LoanSignalPrivacy Policy
Legal

Privacy Policy

LoanSignal, A division of JiT Techlabs Private Limited Last updated: April 2026

In simple terms

What we collect: Your mobile number (for login OTP), GSTIN (to pull your GST filing data from the government portal with your consent), and bank statements (PDF files you upload for financial analysis).

Why we collect it: To assess your loan eligibility by analysing your GST filing patterns and bank statement data the same way banks evaluate loan applications internally.

Who we share it with: We use Protean GSP (a government-authorised GST Suvidha Provider) to access your GST data with your OTP consent. We use Gupshup for sending OTP messages. We use Amazon Web Services (AWS) for secure hosting and data storage. We do not sell your data to anyone.

How long we keep it: Your GST data, bank statements, and eligibility reports are retained for 12 months from the date of your last assessment. You can request deletion at any time.

Your rights: You can view, correct, or delete your data by emailing dr@loansignal.in. We will process deletion requests within 15 working days.

1. Overview

The objective of our Privacy Policy is to explain the User about the collection, storage, use, sharing and protection of Users personal data and how the Company enables Users rights in relation to use and access of Website and mobile app through the contents displayed on Website. Our Company is transparent about the personal data which we collect, use, share and store.

This Privacy Policy applies to LoanSignal, A division of JiT Techlabs Private Limited its holding, subsidiaries, affiliates (hereinafter referred to as Company or We/we) and User of the Website. It describes the use, storage and sharing of the personal data information of the User collected and received by the Company through the Website (www.loansignal.in) and the mobile app (collectively referred to as Website).
Personal information is information about User like name, age, postal address, email address, phone number/mobile number, business name, credit information report, bank statement, legal status, KYC documents, financial statement, any other performance statement, device IP address or unique device ID and information related to the personal identity which is essentially required to avail the services offered by the Website to its User at large. We never access or acquire any digital data i.e., call logs, media files, contact list or any such type of stored digital data in your mobile or any electronic device.
In addition to the above, the Company specifically collects and processes the following data through the Website:
GST Filing Data: Upon your explicit OTP-based consent, the Company retrieves your GST filing records (including GSTR-1, GSTR-3B, and GSTR-2B returns) from the GST Network (GSTN) through Protean GSP, a government-authorised GST Suvidha Provider. This data includes your turnover, tax payments, filing history, buyer/supplier details, and compliance records for up to 24 months.
Bank Statement Data: You may voluntarily upload your bank statement(s) in PDF format for financial analysis. The Company extracts transaction data including credits, debits, balances, EMI payments, cheque bounces, and cash flow patterns. The original PDF files are stored securely on the Companys servers.
Loan Eligibility Assessment: The Company uses your GST data and bank statement data to compute a loan eligibility assessment using the same financial criteria that banks use internally. This includes calculation of debt-service coverage ratio (DSCR), fixed obligations to income ratio (FOIR), and cross-validation between GST turnover and bank credits.
This Privacy Policy governs the collection of all the information including personal information or financial information of the User of the Website while assessing the products, services, software, etc displayed or linked on the Website of the Company.
For the purpose of this Privacy Policy, the term User or you shall mean and include any individual who has completed 18 (Eighteen) years of age or any legal person or any artificial juristic person who is accessing the Website of the Company. The term Your shall be construed accordingly.

2. Acceptance

Each and every time you access, use, post, or browse the Website, you express your acceptance to the Terms of Use and this Privacy Policy. By use of the Website, you expressly consent to the Company to collect and use your information (personal or otherwise) as described in this Privacy Policy.
The User has every right to give or deny consent for use of their personal information or their personal data retention during the use of the Website. If any User does not wish to accept this Privacy Policy, that particular User would not be authorized to browse the Website anymore.
If the User withdraws their consent to the processing of personal data information, the Company will cease the processing of such personal data information unless required under any provision of law.
Any Individual Person under the age of 18 is prohibited to use the Website and such minor person is not required to submit any personal information to the company and if the same is still done, it would be the minors own risk and consequences.
Acceptance of this Privacy Policy by the User is deemed freely given, specifically informed and unambiguously consent for the collection, storage, use, sharing and protection of Users personal data by the Company through its Website.

3. Collection of personal information

Website may ask User to provide personal information and the same will be received, collected, and stored by the Website at the time the User:

Visits or browses the Website
Requests quotes, services, support, or information
Requests for products or services
Applies for a financial product
Participates in surveys, sweepstakes, or other promotional activities
Subscribes to newsletters, promotional emails, or other materials
Applies for a job, submits a resume/CV, or creates a candidate profile
Contacts the Company/Website
Job applicants may be requested to provide information such as educational background, employment experience, and job interest.
We may also collect demographic information such as details of your business or company, age, gender, interests, preferences, and favourites. The forms that you fill in will indicate whether information requested is mandatory or voluntary.
We may collect information about your visits to Website, including the pages you viewed, links and advertisements you clicked, the searched terms you made, and other actions in connection with Website and services from the Company.
We may also collect certain information from the browser you used to access Website, such as advertising IDs, date, time and duration of accessing, Internet Protocol (IP) address, operating system, type and version, unique device ID, browser type and language, domain, the Uniform Resource Locator (URL) of the Website that referred you to the Website and to which URL you navigate from the Website if you click on a link on the Website.
To provide a more consistent and personalized experience in your interactions with the Company, information collected through one source can be combined with information obtained through other resources. The Website can also supplement the collected information with information obtained from other parties. User consents to collect and use of personal information for the purposes specified in this Privacy Policy or other purpose informed to User by the Company.

4. GST data consent and processing

The Company accesses your GST filing data from the GST Network (GSTN) exclusively through Protean e-Governance Technologies Limited (Protean GSP), a government-authorised GST Suvidha Provider, and only after receiving your explicit OTP-based consent.
The OTP for GST data access is sent by the GST Network to the mobile number registered with your GSTIN. By entering this OTP on the Website, you expressly authorise the Company to retrieve your GST filing data for the purpose of loan eligibility assessment.
The GST data retrieved includes but is not limited to: GSTR-1 (sales/outward supplies), GSTR-3B (summary returns and tax payments), GSTR-2B (purchase/inward supplies), filing history, taxpayer profile details, and e-invoice status.
You may revoke consent and request deletion of your GST data at any time by emailing dr@loansignal.in. Upon receiving such request, the Company shall delete all GST data associated with your GSTIN within 15 working days.
The Company does not modify, alter, or submit any data to the GST Network on your behalf. Access is strictly read-only for the purpose of financial analysis.

5. Bank statement processing

When you upload bank statement PDF files to the Website, the Company processes these files to extract financial transaction data. This processing is performed on the Companys secured servers and includes automated extraction of credits, debits, balances, EMI obligations, cheque bounce records, and cash flow patterns.
The original bank statement PDF files are stored on the Companys servers hosted on Amazon Web Services (AWS) infrastructure located in the Asia Pacific (Mumbai) region. These files are retained for the duration specified in the Data Retention section of this Policy.
Bank statement data is used exclusively for the purpose of loan eligibility assessment and is not shared with any third party except as disclosed in the Disclosure of Personal Information to Third Parties section of this Policy.
If your bank statement PDF is password-protected, you will be asked to provide the password on the Website. This password is used solely for the purpose of extracting data from the PDF and is not stored by the Company.

6. Storage of customer details

The Website shall store the information provided by the User as long as to serve the purpose of the processing. The Company may also retain some of that information for long as is necessary to fulfil any legal or regulatory requirements and the purposes for which it was collected as prescribed by the law.
The Company shall retain the information of the User till the time the User requests to delete/forget such information. The request to delete/forget such information provided by the User on the Website shall only be done after receiving a request on dr@loansignal.in. The Company shall delete/forget the data within a reasonable period which might be 15 (Fifteen) working days upon receiving the deletion request. Upon deletion, the User shall receive an email from the Company, informing that the information has been deleted and no data remains within the domain of the Website. However, in some instances, we will be unable to facilitate requests for the deletion of your data within 15 (Fifteen) working days, in compliance with legal obligations, or in accordance with applicable laws, which may require us to store data for longer periods of time.

7. Data retention policy

The Company retains different categories of User data for specified periods as outlined below:

User account data (mobile number, name, role): Retained until the User requests deletion, or for a period of 24 months from the Users last login, whichever is earlier.
GST filing data: Retained for a period of 12 months from the date of the last assessment or data pull. After this period, the data is automatically deleted from the Companys systems.
Bank statement PDF files: Retained for a period of 12 months from the date of upload. After this period, the original PDF files are permanently deleted.
Loan eligibility reports: Retained for a period of 12 months from the date of generation.
Audit logs and API call records: Retained for a period of 12 months for security, debugging, and compliance purposes.
Notwithstanding the above, the Company may retain certain data for longer periods where required by applicable law, regulation, or legal proceedings.
Users may request early deletion of their data at any time by emailing dr@loansignal.in. The Company shall process such requests within 15 working days.

8. Data protection

The Company assures User that all the data/personal information provided by User of the Website to the Company for any purposes whatsoever will be treated as confidential and duly protected by the Company. The Company shall take all reasonable steps to ensure that the data/information is protected at all times and that the same is not put to any unauthorized use.
The security and confidentiality of Users personal information are very important, therefore We put in place all technical and operational security measures to protect your personal information from unauthorized access or use, ensuring that we can always restore information in case of data corruption, loss, or disaster recovery situation.
The Company does not seek any biometric verification. The Company shall not be held responsible if the User provides their biometric to any individual purportedly from or claiming to be from the Company or acting in their individual capacity or anyone.
The Company is committed to compliance with the Digital Personal Data Protection Act, 2023 (DPDPA) and any rules or regulations notified thereunder. The Company processes personal data in accordance with the provisions of the DPDPA, including but not limited to obtaining consent, purpose limitation, data minimisation, and ensuring the rights of Data Principals as defined under the Act.

We may use the information we collect to:

Provide superior services and support and perform transactions on your request including recommend a lender to provide financing based on your requirements
Keep you apprised of information and developments that you may find of interest
Alert you to new features, terms, content, products or services
Contact you regarding your posts, replies, and/or account information
To solve disputes, troubleshoot problems and prevent fraud, prohibited and illegal activities
Process and respond to your inquiries
Improve the Website and to customize your experience with the Website
Enforce the Terms of Use of the Website
Send communications to you, such as the status of your transactions, information about products and services, promotional offers, and surveys
Customise, analyse, and improve our products, services, technologies, communications and relationship with you
Generate analytical/statistical data through online/offline tools in order to improve overall experience/performance of the Website
Protect the security or integrity of the Website, our business, or our products or services
The User authorises the Website to transmit email to respond to communications and administer the above noted process for the benefit of the User. We will collect and use individual User details only where we have legitimate business reasons and are legally entitled to do so.
We will use personal data only for the purpose(s) for which they were originally collected, and we will ensure personal data are securely disposed of after the completion of its mandate.

9. Disclosure of personal information to third parties

You agree that we may share your personal information with third parties solely in order to render the services offered by the Website. These third parties may include but not be limited to affiliates, service providers, business partners and potential financing parties and lenders, storage providers, data analytics providers, consultants, auditors, and lawyers.

Third-party data processors

The Company engages the following third-party service providers who may process your data:

ProviderPurposeData shared
Protean e-Governance Technologies LtdGST data retrieval from GSTN with user OTP consentGSTIN, OTP, API credentials
Gupshup Technology India Pvt LtdSMS OTP delivery for user authenticationMobile number, OTP message
Amazon Web Services (AWS)Cloud hosting, data storage, email deliveryAll application data (Mumbai region, India)

We may disclose your personal information to agents under confidentiality or similar agreements, including vendors, payment processors, and advertisers, to:

Provide services to you
Administer our business or the Website
Provide customer service
Update account information
Forward updates, announcements, and newsletters
Respond to your communications and communicate with you about the Website
In the event of any reorganisation, merger, sale, joint venture, assignment, transfer or disposition of all or any portion of the Websites business or operations
As otherwise authorised by you

Please note that we do not sell or share your information with third parties for marketing purposes.

10. Other disclosure

We may also disclose or share your personal information in connection with law enforcement, fraud prevention, or other legal actions; as required by law or regulation, or if the Company reasonably considers necessary to protect the interest of the Company or its customers.
We may disclose your information whenever we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities or fraud; situations involving potential threats to the physical safety of any person, to protect and defend the rights, property, or safety of the Company and its affiliates, Website, or Users of the Website.
We may disclose your name, email address, or other information including personal information, if:
Required to do so by law, court order or subpoena/summons, or as requested by other government, law enforcement, or investigating authority
We believe in good faith that such disclosure is necessary or advisable
We have reason to believe that disclosing your personal information is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties
If we determine that User violates our Terms of Use or the rights of a third party
In connection with a corporate transaction, such as a sale of a subsidiary or a division, merger, consolidation, or asset sale

11. Collection of information using cookies

We automatically receive and record non-personal information on our server logs from your browser as well as through other analysis of the Website. Non-personal information includes without limitation your Internet Protocol (IP) address, cookie information, the pages you request, type of computer operating system you use, the type of browser you use, the domain name of the Internet service provider, your activities while visiting the Site, and the content you accessed.
A cookie is a small file which asks permission to be placed on your computers hard drive. Once you agree, the file is added, and the cookie helps to analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual.
The Website does serve cookies to track individual site usage for later aggregation. But we do not use cookies in order to retrieve any information from your computer other than information originally sent in a Website cookie. We have no control over whether and how our advertisers use cookies that originate from their website.

12. User{'\u2019'}s responsibility

We go to great lengths to protect all of your information on our Website but you will also be responsible to provide correct and updated personal information to the Website.
Please keep in mind that whenever you voluntarily disclose personal information online for example through email that information can be collected and used by any third party, and you may receive unsolicited communication from other parties in return. Therefore, you should exercise caution and common sense in such disclosures.

13. Access to and update of personal information

The Company wants to maintain accurate personal information about you. To view or edit your personal information that has been stored online in your account, please email us at dr@loansignal.in. If your personal information changes, you may review/correct/update your personal information previously provided at any time.

14. Site information / Unsubscribe

From time to time, we may send you information with announcements and updates about the Website and your account. You may elect to opt-out of ongoing e-mail communication from us, such as newsletters, subscriptions, account information, promotional materials, contest results, survey inquiries, etc. by replying to the communication with the word unsubscribe in the body of your e-mail response.
You will receive marketing emails only from the Company and, if you choose, from carefully chosen third parties. It will be made clear to you where you have these choices.
Please note that in very rare situations, especially when we have database failures, your most recent changes might be lost. When this happens, we will do the best we can to get your changes back. Without prejudice to the other provisions contained here and in our Terms of Use, the Company shall not be liable for loss of data due to such database failure.

15. Links to third party sites

The Website may contain links to other sites that are not owned or controlled by the Company. Please be aware that we, the Company are not responsible for the privacy practices of such other websites. We recommend you examine the privacy statements posted on those other websites to understand their procedures for collecting, using, and disclosing personal information. This Privacy Policy applies only to information collected by the Website.

16. Security

We understand that storing data in a secure manner is important. We store personal information using industry standard, reasonable and technically feasible, physical, technical, and administrative safeguards against foreseeable risks, such as unauthorized access. Any transactions that take place on the Website are processed through our secured server in order to make every reasonable effort to ensure that your personal information is protected.
If a password is used to help protect your accounts and personal information, you are responsible for keeping your password confidential. Do not share this information with anyone. If you are sharing a computer with anyone you should always log out before leaving a site or service to protect access to your information from subsequent users.
We have implemented appropriate administrative, technical, and physical security procedures to help protect the personal information you provide to us as specified under applicable laws. Please be aware that the Website and data storage are run on software, hardware and networks which may experience problems or breaches of security beyond the Companys control despite the optimum care of maintenance.
On the Website, you may have the opportunity to follow a link to other sites that may be of interest to you. We are not responsible for the privacy practices of those sites, or the content provided thereon.

17. Policy changes and acceptance

Protecting your privacy online is an evolving area, and www.loansignal.in is constantly evolving to meet the demands. We, therefore, reserve the right to modify this Privacy Policy at any time. We may post any changes in this Privacy Policy with the latest updated date. Accordingly, you should check this Privacy Policy on a regular basis. Each time you access, use, or browse the Website, you express your acceptance of the then-current changes to this Privacy Policy.

18. Contact us

If User has any concern or query in relation to this Privacy Policy pertaining to the Users personal data information, User may address them to Companys Nodal Grievance Redressal Officer namely Mr. Praveen Hari through email (preferably) dr@loansignal.in or on phone number +91 9980621635 and the said officer will acknowledge the concern of the User within 24 hours of receiving the said concern and he will resolve the said concern of the User within reasonable time which may be 15 (Fifteen) days from the date of its receipt.