PRIVACY POLICY

This privacy policy (Privacy Policy) will help you understand what information we collect at the Company, why we collect it, how the Company uses it, including if and how we share the information with third parties, and the choices you have.

Capitalized terms in this Privacy Policy would have their meaning as set out under the Terms of Use. This Privacy Policy is incorporated into and is subject to the Terms of Use. By accepting the Terms of Use, you expressly consent to our use, processing, transfer and disclosure of your personal information in accordance with this Privacy Policy. When we talk about “we,” “our,” or “us” in this Privacy Policy, we are referring to the Company. When we talk about “you” in this Privacy Policy, we are referring to the User.

By clicking on the "I Agree" button below, you expressly agree to the terms of this Privacy Policy, for your use of the Florence mobile application (the App) and for the collection, processing, storage, use, disclosure, transfer and otherwise handling of your data (including personal data, sensitive personal data, and credit information) in accordance with the terms contained below. Please note that you have the option to not provide your sensitive personal data to us, however, we will not be able to provide you with access to the App in case you select to do so.

We may revise the Privacy Policy from time to time. While we may not be able to separately notify you of the revisions each time that we make them, we will notify you and obtain your consent for any changes that we make to this policy when required under law. We encourage you to check this page periodically for modifications or revisions to the Privacy Policy to understand how it affects the use of your information. We will not be responsible for your failure to remain informed about such changes.

A. INFORMATION WE COLLECT AND RECEIVE

1. Personal Information Collected from You.

The data that we collect from you may contain 'sensitive personal data or information' or 'personal information' as defined under the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (Data Protection Rules). The personal information which the Company will collect, store, use, process, and transfer may include but is not restricted to: name, gender, date of birth, bank account details, home address, email IDs, phone-numbers and other contact information of the User. With your consent, we may also collect documents that may serve as proof of identity and address, the details of your income and expenditure and personal information through surveys conducted by us. We may extract any and all identifiers from these documents and surveys, and use them for the Purposes mentioned below, in accordance with law. You are not required to provide your Aadhaar number for the use of this App and the submission of your Aadhaar number is entirely voluntary.

Third parties such as credit information bureaus, payment gateways and our partner NBFC may also process your personal information separately. To the extent not specified in this Privacy Policy, any processing of your personal information by such third parties will be governed by the terms of their privacy policies, which are set out below and you may have to sign up to some of these policies: Equifax (Equifax Inc), Perfios(Perfios Account Aggregation Services Pvt Ltd), Karza(Karza Technologies Private Limited), Apollo Finvest (Apollo Finvest India Limited), Crif (CRIF High Mark Credit Information Services Private Limited) and Cashfree (Cashfree Payments - Payment Gateway, eNACH & API Banking for India)

2. Other Personal or Sensitive Personal Information You Provide

● Account creation information: Users provide information such as an email address and password, including by way of logging in to an existing social networking service such as their Google account.

● Billing and other information: For loans processed through the App, our partner non-banking financial companies (NBFC) and/or third party vendors (such as credit information companies and identity verification agencies) may collect and store your information on our behalf, may pass some of your information to us. We may also collect this information ourselves and pass some of this information on to them for processing. We will act on your behalf to enable you to provide your credit information to our partner NBFC Apollo Finvest (India) Limited. This information includes the information contained in your credit information reports, bank statements, electricity bills, landline or mobile phone bills, credit card statements, gas utility bills or ration card, your mobile recharge history, your demographic identity details such as your name, date of birth, phone number(s), address(es), type of residence, profession and nature of employment, details of employer, date of receipt of salary, mode of receipt of income, monthly income, information in relation to your bank account such as deposits, transaction history, and issue or bounce of a cheque, and your photograph. We may also collect information to assist you and our NBFC partner with carrying out your Know Your Customer (KYC) check. For this purpose, you would mandatorily need to provide your PAN card, and as an address proof one of the following four documents - your Aadhaar, your driving licence, your voters ID, or your passport. If you would like to provide your Aadhaar as the proof of identity, a Paperless Offline e-KYC (OKYC) will be carried out on behalf of the partner NBFC. The OKYC process will involve the generation of an XML file, which will contain certain information about you including your name, photograph, date of birth, address, gender, masked Aadhaar number, etc.

● Payment Information: To enable our partner NBFC and our third party payment services vendors to disburse your loan amounts and to collect any payments or repayments or other fees, including through auto-debits, we will need to collect the financial information you provide for this purpose including your loan account number, your credit card number, your debit card number, your bank account number, bank IFSC code, your UPI handle, payment wallet information and net-banking details. The information we collect would depend on the payment method that you use. We may pass this information on to our third-party payment services vendors and to our partner NBFC, or these entities may also directly collect this information from you.

● App information: The Company may directly or through its third-party vendors collect user information such as SMS, contacts and location data from the device on which it is installed. This also includes information collected by the Company about how you are accessing and using the App, which will include administrative and support communications with us and information about the purchases made through the App. We may access certain aspects of your device to enable you to use the App. For instance, we may access the camera (only once) so that you can upload a photo for verification purposes, we may access your device's storage so that you can store your KYC documents and upload them to the App and we may access the list of contacts on your phone to autofill certain details on the App.

● Other Apps: With your permission, the App may read and collect your SMS data from your device. Further, we may also collect information about the apps installed on your device, including their name, date of installation, and period of use for the purposes of carrying out a fraud check. However, no in-app data will be collected from these other apps.

● Account information: With your permission, we may collect information about your other accounts on the device including your social media accounts and your contact information from these accounts. We may also collect your phone number and email address to contact you. You may also receive SMSs, emails, phone calls, etc., in connection with the App.

● Log data: We collect information that your browser or mobile device sends whenever you visit or use a App. This log data may include your Internet protocol address, the address of the web page you visited before using the App, your browser type and settings, the date and time of your use of the App, information about your browser configuration and plug-ins, language preferences, and cookie data.

● Device information: We may collect information about the device you are using the App on, including IMEI number of the device or any other device ID, information about your SIM card, operating system, device settings, application IDs, unique device identifiers, running apps and crash data. We may also collect network information about your device such as your WiFi and Bluetooth connections, your network connectivity and your access to any network.

● Geo-location information: We will collect your geo- location data from your device with your permission along with network-based location information about your Wi-Fi and IP addresses received from your browser or device.

● Third party data: The Company may also receive information from affiliates in our corporate group, our partners, or others that we use to make our own information better or more useful. This might be aggregate level information, such as which IP addresses go with which pin codes, or it might be more specific information, such as about how well an online marketing or email campaign performed.

3. Retention The information above would be collected and retained by the following entity:

Hora Education & Services Pvt Ltd

We will not retain any sensitive personal data or information for longer than is required for the purpose for which such data or information was collected, or may lawfully be used, or is otherwise required under any other law for the time being in force. We may retain anonymized data for as long as is required.

4. Our Cookie Policy

We use cookies and similar technologies like single-pixel gifs and web beacons, to record log data. We use both session-based and persistent cookies. Cookies are small text files sent by us to your computer and from your computer or mobile device to us each time you visit the App. They are unique to your account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire. Some cookies are associated with your account and personal information in order to remember that you are logged in and which accounts you are logged into. Other cookies are not tied to your account but are unique and allow us to carry out site analytics and customization, among other similar things.

B. PURPOSE OF COLLECTION

In addition to the purposes mentioned in Part A.2 above, the Company may process information including sensitive personal data or information concerning you both internally and externally (so far as reasonably necessary) for the purposes mentioned below (the purposes in A.2 and contained below together Purposes).

You have the option to refrain from disclosing your sensitive personal data or information to the Company. You will also have the option of withdrawing consent previously provided to the Company. However, exercising this option will hamper the Company's ability to provide you with any or all of the features of the App. 1. Purposes. We use personal information of Users for the following purposes:

● General Purposes: The Company will access and use your data as reasonably necessary and in accordance with your instructions to (a) provide, maintain and improve the App; (b) prevent or address service, security, technical issues, or at your request in connection with support matters; (c) act in a manner required by law, and (d) act in the manner expressly permitted in writing by you.

● To improve our App and Services: We carry out research and analyze trends to better understand how Users are using the App and improve them. We may use your app to expand our services and business.

● To enable our partner NBFCs and our other vendors to offer you financial services and for these entities and us to provide you with services incidental and ancillary to the provision of these financial services: We will use your personal information and sensitive personal information to allow you to avail loans from our partner NBFC, and in order to assist the NBFC in processing loan applications made through the App. You acknowledge that this will include the use of this information for the verification of your identity, assisting our partners is making the decision to lend to you, the documentation for such lending, and the enablement and monitoring of the grant, disbursement and repayment of loans. You may have the option to share this info with third parties, for some rewards etc. in the future.

● To communicate with you by: o Responding to your requests: If you contact us with a problem or question, we will use your information to respond. o Sending emails and notifications: By accepting the terms of this Privacy Policy you give us the permission to send you App notifications and administrative emails and messages including text messages. You hereby consent to receiving text messages from us, however you have the option to opt out later. We may also contact you to inform you about changes in the App, its offerings, and important App related notices, such as security and fraud notices. These emails and notifications are considered part of the App and you may not opt-out of them. In addition, we sometimes send emails about new product features or other news about the Company. You can opt out of these at any time.

● Billing and account management: We use account data to administer accounts and keep track of billing and payments. We may use your account related info and other info available to us to process defaults.

● Communicating with you and marketing: We often need to contact you for invoicing, account management and similar reasons. We may also use your contact information (with us) for our own marketing or advertising purposes. You can opt out of these at any time.

● Investigating and preventing bad things from happening: We work hard to keep the App secure and to prevent abuse and fraud.

● Analysing and ensuring that great things do happen: We work hard to make our products intelligent; and any information from you, that we can use to make the App serve you better, we want to and will.

● As required by law: We use information collected from you to comply with, as well as to enable our partner NBFC and third party vendors (such as credit information companies and identity verification agencies) to comply with, as per applicable statutes.

This Privacy Policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable User of the App.

C. YOUR CHOICES

1. Your Data You provide us with instructions on what to do with your data. You have many choices and control over your data. For example, you may provision or deprovision access to the App, enable or disable third party integrations, manage permissions, change retention and export settings and transfer or assign your data.

2. Access to Personal Data or Information You will have the right, upon request, to access and review the personal information provided by you and held by the Company. Upon discovering that the information provided is inaccurate or deficient in any manner, you will have the right to request suitable changes or amendments to such information, which may be provided by the Company, when feasible.

3. Other Choices In addition, your mobile device may provide you with choices around how and whether location or other data is collected and shared. The Company does not control these choices, or default settings, which are offered by makers of your mobile device's operating system.

D. SHARING AND DISCLOSURE The Company will not publish or disclose your personal information pertaining without your prior consent, unless it is required to do so in order to facilitate use of the App, or for the Purposes (as indicated in Part B), or if mandated by law, or if you have previously provided your consent. The Company may disclose personal information with its employees, officers, agents, consultants, business associates, contractors, attorneys, etc., on a need to know basis for the Purposes. The Company will disclose any sensitive personal data and information if there is a legal requirement or if it is ordered to do so by a court of competent jurisdiction or to any government agency if required by law for the purposes of verification of identity, or for prevention, detection, or investigation of crime (including cyber incidents), or for prosecution or punishment of offences.

E. TRANSFER The Company may transfer personal information pertaining to you to third parties for the Purposes. You are expressly notified that the transfer may also be to foreign jurisdictions where your personal information may be processed by third-party service providers and vendors, or our group companies, in relation to the Purposes (as indicated in Part B).

F. SECURITY The Company ensures the confidentiality and security of the personal information and sensitive personal data and information provided by you by implementing comprehensive information security practices and standards as mandated by the Data Protection Rules. All our data is stored on server hosted in India. We have adopted the ISO 27001 security standard to protect the confidentiality and security of your information. G. GRIEVANCE OFFICER If you have any concerns or questions in relation to this Privacy Policy, you may address them to our grievance officer whose name and email address are as follows:

Priyanka Mandal

userpolicy@hora.ai

Hora Education & Services Pvt

Ltd G-92, Basement, Kalkaji, New Delhi- 110019