Orin Financial Advisory Private Limited
Legal

Privacy Policy

Orin Financial Advisory Private Limited · DhanLY

Legal Entity
Orin Financial Advisory Private Limited
Brand / Platform
DhanLY | www.dhanly.in
Registered Office
2nd Floor, 8/42, Kirti Nagar Industrial Area, New Delhi, West Delhi – 110015
Customer Support
+91-9818896345 | wecare@dhanly.in
Grievance Email
grievance@dhanly.in
Jurisdiction
Gurugram, India

This Privacy Policy explains how Orin Financial Advisory Private Limited, through its brand DhanLY, collects, receives, stores, uses, processes, shares, protects, retains and deletes information of Users who access or use the Platform.

This Policy forms part of the DhanLY Terms & Conditions. By accessing the Platform, submitting information, providing consent, initiating a loan journey, requesting credit insights, communicating with us, or using our Services, You agree to this Privacy Policy and the specific consent notices presented during the journey.

1. Scope and Applicability

This Policy applies to information collected through the DhanLY website, web application, digital forms, landing pages, communications, support channels, integrations, APIs, SDKs, cookies, analytics tools and partner-assisted onboarding journeys operated by OFAPL.

This Policy is intended to align with applicable Indian laws, including the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, applicable intermediary rules to the extent relevant, RBI digital lending requirements applicable to LSPs, credit information regulations, and applicable data protection principles. Where a stricter requirement applies under law or lender policy, OFAPL will endeavor to comply with such requirement.

2. Who We Are

Orin Financial Advisory Private Limited is a company incorporated under the laws of India, having its registered office at 2nd Floor, 8/42, Kirti Nagar Industrial Area, New Delhi, West Delhi – 110015. OFAPL operates the brand DhanLY and the Platform available at www.dhanly.in

OFAPL acts as an independent LSP, technology and facilitation platform. It may collect and process User information for facilitating loan discovery, application processing, identity verification, lender matching, bureau consent, KYC assistance, customer support, servicing, repayment reminders, collection support where appointed, fraud prevention and related services.

3. Information We Collect

We collect information that You voluntarily provide, information generated through Your use of the Platform, information received from Lending Partners or service providers, and information obtained from authorized sources based on Your consent or as permitted by law.

The nature of information collected may vary depending on the Service, lender policy, product, eligibility stage, regulatory requirement and consent provided by You.

  • Identity information: name, mobile number, email address, date of birth, gender, PAN, Aadhaar-linked verification status where applicable, photographs or selfie where required for onboarding.
  • Contact and address information: residential address, office address, pin code, city, state, communication preferences.
  • Employment and income information: employment type, employer name, office address, income details, salary credits, turnover, business details where relevant.
  • Financial information: bank account number, IFSC, bank statements, repayment details, mandate status, loan transaction details received from Lending Partners where required for servicing or support.
  • KYC and verification documents: CKYC details, Digilocker documents, government-issued KYC documents, Video KYC records, PAN verification, liveliness and fraud check outputs.
  • Credit information: bureau information accessed with Your explicit consent from CRIF Highmark and/or Experian for eligibility assessment, credit insights, risk evaluation or loan processing.
  • Technical and device information: IP address, operating system, browser type, device identifiers, session data, clickstream, timestamps, referral source, cookies, analytics events and fraud prevention signals.
  • Communication information: call records where lawfully recorded, chat logs, WhatsApp/SMS/RCS/IVR/email interactions, support tickets, complaints and feedback.

Device and Technical Information

We may automatically collect device and technical information such as IP address, device and browser details, operating system, screen settings, timezone, language preferences, and device fingerprinting data to prevent fraud, enhance security, improve our services, and comply with legal requirements.

4. Information We Do Not Access Without Necessity

DhanLY does not access mobile phone resources such as contact lists, call logs, telephony functions, files, media, SMS inbox or biometric data unless a specific feature is introduced with explicit consent and in compliance with applicable law and lender requirements.

Where camera, microphone or photo access is required for selfie, liveliness check, Video KYC or document upload, such access will be limited to the specific purpose and based on Your consent.

5. Purpose of Collection and Processing

We process information for lawful, consented and legitimate business purposes connected with the Services requested by You and the obligations of OFAPL, Lending Partners and service providers.

  • To register, authenticate and identify You on the Platform.
  • To assess eligibility and match You with suitable Lending Partners.
  • To process loan applications, KYC, Video KYC, CKYC, Digilocker retrieval, PAN verification, employment verification, bank account verification, fraud checks, eNACH or UPI mandate setup and loan document execution.
  • To obtain and analyze credit information from CRIF Highmark and/or Experian based on Your explicit consent.
  • To display offers, KFS, APR, charges, repayment details and product disclosures.
  • To provide customer support, grievance redressal, consent withdrawal and data deletion assistance.
  • To send transaction, servicing, reminder, compliance and consented marketing communications through call, SMS, WhatsApp, RCS, IVR, email, push or other lawful channels.
  • To detect, prevent and investigate fraud, misuse, identity theft, security incidents, prohibited activity or policy violations.
  • To comply with legal, regulatory, contractual, audit, tax, accounting and reporting obligations.
  • To improve the Platform, user experience, analytics, risk models, operational processes and product offerings, including through aggregated or anonymized insights.

6. Legal Basis and Consent

We collect and process information based on Your consent, performance of Services requested by You, compliance with legal obligations, regulatory requirements, fraud prevention, legitimate business interest and contractual requirements with Lending Partners or service providers.

Where explicit consent is required, including for credit bureau access, KYC document retrieval, communication channels, bank verification, mandate setup, or sensitive data processing, We will seek such consent through digital consent artefacts, checkboxes, OTP, e-sign, clickwrap, journey screens or other lawful methods.

7. Bureau Consent: CRIF Highmark and Experian

With Your explicit consent, OFAPL may access, receive, analyze and process Your credit information from CRIF Highmark and/or Experian as Your authorized agent for the purpose of credit eligibility assessment, credit insights, lender matching, application processing, risk assessment, fraud prevention, and providing You with relevant Services.

You acknowledge that credit information is sensitive and may influence eligibility outcomes. OFAPL does not control bureau data and is not responsible for inaccuracies in credit information received from credit information companies. For correction of bureau records, You may contact the relevant credit information company directly or raise a grievance through the channels listed in this Policy.

8. Sharing and Disclosure of Information

We may share Your information with Lending Partners, technology providers, KYC providers, Digilocker/CKYC providers, bureau providers, payment and mandate providers, communication providers, analytics providers, cloud infrastructure providers, collection partners where appointed, legal advisors, auditors, regulators, law enforcement agencies and other authorized persons strictly for lawful purposes connected with the Services.

We do not sell Your personal information. We require third-party service providers to use information only for contracted purposes and to maintain reasonable confidentiality and security standards. However, third-party systems may have their own terms and privacy practices, and You should review them where applicable.

  • Lending Partners for eligibility, sanction, disbursement, KFS, documentation, servicing, repayment, reporting and collections.
  • Service providers for OTP, WhatsApp, SMS, RCS, IVR, email, CRM, cloud hosting, fraud checks, KYC, banking verification, eNACH/UPI mandate and analytics.
  • Credit information companies, including CRIF Highmark and Experian, based on Your consent and applicable law.
  • Regulators, courts, government authorities, law enforcement agencies or other persons where disclosure is required by law, order, investigation, audit or compliance obligation.
  • Successors or acquirers in connection with merger, acquisition, restructuring, sale of business or corporate transaction, subject to applicable law.

9. Communication Consent

By submitting Your mobile number, email address or contact details, You authorize OFAPL, DhanLY, Lending Partners, service providers and authorized representatives to contact You for application processing, eligibility, offers, KYC, verification, onboarding, servicing, repayment reminders, collections, support, consent management, transaction updates and other related purposes through call, SMS, WhatsApp, RCS, IVR, email, push notification or other electronic channels.

Such communications may be made even if Your number is registered under DND/NDNC, to the extent permitted under applicable law for servicing, transaction, compliance or consented purposes. You may withdraw or manage Your consent by contacting us; however, essential communications relating to active loans, legal notices, repayments, fraud prevention, servicing, collections or regulatory obligations may continue as permitted by law.

10. Cookies, Analytics and Tracking Technologies

We and our authorized service providers may use cookies, pixels, SDKs, tags, analytics scripts and similar technologies to operate the Platform, remember preferences, measure campaigns, analyze trends, understand user behavior, improve user experience, prevent fraud and maintain security.

You may disable cookies through browser settings; however, some Platform features may not function properly. Where required, We will seek consent for cookies and tracking in accordance with applicable law.

11. Storage, Localization and Security Measures

We endeavor to store and process information in India in accordance with applicable law and lender requirements. We use reasonable physical, technical, administrative and organizational safeguards to protect information from unauthorized access, alteration, disclosure, loss, misuse or destruction.

Security measures may include encryption in transit, encryption at rest where feasible, SSL transmission, access controls, role-based permissions, audit trails, secure cloud infrastructure, data backup, disaster recovery processes, employee training, vendor controls and periodic security reviews. No method of transmission or storage is completely secure, and We cannot guarantee absolute security.

12. Data Retention

We retain information only for as long as necessary for the purposes described in this Policy, for providing Services, for active loan or application obligations, for legal and regulatory compliance, for audit and dispute purposes, for fraud prevention, for enforcing rights, and as required by Lending Partners or applicable law.

Where data is no longer required and deletion is not restricted by law, lender instruction, active loan, dispute, fraud risk, audit requirement or compliance obligation, We will delete, anonymize or render it non-identifiable to the extent technically feasible.

13. User Rights: Access, Correction, Withdrawal and Deletion

Subject to applicable law, You may request access to information shared by You, correction of inaccurate or incomplete information, withdrawal of consent, and deletion of personal data. You may submit requests through the Platform where available or by writing to wecare@dhanly.in or grievance@dhanly.in.

Withdrawal of consent may affect Your ability to use the Platform or complete a loan application. If Your information has already been shared with a Lending Partner for an active application or sanctioned loan, the Lending Partner may continue to process and retain such information in accordance with law, lender policy, contract and repayment obligations. We may also retain information where required for legal, regulatory, audit, dispute, fraud prevention or legitimate purposes.

14. Process to Request Data Deletion

You may request deletion of Your data by using the data deletion option on the Platform where available, submitting the prescribed online form if provided on the Platform, or writing to wecare@dhanly.in with Your registered mobile number and request details.

We may verify Your identity before processing deletion requests. If You used multiple mobile numbers, You should provide all relevant identifiers to help us locate associated data. Deletion may not be immediate where third parties need to be notified, where retention is required by law, or where there is an active loan, pending application, dispute, investigation or regulatory obligation.

15. Children and Minors

The Platform is not intended for children or persons below 18 years of age. We do not knowingly collect information from minors. If We become aware that a minor has provided information, We may delete such information and terminate access, subject to legal requirements.

16. Security Incident and Breach Handling

DhanLY maintains internal breach response processes to identify, contain, investigate and remediate security incidents. In the event of a security incident affecting User data, We will take reasonable steps to assess impact, secure systems, mitigate harm and notify regulators, Lending Partners, affected Users or other stakeholders where required by applicable law or contractual obligation.

17. Third-Party Websites and Social Media

The Platform may include links to third-party websites, applications, forms, payment pages, bureau pages, lender pages or social media pages. This Policy does not apply to third-party platforms. You access third-party platforms at Your own risk and should review their terms and privacy policies separately.

Information posted on public forums, social media pages or community channels may be visible to other users. We are not responsible for how third parties use information You voluntarily make public.

18. Confidentiality and Vendor Obligations

We contractually require service providers and partners handling User information on Our behalf to maintain confidentiality and use such information only for authorized purposes. We take reasonable measures to ensure that third parties receiving information maintain security practices appropriate to the nature of the information and applicable law.

19. Business Transfers

If OFAPL is involved in merger, acquisition, investment, restructuring, sale of assets, business transfer or similar transaction, User information may be transferred as part of such transaction, subject to applicable law and safeguards. We will make reasonable efforts to ensure continuity of privacy protections.

20. Changes to this Policy

We may update this Policy from time to time. Updated versions will be posted on the Platform with the effective date. We encourage Users to review this Policy periodically. Where required by law, We may notify Users of material changes through appropriate channels.

21. Grievance Redressal and Contact Information

For privacy, consent, deletion, grievance or support requests, You may contact:

  • Customer Support: +91-9818896345 (10:00 am to 7:00 pm, Monday to Saturday, excluding holidays).
  • Grievance Phone: +91-9818896373
  • Grievance Email: grievance@dhanly.in
  • Nodal Officer: grievance@dhanly.in · +91-9818896373
  • General Support: wecare@dhanly.in
  • Website: www.dhanly.in
  • Registered Office: 2nd Floor, 8/42, Kirti Nagar Industrial Area, New Delhi, West Delhi – 110015.

We will endeavor to acknowledge and resolve grievances within timelines prescribed under applicable law and internal policy. For bureau-specific disputes, You may also contact CRIF Highmark or Experian directly through their official channels.

22. Governing Law and Jurisdiction

This Policy shall be governed by the laws of India. Subject to applicable law, courts at Gurugram, India shall have exclusive jurisdiction in relation to disputes arising out of or in connection with this Policy or the Platform.

23. Severability and No Waiver

If any provision of this Policy is found invalid or unenforceable, the remaining provisions shall remain valid and enforceable. Any delay or failure by OFAPL to enforce a right shall not constitute waiver of such right.

© 2026 DhanLY — Orin Financial Advisory Private Limited. All rights reserved.