Privacy Policy

Last Updated Date: 27-12-2023

This “Privacy Policy” is an electronic record in terms of the Information Technology Act, 2000 (“Act”) and published in accordance with the provisions of Rule 3(1) of the of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 and Rule 4(1) of the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 “SPDI Rules”, as amended from time to time. This electronic record is generated by a computer system and does not require any physical or digital signatures.

C2FO Factoring Solutions Private Limited (hereinafter referred to as “Company”, “us”, “we” or “our”) recognizes your expectations with regard to privacy, confidentiality and security of the personal information that resides with the Company. This Privacy Policy governs the use of the website of the C2TReDS platform www.c2treds.com and the “services” being provided on the Website. This Privacy Policy has been duly framed in accordance with the Act and the rules made thereunder to ensure maximum protection to the information provided by its users (“you” or “User/s”).

We recognize the importance our customers place on the privacy and security of their business. Our goal is to protect your information in every way that we interact with you, whether on the Internet or otherwise. With that in mind, we have developed this Privacy Policy to help you to understand the steps we take to protect your Personal Information when you utilize our online Services.

For the purposes of this Privacy Policy, “Personal Information” includes any information that relates to a natural person, which either directly or indirectly, in combination with other information available or likely to be available with the Company, is capable of identifying such person such as your name, residential address, mobile number, email address etc. and “Sensitive Personal Information” considered as a part of Personal Information includes password, sexual orientation or any detail relating to the above-mentioned information types as provided to the Company for providing Services, and any of the information received as mentioned above by the Company for processing, retention, dissemination or destruction under lawful contract or otherwise.

By using our Services, you hereby agree and consent to the collection, storage, usage, disclosure, transfer and otherwise processing of your Personal Information in accordance with this Privacy Policy. You expressly understand, agree, and acknowledge that our collection of your Personal Information is for a lawful purpose connected with a function or activity of the Company and is considered necessary for that purpose. If you disclose to us any Personal Information relating to other people, you represent that you have the authority to do so and you permit us to use the Personal Information, in accordance with this Privacy Policy. If you do not agree to the Privacy Policy, you may exit and cease to use the Website. 

  This Privacy Policy is incorporated in the Terms of Use of the Website and any other agreement in which there is a specific clause incorporating the Privacy Policy into such agreement. All capitalized terms that have not been expressly defined herein shall have the meaning ascribed to them under the ‘Terms of Use’. In addition to the considerations stipulated under this Privacy Policy, your activities undertaken on the Website shall also be governed by the applicable Master Agreement (e.g., Master Services Agreement, Master Financier Agreement or Master Supplier Agreement), signed by the respective parties with the Company, and any other terms and conditions as published by the Company from time to time. In the event of conflict between the terms of such agreements and the Privacy Policy, the terms of such agreements will prevail and govern so long as they relate to matters specifically referenced herein and this Privacy Policy will apply with respect to all other matters.

  Personal Information subject to this Privacy Policy will be collected and retained by the Company, with a registered office at D-26 Basement, Jangpura Extn., New Delhi, 110014.

1. Type of Personal Information collected by us 

We collect certain Personal Information of the Users, which is necessary to provide and continually improve our Services. 

Here are the types of Personal Information we collect:

• We may collect, retain and process the Personal Information provided by you through email or filing of forms on the Website, including, but not limited to, Personal Information such as your name, address, contact details, email id, details of the organization on behalf of whom you are acting (if applicable) and other Personal Information such as bank account or credit card or debit card or other payment instruments. 
• Further, we may also collect, store and process such other Personal Information, including, but not limited to, information about your transaction undertaken on the Website, communication made by you, information generated electronically when you visit the Website or use our Services and any modifications made to the information provided by you. 
• The third parties engaged by the Company who provide a range of services like website hosting, digital signature verification, etc. and the Website may collect general information about our Website visitors for security and statistical purposes. Such information may include, but is not limited to, certain automatically generated information including your IP address, internet address of the referral site which brought you to visit our Website, date and time of visiting the Website, the name and version of your web browser, online activity, and duration of your online session. We and/or third-party service providers engaged by us may monitor and collect such information that will enable us to verify your credentials, maintain reasonable security practices, enable inclusion of better Services, fulfill your requests and enhance your user experience. 

2. Use of cookies and other tracking technologies

A “cookie” is a small piece of information stored by a web server on a web browser so it can be later read back from that browser (“Cookie”). Company uses Cookies and tracking technologies, depending on the features offered. Personal Information will also be collected via Cookies and other tracking technologies. You are free to disable/delete these cookies by changing your device and browser settings. In some cases, you must accept the Cookies in order to view our Website. Aggregate Cookie and tracking information may be shared with third parties. Additionally, certain advertisements may be displayed on our Website as well as on third-party websites. In case you click on an advertisement on a third-party website, the use of Cookies on such websites will be governed by their respective terms and conditions, which you may or may not choose to accept. 

3. Purpose of Collection and use of Personal Information 

The Personal Information provided by you may be used by us and provided to third party websites, affiliates, consultants, employees in order to manage, collect, store, and process the Personal Information in order to improve the quality, design, functionality and content of the Website and to any governmental authority under applicable law for the following purposes:

• Purposes related to the Website: The Personal Information shall be used for purposes only in relation to the Website and not for any other purposes.

• Communication Purposes: The Personal Information provided by you shall be used to communicate with you by us through newsletters, updates, notifications and other forms of communication. The communication with you might be recorded but will be kept confidential otherwise than when asked to disclose to any governmental authority under applicable law.
• Marketing and Promotional Communications: We use Personal Information to send notices (if consent is provided) of special promotions, offers or solicitations; and in general (if consent is provided), to promote and market Company's business and various products.
• Enforce Terms and Conditions and Policies: We use Personal Information to enforce our terms and conditions and policies for business purposes, legal and contractual reasons.
• Comply with Legal Obligations: We use Personal Information to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
• Internal Administration and Audit: We use Personal Information for internal administrative and auditing purposes.
• Online Surveys: Occasionally, we use your Personal Information to complete optional online surveys that ask you for your contact information and demographic information (such as pin code, age, etc.). We use this data to tailor your experience on the Website.
• Request Feedback: We may use your Personal Information to request feedback via calls/emails/survey tools and to contact you about your use of our Services.   
• Other Business Purposes: We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Services or Websites/ apps, products, marketing and your experience.
• Others: As described to you when collecting your Personal Information.

4. Disclosure of Personal Information
   1. Any Personal Information provided by you shall be made available to only our third parties and employees that are connected with or in relation to the Services of the Website. Such third parties shall not disclose the Personal Information disclosed to them further. Further, such third parties will process the Personal Information in accordance with applicable laws.
   2. Other than as set out above, we shall not disclose the Personal Information to any third party, provided that such information may be disclosed to governmental agencies or bodies and legal or judicial authorities, as required under applicable law or to exercise legal rights or defend legal claims or protect the safety of other users or public or our rights, without obtaining Users’ express consent. 
   3.        In case where the Company is merged with, or acquired by, another company or its business is transferred/sold to another company, or in case of re-organization or re-structuring of our business, we may disclose or transfer your Personal Information, wholly or in part, to another business entity, and you consent to such disclosure or transfer.
   4. The Company may, in performance of a lawful contract between you and the Company or any person on the Company’s behalf, also transfer any Personal Information collected to any other body corporate or a person in India, or located in any other country, that ensures the same level of data protection that is adhered to by the Company as provided for under the SPDI Rules.
5. Privacy rights of the User 
   1. We strive hard to keep our records updated and accurate with your latest information. You shall be responsible to ensure that the information or data you provide from time to time is and shall be correct, current and updated and you have all the rights, permissions and consent to provide such information or data. You agree and understand that we shall not be liable for the authenticity of the Personal Information provided by you.
   2. You shall provide us with all the Personal Information requested from you, on the Website or through any other mode of communication. You are not legally obligated to provide us with all the Personal Information. However, complete functionality of the Website shall not be rendered possible if you fail to provide us with certain necessary information for the purpose of the Services of the Website. 
   3. Based on technical feasibility, we will provide you with the access to all Personal Information that we maintain about you. We will perform verification before providing you access to this information. You may request access, correction or updation of the information by writing to us at the contact information provided at the bottom of this page.
   4. Additionally, we may not be able to process your request for correction or updation, in case the same is not supported by valid documents or data retention if required by the applicable law or law enforcement requests or under any judicial proceedings or it is extremely difficult to implement (such as requests related to backup copies or if a new system is required to process the request or change of technical design) or risks the privacy of other users.
   5. You also have an option to dissent and/or withdraw the consent given earlier by sending a request to us at the contact information provided at the bottom of this page. Please mention “for withdrawal of consent” in the subject line of your communication. We will verify such requests before acting upon your request.
   6. You may note that the withdrawal of consent will not be retroactive and will be in accordance with the terms of this Privacy Policy, related Terms of Use and applicable laws. Further, the withdrawal of consent may hamper your access to the Website or restrict provision of our Services to you for which we consider that information to be necessary.
6. Data Retention
   1. We retain your Personal Information in accordance with applicable laws, for a period no longer than is required for the purpose for which it was collected or as required under any applicable law. However, we may retain data related to you if we believe it may be necessary to prevent fraud or future abuse, to enable us to exercise our legal rights and/or defend against legal claims or if required by law or for other legitimate purposes. We may continue to retain your data in anonymized form for analytical and research purposes.
7. Links to third-party websites
   1. The Website contains links to third-party websites. We are not responsible for any content on such third-party websites and we shall not be liable for any breach of this Privacy Policy by such websites. You undertake to read and understand the Privacy Policy of such third-party websites. For the avoidance of doubt, our Privacy Policy only governs the Personal Information collected, received, processed, stored, dealt with or handled for the purposes of Services on our Website.
8. Notification and Updates sent by the Website
   1. We send an email notification to individuals once they sign up to avail Services of Company Website as a Buyer/Supplier/Financier. We will send security-related email notifications once you sign up for “notify me” updates on your account(s). Further, we may send email notifications whenever you change your passcode, security question or designated email address.
9. Security Practices
   1. The Personal Information shall be governed by and protected by us according to the security practices and procedures mandated under the Act and more particularly described under the SPDI Rules.
   2. The Company and our third-party service providers have developed stringent policies and procedures to safeguard the Personal Information.
   3. The Website and our third-party service providers maintain strong physical, electronic and procedural controls to protect against unauthorized access to Personal Information. Our computer systems are protected in the following ways:

• Computer anti-virus protection detects and prevents viruses from entering our Website, email, and computer network systems.
• Firewalls and intrusion prevention systems block unauthorized access by individuals or networks.
• We use encryption technology, such as secure socket layer, to protect the transmission of your Personal Information. Whenever you log in to the Website, the communication is encrypted. Encryption scrambles the transferred data which ensures that it cannot be read by any unauthorized parties.
• We use strong multi-level authentication and behavior analysis to help prevent unauthorized access to your accounts. Multi-level authentication can help prevent access by someone who may have stolen your login credentials.
• We continually monitor technological advances and upgrade our systems to ensure your information remains secure.

10. Beware of Phishing Attempts and Interest Scams
    1. While email is convenient and has a good business use, it can also be misused by criminals for scams and various other fraudulent purposes. “Phishing emails” are frequently used by criminals to entice the recipient to visit a fraudulent website where they try to convince the recipient to provide Personal Information. Some of these fraudulent websites may also be virus laden and can be used to download malware to your computer. Fraudulent websites often look identical to a legitimate site, so it is important to look very closely at the website address. Below we have listed a few tips to help protect your Personal Information on the internet:

• Always be wary of links in emails, especially any links in emails purporting to be from the Website. 
• Bookmark the Website and use this bookmark every time you visit the Website, and follow this same approach for all financial websites.
• Whenever you enter Personal Information like your access ID or passcode, always look for the lock symbol, or https: in the address bar. Always click on the lock symbol and review the certificate details.
• Update your internet browser. Most browsers now offer free anti-phishing toolbars that can help alert you of fraudulent websites.
• Make sure that your computer always has up-to-date versions of both anti-spyware and anti- virus software.
• If you receive an email that you think could be a scam, delete it immediately or contact the helpline numbers of the Website.
• If you have any questions about the legitimacy of an email, especially an email from this Website, you can also contact us at the numbers or email id provided under the “contact us” section of the Website.

11. Alteration of the Privacy Policy
    1. This Privacy Policy may be amended, modified or refined from time to time at our sole discretion and the updated Privacy Policy shall be published on the Website and no separate communication shall be made in respect of the same. It shall be your responsibility to keep yourself updated regarding changes to the Privacy Policy by regularly checking the Website for updates. Usage of the Website’s Services pursuant to a change in its Privacy Policy shall be deemed to be acquiescence of the changed Privacy Policy on your behalf.
12. Disclaimer of liability for Personal Information Security
    1. We take appropriate measures as envisaged under Clause 9 of this Privacy Policy for the protection of the Personal Information. All employees, consultants, screening committee members, mentors, and officers shall always be kept updated of the security and privacy protection procedures or methods. (We take appropriate disciplinary measures to enforce employee privacy and confidential responsibilities. We have established training programs to educate our employees about the importance of customer privacy and to ensure compliance with our policy requirements).
    2. Notwithstanding the aforesaid, despite our efforts to maintain privacy and confidentiality of the Personal Information, we may not be able to protect or prevent the unauthorized access or use, software failure or fault, or other factors that may compromise the security of the Personal Information.
    3. You agree and understand that the Internet is not a secure source and therefore, we cannot guarantee the protection of the Personal Information.
    4. For the avoidance of doubt, if any Personal Information is compromised despite our efforts to prevent the occurrence of the same, you shall not hold us liable for such breach of privacy protection under this Privacy Policy of the Website.
13. Grievance Redressal Mechanism
    1. In case of any queries/feedback/grievance, the User(s) may write to us at and /or for further escalation, User may reach out at the following address, providing all necessary details regarding such query or grievance:

Name: Suyash Shukla
Designation: Grievance Officer 
Email: grievance.support@c2treds.com