KOSH

VERSION 1.0

DATE OF VERSION 06-03-2025

CREATED BY LEGAL

REVIEWED BY MANAGEMENT

APPROVED BY MANAGEMENT

DOCUMENT CLASSIFICATION

INTERNAL

REVISION HISTORY

VERSION

NO.

REVISION

DATE

DESCRIPTION

OF CHANGE

AUTHOR

REVIEWER APPROVER

1.0 12-01-2024 INITIAL

RELEASE

LEGAL MANAGEMENT MANAGEMENT

We, at Adhikosh Financial Advisory Private Limited (“Kosh” or “we” or “us”) understand privacy and

its value. Therefore, it is all the more important for us to make YOU (“you” or “Customer” or “User”),

the User of the website www.getkosh.com (the “Website”) and its associated mobile applications, Kosh

App (collectively, the “Platform”) understand the reason behind collection of Your information and its

usage and the manner in which we collect, use, store and share information about You (“Privacy

Policy”). This Privacy Policy has been prepared in compliance with the applicable laws for usage of

the Platform which inter alia facilitates lending & non-lending services by partnering with various

ﬁnancial lenders, third parties, service providers, etc based on Your requirement to avail such services

(“Services”).

This Privacy Policy is incorporated into and at all times is subject to and is to be read in conjunction

with the Terms of Use of the Platform (accessible here) (“Terms of Use”) and all other policies notified

by us from time to time.

Please note that by visiting the Website or accessing and/or availing products and services through the

Platform, you are accepting the practices described in this Privacy Policy including but not limited to

your consent for collecting, using, sharing and disclosing your information as per this Privacy Policy.

1. GENERAL

1.1. This Privacy Policy together with the Terms of Use governs your use of our Platform and/ or

Services; describes the types of information we may collect from you or that you may provide

to us when you use our Platform and/ or Services and our associated services, and lays down

our practices and purposes for collecting, receiving, processing, storing, dealing, using,

maintaining, transferring, and disclosing such information. You agree that the Information

(defined below) provided to us by You has been received or collected by lawful means with

Your consent and does not constitute a violation of data protection laws of India.

1.2. Your Information will primarily be stored and processed in India and may be governed by laws

(including data protection laws) that are different from those that apply in the country in which

you are located.

1.3. This document is an electronic record and is governed by the provisions under the Information

Technology Act, 2000, and rules made thereunder as may be applicable, including any

amendments thereto. This electronic record is generated by a computer system and does not

require any physical or digital signatures.

1.4. This Privacy Policy applies to information we collect or receive:

(a) On our Platform;

(b) Via e-mail and other electronic communication between You and us;

Services; and

(j) When You use the Services.

1.5. This Policy does not apply to information collected by:

(a) us in physical form and not in a computer resource; or

(b) Any third party, including through any website, application or content (including

advertising) that may link to or be accessible from our Platform.

1.6. Please take a moment to familiarize yourself with our Privacy Policy. If you do not agree with

any provisions of the Terms of Use or this Privacy Policy, we advise you to not use, download,

install, or access the Platform.

2. TYPE OF INFORMATION COLLECTED

2.1. This Privacy Policy sets out the type of information collected from the Users, including the

nature of the Sensitive Personal Data or Information (defined hereinafter), the purpose, means

and modes of usage of such information and how and to whom we shall disclose or transfer

such information. You may at any time withdraw your consent for collection and use of your

information including Personal Information (defined hereinafter) or Sensitive Personal Data or

Information. However, please note that if you withdraw your consent, we may no longer be able

to provide you with the corresponding service for which you have withdrawn your consent. It

is hereby clarified that your decision to withdraw your consent will not affect the processing of

Information based on your previous consent prior to the withdrawal. The Information is

collected and used hereunder is on a need-to-know basis to deliver better service to the

customers.

2.2. We may collect a variety of information from you, including your name, internet/network

information (such as device name, hardware model, operating system and version, unique

device identifier, device ID, browsing history, browser type, interaction with Website), mailing

address, phone number, email address, contact preferences, PAN, GST network user id, and

such other information as consented by you from time to time, including any other usage and

interaction details with us or our affiliates. We may collect such information which when

combined with other pieces of information available with us could reasonably allow you to be

identified (“Personal Information”).

2.3. We may also collect, receive, process or store certain sensitive personal data or information

provided by you which may consist of, but not be limited to:

(a) Password;

(b) Financial information such as bank account or credit card or debit card or, other payment

instrument details;

(d) Any of the information received under (a) and (b) above by us for processing or storing

under lawful contract or otherwise,

(collectively, referred to as “Sensitive Personal Data or Information”).

Personal Information and Sensitive Personal Information are collectively referred to as

“Information”.

2.4. You may be asked to provide your Information anytime you visit, access, use or browse the

Platform. We may share Information and use it consistent with the provisions of this Privacy

Policy. We may also combine it with other Information to provide and improve our Services,

services, content and advertising.

2.5. The Platform is not directed towards minors. We do not knowingly collect Information from

any User who is under 18 (Eighteen) years. If we are made aware that we have collected the

Information of a person below the age of 18 (Eighteen) years, we will take steps to delete such

Information within a reasonable time frame. If a parent or guardian becomes aware that his or

her child has provided his/ her Information on the Platform without their consent, he or she

shall contact us for the deletion of such Information. In the event, where in contravention to the

the Website, we shall not be held liable or responsible for any damage or injury suffered by

such person.

3. USE OF INFORMATION COLLECTED

The following is the manner in which we collect, use, share, and retain Information:

3.1. The Information collected by us is largely in the following context:

(a) Information for Digital Lending Services: Information collected by Platform for

facilitation of loans being disbursed by the ﬁnancial lending partners whose details are

available on the Website and the Kosh App, and who are registered with the Reserve Bank

of India (“Lending Partners”).

(b) Information for Non-Lending Services: Information collected by Platform while

registering a User on the Platform or while providing value added services (i.e., all services

other than facilitation of loans).

3.2. Collection: We may collect Information, whenever relevant, to help provide you with

information and to complete any transaction or provide any Service you have requested. We do

not access mobile phone resources like file and media, contact list, call logs, telephony

functions, etc. The Information collected by us pertains to the transactional data pertinent for

carrying out our Services.

3.3. Usage: The Platform seeks your Information to: (i) create and/or give you access to your

registered account on the Website/ Kosh App, and in this regard, establish your identity and

verify the same; (ii) validate and process your request for the provision of Services, including

to facilitate your KYC as per instructions from our Lending Partners; (iii) assist merchants to

handle and fulfil the requested Services; (iv) develop, deliver, process and improve our Services

in order to personalize and improve your experience; (v) inform you about our Services, offers,

updates, upcoming events, including providing you information in relation to Service

confirmations, updates on the Services, invoices, technical notices, security alerts; or (vi)

facilitate our internal business operations, including the fulfilment of any legal and regulatory

requirements; (vii) provide you with recommendation about the Services you may be interested

in, based on your use of the Platform; (viii) provide you with marketing communications and

advertising that we believe may be of interest for you; (ix) resolve any request, disputes,

grievance, or complaints by you in relation to your use of the Platform; or (x) detect and protect

us against error, fraud and other illegal activity. When you use our voice, image and camera

services, we use your voice input, images, videos, and other Information to respond to your

requests, provide the requested Services to you, and improve our services or the Platform. It

may be noted that we may request camera access to scan and capture the required KYC

documents as per the instructions of our Lending Partners in accordance with applicable laws.

3.4. Sharing

(a) We may disclose Information to our affiliates when necessary to perform Services on our

behalf or on your behalf, to provide display advertising and promotional services,

providing search results and links, providing customer service etc. These affiliates may

market to you as a result of such sharing unless you explicitly opt-out.

(b) We may disclose Information to ﬁnancial service providers, banks or NBFCs, our Lending

Partners and trusted third-party service providers when necessary in order to facilitate the

provision of the Services. We ensure that such third-party service providers are bound by

reasonable confidentiality obligations; and/ or use, maintain and follow generally accepted

industry and security standards commensurate with the security standards set forth in this

that access, use, preservation or disclosure of the Information is reasonably necessary to:

(i) meet any applicable law, regulation, legal process or enforceable governmental request;

(ii) detect, prevent or otherwise address fraud, security or technical issues; and/ or (iii)

protect against harm to the rights, property or safety of our or our Users, or the public, to

fight fraud and credit risk, as required or permitted by law.

(d) We may also disclose or transfer your Information to any third party as a part of

reorganization or a sale of the assets, division or transfer of a part or whole of us. We shall

ensure that third party to which we transfer or sell our assets will have appropriate

confidentiality and security measures, at least as protective as those described in this

such transfer if the new entity's planned processing of your information differs materially

from that set forth in this Privacy Policy.

(e) A third-party payment gateway provider may be required to collect certain financial

information from you including, but not restricted to, your credit/debit card number or your

bank account details (collectively referred to as “Financial Information”). All Financial

Information collected from you by such third party payment gateway providers will be

used only for billing and payment processes. The Financial Information collected from you

is transacted through secure digital platforms of approved payment gateways which are

under encryption, thereby complying with reasonably expected technology standards. The

verification of the Financial Information shall be accomplished only by you through a

process of authentication in which we shall have no role to play and hence, we shall bear

no liability in relation to the same. We shall neither be liable nor responsible for any actions

or inactions of third party payment gateway providers or any breach of conditions,

representations and warranties given by them. We shall also not be obligated to mediate or

resolve any dispute or disagreement between you and such third party payment service

providers.

(f) We shall not publish the Sensitive Personal Information collected by us hereunder and any

third party receiving such Sensitive Personal Information shall not disclose the same

further.

3.5. Retention

The Information so collected shall be retained only for the duration necessary to fulfil the

purposes outlined in this Privacy Policy unless a longer retention period is required or permitted

by law. Once the purposes are achieved, all Information is deleted in a safe and secure mode.

4. CHANGES/AMENDMENT/MODIFICATION TO THE PRIVACY POLICY

4.1. We will treat your Information in accordance with applicable laws, and regulations.

4.2. This Privacy Policy is subject to changes and modification based on business, legal or

regulatory requirements and will be updated online on the Website. We will make all efforts to

communicate any significant changes to this Privacy Policy to you. You are encouraged to

periodically visit this page to review the Privacy Policy and any changes to it. Your continued

use of the Platform after any modification(s) to this Privacy Policy will be deemed as your

acceptance to such modification(s).

5. THIRD PARTY APPLICATIONS, WEBSITES & SERVICES

5.1. Please note that your mobile service provider, mobile operating system provider, third party

applications (including the applications pre-loaded on your smart phones powered by

Android/iOS platform or customized Android ROM (“Device”)), social media platforms and

websites that you access may also collect, use and share information about you and your usage.

We do not control how these third parties collect, use, and share or secure your Information.

For information about third-party privacy practices, please refer or read their respective privacy

policies or take appropriate consultation.

5.2. The Platform may include links to other websites/applications or may display advertisements

from third parties and other content that links to third party websites. Such websites/applications

are governed by their respective privacy policies, which are out of our control. Once you leave

our Website, use of any information you provide is governed by the privacy policy of the

operator of the website / application you are visiting. That policy may differ from that of the

Platform. If you can't find the privacy policy of any of such websites /application via a link

from the website's homepage, you should contact the relevant website /application directly for

more information. We are not responsible for the privacy practices or the content such third

party websites.

5.3. We may use third-party advertising companies to serve ads when you visit the Platform.

5.4. In the event we enter arrangements with any third parties where such third party is allowed to

collect your Information through the Platform, the details of such third parties shall be disclosed

hereunder.

6. LOCATION SERVICES

6.1. The Platform, its licensees and agents, may access, collect and analyse your usage of the

Platform and other information related to your location on a regular basis through Bluetooth

and Wi-Fi signals and other technologies and data for the performance of the services provided

by the Platform and to help improve the design, functionality, performance, and content of the

Platform. In order to collect geo-location information, the location settings must be enabled on

your Device. Therefore, in some cases, the Website/ App may request that you enable the

location settings.

6.2. Except in cases where any specific Services requested by you require or involve personal

identification, the Platform collects location data anonymously and in a form that does not

personally identify you. By using the Platform, you agree and consent to transmission,

collection, maintenance, processing and use of your location data and queries to provide and

improve such Services of the Platform.

7. COOKIES

7.1. Due to the communications standards on the internet, when you visit, access or browse the

Platform, we automatically receive the uniform resource locator of the site from which site you

visit, access or browse the Platform, details of the website you visit on leaving the Website, the

internet protocol (“IP”) address of each User’s computer operating system, type of web browser

the User is using, email patterns, and the name of the User’s internet service provider. This

information is used solely to analyse overall User trends and to help us improve our Services.

Please note that the link between the User’s IP address and the User’s personally identifiable

information is not shared with third parties without such User’s permission or except when

required by law or to provide or facilitate the User with the services. Notwithstanding the above,

the User acknowledges that we reserve the right to share some of the aggregate findings,

including the information provided by the Users in an unidentifiable, aggregate form, and not

the specific data with advertisers, sponsors, investors, strategic partners, and others in order to

help grow the business. The amount of information sent to us depends on the settings of the

web browser used by the User to access the Platform. The User may refer to the browser used,

if the User wishes to learn what information is provided to us. "Cookies" are small files placed

on your hard drive that assist us in providing our Services. We place temporary cookies in your

Device's hard drive. Information collected by cookies and other technologies are treated as non-

personal information. However, to the extent that IP addresses or similar identifiers are

considered personal information by local law, we treat any information linked to such identifiers

as Information. Similarly, to the extent that non-personal information is combined with Personal

Information, we will treat the combined information as Personal Information. Information

collected by us, by any means whatsoever, that does not personally identify the User as an

individual (such as patterns of utilization described above) is exclusively owned by us and may

be used by us and third party service providers for technical administration of the Website, user

administration, research, development, and other purposes. You agree and understand that we

do not exercise control over third party websites displayed as search results or links on the

Website. These other sites may place their own cookies or other files on the Users’ computer or

mobile, collect data or solicit Information from the Users, on which we have no control and

shall not be held responsible or liable. We do not make any representations concerning the

privacy practices or policies of such third parties or terms of use of such websites, nor do we

guarantee the accuracy, integrity, or quality of the information, data, text, software, sound,

photographs, graphics, videos, messages or other materials available on such websites. The

inclusion or exclusion does not imply any endorsement by us of such websites, the websites’

provider, or the information on the website. You understand that you may set or amend your

web browsers to delete or disable cookies. If you choose to disable cookies on your computer

or mobile telecommunication device, it may impair, degrade or restrict access to certain areas

of the Website.

8. OTHER INFORMATION THE APP COLLECTS

8.1. The Platform also may collect other information about you in ways that the Platform describe

to you or otherwise with your consent. You can choose not to provide us with certain types of

information, but doing so may affect your ability to avail and/or use some services or the

Platform.

8.2. At the time of installation of the App, the App will require your permission to enable it to find

the location of your Device, camera usage, microphone access, SMS, mount and un-mount file

systems, etc. You acknowledge that you are agree to providing such information to the App.

9. OPT OUT

9.1. The third-party service providers with whom we may share Information provided by you are

not permitted to market their own services or send promotional e-mails or engage in

promotional communication with you. We provide you with the opportunity to opt-out of

receiving non-essential, promotional, or marketing-related communication from itself or its

partners.

9.2. To request the deletion of your account or Information, you may raise a request through the

Platform or emailing us at public@getkosh.com. We reserve the right to limit membership

based on availability of contact information. All Users will be notified by email prior to any

actions taken.

10. SECURITY

10.1. We have implemented security policies, rules and technical measures, as required under

applicable law including firewalls, transport layer security and other physical and electronic

security measures to protect the Information from unauthorized access, improper use or

disclosure, unauthorized modification and unlawful destruction or accidental loss. When you

submit your Information on the Platform, your Information is protected through our security

systems. Although we make best possible efforts to transmit and store all the Information

provided by you in a secure operating environment that is not open to public, you understand

and acknowledge that there is no such thing as complete security and we do not guarantee that

there will be no unintended disclosures of any Information and potential security breaches. You

agree not to hold us responsible for any breach of security or for any action of any third parties

that receive your Information or events that are beyond our reasonable control including, acts

of government, computer hacking, unauthorized access to computer data and storage device,

computer crashes, breach of security and encryption, etc. However, if you have reason to believe

that your interaction with us is no longer secure, please immediately notify us in accordance

with the “Queries and Complaints” section below.

11. ACCESS, CORRECTION AND DELETION

11.1. The App strives hard to keep its records updated and accurate with your latest Information. You

shall be responsible to ensure that the Information or data you provide from time to time is and

shall be correct, current and updated and you have all the rights, permissions and consents to

provide such Information or data.

11.2. You may note that deletion of certain Information or withdrawal of consent may lead to

cancellation of your access to the Platform or Services. Additionally, we may not be able to

process your request of correction, updating or deletion, in case the same is not supported by

valid documents or data retention is required by the applicable law or law enforcement requests

or under any judicial proceedings or it is extremely difficult to implement (such as requests

related to backup copies or if a new system is required to process the request or change of

technical design) or risks the privacy of other users.

12. QUERIES AND COMPLAINTS

12.1. If you have any complaint under the Information Technology Act, 2000, the rules made

thereunder or any digital lending related complaints/issues, the contact details of the Data

Protection Officer and Grievance Redressal Officer are provided below:

Name: Anindeeta Chakraborty

Address: Adhikosh Financial Advisory Private Limited, 4th ﬂoor, 114, Sector 44, Gurugram,

Haryana 122003

Email: anindeeta@getkosh.com

Contact: +919667712308

12.2. We will try to resolve your complaint/ request expeditiously, and in case within the prescribed

timelines under applicable laws. However, this is also subject to us receiving all pertinent

information/ documents from you in a timely manner.

Last Updated: [06/03/2025]