details, reward details, referrals details, statement details, google oauth sessions etc. that we are not required to retain.
In certain circumstances, we may be unable to delete your account, such as if there is any outstanding dispute or unresolved claims pending on your card/account. However, upon resolution of the issue preventing deletion, the information is immediately deleted and can’t be recovered thereafter. We may also retain certain information if necessary for our own legitimate business interests such as fraud prevention and enhancing users’ safety and security.
Users also have the option to request for an account deactivation instead. This will temporarily block user access to CRED App until they send a re-activation request on email@example.com. and successfully re-activate their account.
We use data collection devices such as “cookies”, etc. on certain parts of the App to help analyse the App Services, user interaction with the App, measure promotional effectiveness, and promote trust and safety. For the sake of clarity, “cookies” are small files placed on your device hard-drive/storage that assist us in providing the App Services. Please be informed that Dreamplug offers certain features via the App that are only available through the use of a “cookie”.
We intend to protect your personal information and to maintain its accuracy as confirmed by you. Dreamplug implements reasonable physical, administrative, and technical safeguards to help us protect your personal information from unauthorised access, use, and disclosure. For example, we encrypt all sensitive personal information such as credit card information when we transmit such information over the internet. We also require that our suppliers protect such information from unauthorised access, use, and disclosure.
At CRED we take security seriously. So seriously that we’re committed to securing your data as if it were our own. You can find more details: here.
Dreamplug does not deliver third party online advertisements on the website/app but we advertise our activities and organizational goals on other websites/apps. We may collaborate with other website/app operators as well as network advertisers to do so. We request you to read and understand such concerned third party privacy policies to understand their practices relating to advertising, including what type of information they may collect about your internet usage. Dreamplug does not provide any information relating to your usage of the website/app to such website operators or network advertisers.
Dreamplug website/app may contain links to third party websites/apps that are not affiliated with Dreamplug. Dreamplug is not responsible for the privacy practices or the content of those other websites, or for any acts/ omissions by such third parties in the course of your transaction with them.
In certain cases, you may have the ability to view or edit your personal information online. In the event your information is not accessible online and you wish to obtain a copy of particular information you provided to Dreamplug, or if you become aware the information is incorrect and you would like us to correct it, please contact us immediately.
Before Dreamplug is able to provide you with any information or correct any inaccuracies, however, we may ask you to verify your identity and to provide other details to help us to respond to your request. We will contact you within 30 days of your request.
We at Dreamplug are committed about our customer's data and privacy. We blend security at multiple steps within our products with state of the art technology to ensure our systems maintain strong security measures. The overall data and privacy security design allows us defend our systems ranging from low hanging issue up to sophisticated attacks. You can read more about it here.
If you are a security enthusiast or a researcher and you have found a possible security vulnerability on Dreamplug products, we encourage you to report the issue to us responsibly.
You could submit a bug report to us at firstname.lastname@example.org with detailed steps required to reproduce the vulnerability.
We shall put best of our efforts to investigate and fix the legitimate issues in a reasonable time frame, meanwhile, requesting you not to publicly disclose it. Additionally, if you have suggestions on how we could improve our security systems to make it more robust and safe for all users, you can share those with us at email@example.com