Privacy Policy

Effective as on December 01, 2021

When you use the services of OneStack Solutions Private Limited, (“OneStack”), you trust us with your information. This privacy policy (“Privacy Policy”) is meant to help you understand what data OneStack collects, why we collect it and what we do with it. OneStack is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with domestic and international laws and regulations and this Privacy Policy. This Privacy Policy deals with details about the manner in which users’ data is collected, stored & used by us.

It is our advice to read and understand this Privacy Policy carefully. By downloading and/or using the OneStack application/ website/WAP site, it is considered to be an express consent to use & disclose Users personal information in accordance with this Privacy Policy. If you do not agree with the terms and conditions of our Privacy Policy, including in relation to the manner of collection or use of your information, please do not use or access the Site. ("our", "us", "we", " OneStack Website", “Website”, "One Stack", "One Stack's mobile applications") is committed to protect the Information provided to us by the users ("you", "your", "users"). Your use of One Stack's services or our interface is an express consent for the collection and use of your Information in accordance with the terms of this Privacy Policy

Note: OneStack may change its privacy policy at any time without prior notification. Users need to make sure that they are aware of any changes made in the privacy policy, kindly review the policy periodically. This Privacy Policy shall apply uniformly to OneStack applications, desktop website & mobile WAP site.

We take the privacy of our users seriously. We are committed to safeguarding the privacy of our users while providing a personalised and valuable service. In addition to this Privacy Policy, we have taken the following steps to further safeguard your privacy:

Information we collect
1. Traffic Data
When a user visits our website, we automatically track and collect the following categories of information:
  1. IP addresses;
  2. Domain servers;
  3. Types of web browsers used to access the Website;
  4. Referring source which may have sent you to the Website;
  5. Types of computers accessing the Website; and
  6. Other information associated with the interaction of your browser and the Website (collectively "Traffic Data").
2. Information you give to us
  1. In order for Users to access certain areas of the Website, OneStack may require Users to provide us with certain information ("Personal Information"). Personal Information may include the following information:
    1. Your full name, address, e-mail address, telephone number, date of birth and bank or payment card details and any proof of your identity and/or address that we may request;
    2. Details of any credit, debit or other card used by you for transactions;
    3. Details of any bank account (including but not limited to, account holder, account name, account number, sort code, online banking PIN, Transaction Authentication Number "TAN" and password, available balance and transaction history of your bank account), ITR, TAX certificates or any other income documents as necessary by us;
    4. Details of any transactions you carry out through our Website using your OneStack account and of the fulfilment of your requests;
    5. Your participation in any promotion sponsored by us;
    6. Correspondence that you send us;
    7. Information collected through cookies. Please see Cookies (Paragraph I) of this Privacy Policy for more details;
    8. Calls that we make to you or you make to us;
    9. Surveys that you complete through the Website or based on our request;
    10. Your IP address, log-in times, operating system and browser type; and
    11. Details of your visits to our Website including, but not limited to, Traffic Data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access whilst visiting our Website.

3. We will obtain information about you from third party agencies ("Third Party Information"), in order to fulfil our legal obligations to prevent fraud and money laundering which may include User financial history, court judgements and bankruptcies, from credit reference and fraud prevention agencies when you open a OneStack account. At any point when we feel it is necessary to prevent fraud and/or minimise our financial risks, theses Third Party Information may be accessed. Please refer to Paragraph 7 (Anti-Money Laundering Policy) of this Privacy Policy for further details.

Personal Information and Third-Party Information are collectively referred to as "Information".

4. Use and Storage of Information
  1. OneStack uses your Information for the following purposes:
    1. To operate and administer your OneStack account and to provide services that you have requested;
    2. To carry out your instructions to make and receive payments and undertake transactions using our services, including verifying that you have sufficient funds in your OneStack wallet to make such payments;
    3. Managing user registrations: If you have registered for an account with us, we process your Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service
    4. To allow you to participate in interactive features of the Website;
    5. To notify you about changes to our service(s);
    6. To improve our internal customer training,
    7. To comply with financial services regulations including retention of financial information and transactions;
    8. For financial and identity checks, fraud prevention checks, anti-money laundering and credit checks;
    9. For customer service, including answering questions and responding to feedback and complaints;
    10. Developing and improving our website and Services: We process your Data to analyze trends and to track your usage of and interactions with our website and Services to develop and improve our website and Services and provide our users with more relevant content and service offerings.
    11. To enhance the security of our services;
    12. To ensure that content on our Website is presented in the most effective manner for you and for your computer; and
    13. To provide you with information, products or services that you request from us or which we feel may interest you.
    14. To manage payments: If you have provided financial information to us, OneStack processes your Data to verify that information and to collect payments to the extent that doing so is necessary to complete the transaction and perform our contract with you
    15. To comply legal obligations: We process your Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Data or is necessary to protect against misuse or abuse of our websites, to protect personal property or safety, to pursue remedies available to us and limit our damages, to comply with judicial proceedings, court orders or legal processes or to respond to lawful requests.
  2. Retention of Data.
    1. OneStack is required to retain certain records for a period of at least 5 (five) years after closure of your OneStack account under applicable laws, which will include Users personal data, such as, User’s name, contact details, Users number and transaction history, etc. ("Retained Data"). Other than the Retained Data, all Personal Information will be deleted and destroyed by OneStack database that we hold about you when Users (or One Stack) terminate their OneStack account. OneStack does not store Users online banking login PIN, TAN and/or password.
  3. Please note that OneStack will not store your credit card information.
  4. Please note that OneStack will never ask Users to disclose their personal or security details by e-mail. If you receive any e-mail purportedly from OneStack requesting for your personal or security details, please do not respond to it ("Such E-mail"). Please forward any Such E-mail to [email protected] and thereafter delete the e-mail immediately.
5. Disclosure of Information
  1. OneStack does not disclose your Information to any third parties other than the Website's affiliates and the following:
    1. the police, other lawful enforcement body, regulatory body or court if we are under a duty or required by law to disclose or share your personal data, or to protect the rights, property, or safety of ourselves or our group companies, our customers, or others;
    2. a prospective buyer of our business or a buyer of a substantial number of the shares in our business;
    3. third parties where you have expressed an interest in receiving information about their goods and services;
    4. Financial institutions with whom we partner to jointly provide better services, facilities or products to you. These financial institutions may only use your information for providing to you their services and market OneStack related products without requiring your further consent;
    5. We may also disclose your personal information to any third party with your prior consent.
    6. third parties who referred you to us initially and to whom we owe a commission payment as a result of the referral. Where the commission payment is based on transaction volumes, numbers or types of transactions, we may share that information with that third party, but we will not disclose the full details of each of your transactions without your further written consent; and
    7. third parties we may occasionally use to provide you with the services that you have requested. We require these third parties to not use your personal information for any other purpose.
  2. Users Information is also used in aggregate form (so that individual user is not identified):
    1. To build up marketing profiles;
    2. To aid strategic development;
    3. To audit usage of the Website; and
  3. OneStack reserves the rights to disclose Information if required to do so by law or if we believe that it is necessary to do so to protect and defend the rights, property or personal safety of the Website, or its Users.
6. Fraud and Credit Agencies.
When a User opens a OneStack account, at intervals of up to every 3 (three) months and at any other time we feel it is necessary to do so to protect our financial interests and prevent money-laundering or fraud, we share certain information about Users and their OneStack account, financial history and transactions as part of our normal business operations with banks, payment facilitator partners, credit/debit card processing services, identity verification service providers and credit reference agencies (including, but not limited to) to identify and verify users, to limit our exposure to fraud and other criminal activities and to manage our financial risk. OneStack can provide the Users with a list of the credit reference agencies we use upon their written request to [email protected]. When conducting identification or fraud prevention checks, the relevant parties may retain a record of our query along with your information and may share this information with other fraud prevention agencies. If Users want to know what information these companies hold about them, Users can write to them to request access to their information.
7. Anti-Money Laundering Policy
In compliance with anti-money laundering laws of various jurisdictions we reserved the rights to report suspicious transactions to federal, state, provincial or local authorities and law enforcement agencies within those respective jurisdictions. In exchange for us permitting Users to participate in, use and access OneStack Website and services User hereby grants us the right to report any transactions which we deem suspicious, as determined solely by OneStack acting in its sole discretion. Examples of a suspicious transaction includes but are not limited to, use of funds suspected to be derived from illegal activities, any suspected intention to conceal or disguise funds derived from illegal activities, or suspicion that the involvement of our Website and services is in any manner intended to facilitate criminal activity. If for any reason we are of the belief or become aware of any transaction which we deem suspicious in nature, we may without prior notice or explanation to you take the following actions, which are in addition to all other rights and remedies available to us under this Privacy Policy, at law or in equity:
  1. report such transaction to the applicable central, state, provincial or local authorities and law enforcement agencies;
  2. de-activate or terminate your OneStack account forthwith;
  3. withhold any funds held in your OneStack wallet; and/or
  4. restrict you from registering a OneStack account on or with our Website or any of our affiliated websites.
8. Communications
  1. We may contact you via the e-mail address and phone number registered with your OneStack account. You may also receive system-generated transactional e-mails such as confirmations, notification of receipt of payments, notification of password changes etc. which are necessary for the proper operation and administration of your OneStack account. You expressly consent to receive such communications from us, irrespective of whether your phone number is registered on the National Do Not Call Registry.
  2. As a OneStack account holder, you will occasionally receive information by e-mail from us, unless you have expressly chosen not to receive such communication, about products, services and special deals which we think will be of interest to you via our newsletter. You can change whether or not you receive newsletters from us. However please note that you will still receive communication regarding your OneStack account such as transactional e-mails or other notifications affecting the operation of your OneStack account or our legal relationship.
9. Phishing
  1. Phishing is the name given to attempts to steal personal details and financial account details from a website user. "Phishers" use fake or "spoof" emails to lead users to counterfeit websites where the user is tricked into entering their personal details, such as credit card numbers, user names and passwords.
  2. If you receive such an e-mail or are asked for your password by anyone claiming to work for us, please forward the e-mail or report the incident by e-mail to [email protected]
10. Links to Our Website and to Other Websites
  1. Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own terms of use and privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. Please also note that the products and services offered on these websites may be limited to persons located or residing in only that particular jurisdiction. In addition, the content on these linked websites may not be intended for persons located or residing in jurisdictions that restrict the distribution of such content.
  2. Our Website also includes social media features, such as the Facebook Like button and widgets, such as the "Share this" button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our Website, and may set a Cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing it.
  3. You must always obtain the prior written approval of OneStack before creating a hyperlink in any form from a third-party website to any webpage on the OneStack Website. OneStack may or may not give such approval at its absolute discretion. In normal circumstances, we may only approve a hyperlink which displays plainly our name or website address. Any use or display of our logos, trade names and trademarks as a hyperlink will not be approved unless in very exceptional circumstances and may be subject to a fee as OneStack may determine at its absolute discretion. OneStack is not responsible for the setup of any hyperlink from a third-party website to any OneStack website. Any links so set up shall not constitute any form of co-operation with, or endorsement by, OneStack of such third-party website. Any link to our website shall always be an active and direct link to our website and shall be made directly to the home or front page of our website only and no "framing" or "deep-linking" of any webpage of our Website or content is allowed. Please mail at [email protected] if you wish to create a hyperlink to any page of our Website on a third party website.
11. Cookies and other tracking technologies
  1. "Cookies" are small computer files that are transferred to Users computer's hard drive that contain information such as user ID, user preferences, lists of pages visited and activities conducted while browsing the Website. At your option, expense and responsibility, you may block cookies or delete cookies from your hard drive. However, by disabling cookies, you may not have access to the entire set of features of the Website.
  2. We use various technologies to collect and store information when you use a OneStack services, and this may include using cookies or other tracking technologies (including web beacons, email pixels and script-based trackers) to identify your browser or device (“Website Navigational Information”). Website Navigational Information allow web applications to respond to you as an individual.
  3. We may use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs.
  4. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
  5. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, if Users use their browser settings to block all Cookies (including Strictly Necessary and/or Compliance Cookies, as described above) they may not be able to access all or parts of OneStack Website
  6. In limited circumstances we also may use "Web Beacons" to collect anonymous, non-Information about your use of our Website and the websites of selected sponsors and advertisers, and your use of e-mails, special promotions or newsletters we send to you. Web Beacons are tiny graphic image files imbedded in a web page or email that provide a presence on the web page or e-mail and send back to its home server information from the user's browser. The information collected by web beacons allows us to statistically monitor how many people are using the Website and selected sponsors' and advertisers' websites, or opening our e-mails, and for what purposes.
  7. We may use third party website analytics services in connection with the Website. These website analytics services do not collect information that you do not voluntarily enter into the Website. These services do not track your browsing habits across websites which do not use their services. We are using the information collected from these services to find usability problems to make the Website easier to use. The recordings will never identify you or your account.
12. Security Checks, Review and Releases
To maintain a high level of security, we reserve the right to conduct a security review at any time to validate your identity, verify your financial transactions and further document your consent to this Agreement. To facilitate these security checks, you agree to provide such identification or other information or documentation as we, in our sole and unfettered discretion, deem necessary. If you fail to comply with any security request, we reserve the right to void your OneStack account. You will be notified of such verification request by e-mail or telephone and your OneStack account balances will be forfeited if you fail to provide us with such requested documentation and information within the time period reasonably specified by us. Such request for documentation and information may include a sworn affidavit of identity and eligibility, release of liability in favour of us and publicity authorization.
13. User Choice
You may choose not to provide us with any Information while accessing the Website. In such an event, you can still access much of the Website; however, you will not be able to access and use those portions of the Website that require your Information.
14. Confidentiality and Security
Except as otherwise provided in this Privacy Policy, we will keep your Information private and will not share it with third parties, unless we believe in good faith that disclosure of your Information or any other information, we collect about you is necessary to:
  1. comply with a court order or other legal process;
  2. Protect the rights, property or safety of OneStack or another party.
  3. You give consent to OneStack to collect KYC documents from PSUs and Government agencies on your behalf.
  4. Enforce our Terms of Use
  5. Respond to claims that any posting or other content violates the rights of third parties.
15. Public Information
Any information that you may reveal in a review posting or other online discussion or forum is intentionally open to the public and is not in any way private. You should think carefully before disclosing any personally identifiable information in any public forum. What you have written may be seen and/or collected by third parties and may be used by others in ways we are unable to control or predict.
16. Security
  1. We are committed to ensuring that your Information is secure. To prevent unauthorised access or disclosure of Information we have physical, electronic and managerial procedures in place to keep your information safe. Once logged into your OneStack account, all internet communication is secured using Transport Layer Security (TLS) technology and the connection is encrypted and authenticated using AES 128bit encryption key and uses Elliptic Curve Diffie-Hellman Key Exchange (ECDHE) RSA as a key exchange mechanism.
  2. However, this high level of protection can only be effective if you follow certain security practices yourself. You must never share your OneStack account or login details with anyone. If you are concerned that any of your login details have been compromised, you can change them any time once you are logged on but you should always also immediately contact customer services at [email protected] and tell us why you think your login details have been compromised. Please read our [Terms and Conditions] for further information on how to keep your OneStack account safe.
  3. Although OneStack makes good faith efforts to store Information in a secure operating environment that is not open to the public, Users should understand that there is no such thing as complete security, and OneStack do not guarantee that there will be no unintended disclosures of your Information. If OneStack become aware that your Information has been disclosed in a manner not in accordance with this Privacy Policy, we will use reasonable efforts to notify you of the nature and extent of the disclosure (to the extent we know that information) as soon as reasonably possible and as permitted by law.
17. Updates and Changes to Privacy Policy
OneStack reserves the right to change this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements and other factors. If we do, we will update the “effective date” at the top of this Privacy Policy. We encourage you to periodically review this Privacy Policy to stay informed about our collection, processing and sharing of your personal information.
18. Users Rights
Users have a legal right to a copy of any Information about them which is held by OneStack in their database. They also have a right to correct any errors in that Information. As mentioned above, Users have a right to request that OneStack cease to use your Information for direct marketing purposes.
Withdrawal of Consent: Subject to legal and contractual requirements, you can refuse to consent to our collection, use or disclosure of information about you, or you may withdraw your consent to our further collection, use or disclosure of information at any time in the future by giving us a notice on [email protected]
19. Liability
  1. OneStack makes no claims, promises or guarantees regarding the accuracy, entirety, or adequacy of the contents of this Website and expressly disclaims liability for errors and omissions in the contents of this Website.
  2. Reference in this Website to any specific commercial products, processes, or services, or the use of any trade, firm or corporation name is for the information and convenience of the public, and does not constitute endorsement, recommendation, or favouring by One Stack.
  3. Our services are provided “as is”, and we cannot guarantee that it will always be safe and secure or will work perfectly all the time. To the extent permitted by law, we also disclaim all warranties of any kind, implied, expressed or statutory, including but not limited to the warranties of non-infringement of third-party rights, title, merchantability, fitness for a particular purpose and freedom from computer virus, is given with respect to the contents of the Website or its hyperlinks to other internet resources.
  4. One Stack Private Limited and our affiliates, directors, officers, stockholders, employees, licensors, suppliers and agents will not be liable for any indirect, incidental, special, consequential, punitive, or multiple damages, or any loss of data, use, goodwill or other intangible losses, resulting from (a) Your use/inability to use of the App or services, (b) Your access or inability to access the App or services (c) conduct or content of other users or third parties on or through the App (d) unauthorised access, use or alteration of Your content.
  5. The contents of this website are under copyright and/or trademark of their original author(s) unless otherwise noted on the page itself.
20. Governing Law
Unless otherwise required by a mandatory law, the terms of this Privacy Policy are subject to the laws of India. Any dispute arising under or in relation to this Privacy Policy shall be resolved in, and the sole and exclusive jurisdiction shall be of, a competent court located in India, and each of the parties hereby submits irrevocably to the jurisdiction of such courts.
21. Contacting us
Question about this Privacy Policy or the information practices of our website and Services should be directed to our privacy team by emailing us at [email protected].
Grievance Officer: Our Grievance Officer as per Rule 5(9) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 is Ms. Megha Farmaha, and can be reached at [email protected]