Introduction: At Revgensys Fintech Limited, your privacy is our utmost priority. Whether you are a Customer, Partner, Employee, or simply interacting with us, we are dedicated to protecting your privacy both in transit and at rest. This commitment is fundamental to maintaining our business integrity and reputation without affecting your daily activities. Below, we outline our privacy principles in detail.

Guiding Principles:

• Minimal Information: We collect only the necessary information required for business or specific transactions to ensure efficient and effective processes. This means we avoid excessive data collection, focusing on obtaining only what is essential for providing our services to you. For instance, during account registration, we ask for your name, email address, and phone number, which are crucial for setting up and managing your account.
• Efficient Processes: We implement streamlined processes for data sharing with employees, partners, and vendors, ensuring that data handling is both effective and sustainable. Our processes are designed to facilitate smooth operations while minimizing the risk of data breaches or unauthorized access. For example, when sharing data with third-party service providers, we ensure that data transfer mechanisms are secure and compliant with relevant data protection laws.
• Authorization Mechanisms: We enforce strict approval and authorization mechanisms to ensure that only authorized personnel can access collected information. This includes implementing role-based access controls, where access to data is granted based on the individual's job responsibilities. For example, only employees in the customer support department have access to customer service data to assist you effectively.
• Technological Measures: We utilize advanced technologies in our tools and applications to control and protect information usage, ensuring data security and privacy. This includes using encryption technologies to safeguard data during transmission and storage, as well as implementing intrusion detection systems to monitor for potential security threats. Our commitment to using cutting-edge technology helps us stay ahead of evolving security challenges.
• Purposeful Collection: All information collected serves a specific and well-defined purpose to avoid unnecessary data accumulation. We clearly define the purpose for which data is collected and ensure that it is used solely for that purpose. For example, if we collect your feedback through a survey, we use that information to improve our services and not for any other unrelated purposes.

Privacy Policy Overview:

This Privacy Policy explains how Txnbook, through various websites, platforms, and offline services, handles your data. It covers the following aspects:

• Definitions
• Data Collection
• Use of Collected Information
• Disclosures
• Security of Data
• Your Rights and Choices
• General Information
• Changes to the Privacy Policy
• Grievance Redressal

Definitions:

Customer, User, You, Your: Individuals, entities, or organizations engaged in transactions with Txnbook. This includes all parties interacting with our services in any capacity, whether for business or personal reasons.
Website(s): Any website(s) owned and operated by Revgensys Fintech Limited. This encompasses all our online platforms where we provide services and interact with users, ensuring a seamless experience across all digital touchpoints.
Revgensys, Txnbook, We, Us: Refers to Revgensys Fintech Limited and its affiliates, including all subsidiaries and associated companies.
Personal Data, Data: All non-anonymized data provided by customers or stakeholders. This includes any information that can be used to identify an individual, such as names, addresses, contact details, and financial information.
Sensitive Personal Data: Confidential personal information as defined by relevant regulations, including but not limited to, information about racial or ethnic origin, political opinions, religious beliefs, health data, and biometric data.

Data Collection:

We collect various types of information in connection with the services we provide, including:

• Information You Provide: This includes personal information such as your name, email address, phone number, and other contact details provided during registration or interaction with our services. We may also collect additional information that you voluntarily provide, such as feedback, survey responses, and other data you share during your interactions with our services. This information helps us personalize your experience and improve our services.
• Automatically Collected Information: We may collect information automatically through cookies, web beacons, and other technologies. This can include your IP address, browser type, device information, and usage data. These technologies help us understand how you interact with our services, enabling us to improve your experience and tailor our offerings to your preferences. For example, we use cookies to remember your preferences and provide you with a customized experience each time you visit our website.
• Third-Party Sources: We may receive information about you from third-party sources, such as partners and service providers, to enhance our services and for verification purposes. This information may include updated contact details, demographic information, and other relevant data to ensure the accuracy and completeness of our records. For example, we may receive updated address information from a partner to ensure that our records are accurate and up-to-date.

Use of Collected Information:

We use the information we collect for various purposes, including:

• To Provide and Improve Our Services: We use your information to deliver our services, process transactions, and improve our offerings. This includes personalizing your experience, addressing any issues you encounter, and continually enhancing our products and services based on your feedback. For example, we use your feedback to identify areas for improvement and make necessary adjustments to our services.
• To Communicate with You: We may use your information to send you updates, promotional materials, and other communications related to our services. These communications can include important notices about changes to our services, updates on new features, and information about special offers and promotions. We strive to keep you informed and engaged with our services through regular and relevant communication.
• For Advertising and Marketing: We use your data to personalize your experience and provide relevant advertisements and marketing materials. This involves analyzing your preferences and behaviors to deliver targeted content and advertisements that match your interests, thereby enhancing the relevance and effectiveness of our marketing efforts. For example, if you frequently use certain features of our app, we may send you notifications about related new features or promotions.
• For Customer Support: We use your information to provide customer support and respond to your inquiries. Our customer support team may access your data to resolve issues, answer questions, and provide assistance with our services, ensuring a smooth and satisfactory user experience. For example, if you contact our support team with a question about your account, we may access your account information to provide an accurate and helpful response.
• For Security and Compliance: We use your information to maintain the security of our services and to comply with legal obligations. This includes monitoring for fraudulent activities, protecting against unauthorized access, and ensuring that our practices comply with applicable laws and regulations. For example, we may use your data to investigate and prevent fraudulent activities or to comply with a legal request from a regulatory authority.

Disclosing Collected Information:

We may share your information in the following circumstances:

• With Subsidiaries and Affiliates: We may share your information with our subsidiaries and affiliates for business purposes. This allows us to provide you with integrated services and ensure consistency across all our business operations. For example, if you use multiple services offered by our subsidiaries, sharing your information allows us to provide a seamless and consistent experience across all those services.
• For Legal and Compliance Reasons: We may disclose your information to comply with legal obligations, respond to legal requests, and protect our rights and property. This includes cooperating with law enforcement agencies, regulatory authorities, and other governmental bodies as required by law. For example, if we receive a subpoena or a legal request for information, we may disclose your data to comply with the law.
• In Connection with Business Transfers: We may share or transfer your information in connection with a merger, sale, or other business transaction. In such cases, we will ensure that your data is treated with the same level of protection and respect as outlined in this Privacy Policy. For example, if our company is acquired by another entity, your data will be transferred to the new owner under the same terms and conditions as outlined in this policy.

Please note that for login purposes, we use services provided by Google and Apple only. Except for these login services, we do not use any other third-party services in our application. We are committed to ensuring that your data is handled with the utmost care and security in accordance with this Privacy Policy.

Security of Data:

We implement technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Data Encryption: We use encryption technologies to protect your data during transmission and storage, ensuring that your information remains secure and confidential at all times. For example, we use SSL/TLS encryption to secure data transmitted between your device and our servers.
• Access Controls: We implement strict access controls to ensure that only authorized personnel can access your data. This involves using authentication mechanisms, such as passwords and biometric verification, to prevent unauthorized access. For example, employees are required to use multi-factor authentication to access sensitive data systems.
• Regular Audits: We conduct regular security audits to identify and address potential vulnerabilities. These audits help us maintain a robust security posture and ensure that our data protection measures are effective and up-to-date. For example, we conduct penetration testing and vulnerability assessments to identify and mitigate security risks.
• Incident Response: We have procedures in place to respond to data breaches and other security incidents promptly. Our incident response team is trained to handle security breaches, minimize damage, and prevent future occurrences. For example, we have a detailed incident response plan that outlines the steps to take in the event of a data breach, including notifying affected individuals and regulatory authorities as required by law.

Your Rights and Choices:

You have certain rights regarding your data, including:

• Access and Correction: You have the right to access and correct your personal data. If you believe that any information we hold about you is inaccurate or incomplete, you can request that we update it to ensure its accuracy. For example, you can contact our customer support team to request access to your account information and make any necessary corrections.
• Deletion: You have the right to request the deletion of your personal data. If you no longer wish for us to process your information, you can request that we delete it from our systems, subject to any legal obligations that require us to retain certain data. For example, if you decide to close your account, you can request that we delete all your personal information from our records.
• Consent Withdrawal: You have the right to withdraw your consent for data processing. If you previously consented to the processing of your data, you can withdraw that consent at any time, and we will cease processing your information for the purposes you previously agreed to. For example, if you no longer wish to receive marketing communications from us, you can withdraw your consent by opting out of our marketing emails.
• Data Portability: You have the right to request a copy of your data in a portable format. This allows you to transfer your data to another service provider or use it for your own purposes in a structured, commonly used, and machine-readable format. For example, you can request a copy of your transaction history in a CSV format for your personal records.
• Objection and Restriction: You have the right to object to and request the restriction of data processing. If you believe that our processing of your data is not justified or that we are using it inappropriately, you can request that we stop or limit its use. For example, if you believe that we are processing your data for purposes that are not in line with this Privacy Policy, you can request that we stop processing your data for those purposes.

General Information:

We collect and process data based on user consent and legal obligations. Our platform is intended for users capable of forming legal contracts. For more information, please review the following sections:

• Data Retention: We retain your data only for as long as necessary to fulfill the purposes outlined in this policy. Once your data is no longer needed, we will securely delete or anonymize it to ensure your privacy is maintained. For example, we retain transaction records for a certain period to comply with legal and regulatory requirements, after which they are securely deleted.
• International Data Transfers: We may transfer your data to countries with different data protection laws, ensuring appropriate safeguards are in place. When transferring data internationally, we adhere to relevant legal requirements and take measures to protect your information, such as using standard contractual clauses and ensuring adequate data protection standards. For example, if we transfer your data to a service provider located in another country, we ensure that they comply with the same data protection standards as we do.
• Children's Privacy: Our services are not directed at children under 13, and we do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal information from a child under the age of 13, we will take steps to delete that information promptly. For example, if we discover that a child under 13 has created an account on our platform, we will delete the account and any associated personal data immediately.

Changes to this Privacy Policy:

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. We encourage you to review this policy periodically for any updates. Significant changes will be communicated to you through appropriate channels, such as email notifications or notices on our website. Your continued use of our services following the posting of changes to this policy will constitute your acceptance of those changes. For example, if we make significant changes to how we handle your data, we will notify you through email and provide a clear explanation of the changes and their impact on your privacy.