Please Read this Policy Carefully Before Using the Platform:

In order to provide our users (“you”, “your”) with the best quality services, we need to access and retain

certain information about you. The collection, handling, retention, and deletion of such information we

gather from you is governed by this Privacy Policy (“Policy”) as detailed below. This Policy refers to,

incorporates, and includes our Terms of Service available at https://triotech.co.in/terms. We may revise

this Policy as well as update our services and the Platform from time to time, so please keep visiting

this page regularly to take notice of any changes we make. If you do not agree with any part of this

Policy, please stop using our services immediately.

This Policy is an electronic record under the Information Technology Act, 2000 and the rules made

thereunder. This Policy is generated by a computer system and does not require any physical, electronic,

or digital signature.

The capitalized words used in this Policy and not defined shall have the meaning given to such words

in the Terms of Use.

1. NAME AND CONTACT INFORMATION:

The “FamApp by Trio” mobile platform/website (“Platform”) is hosted by Tri O Tech

Solutions Private Limited, a licensed pre-paid payments issuer incorporated under the laws of

India, having its registered office at 5th floor, Punj Essen House, 17-18, Nehru Place, New

Delhi, Delhi 110019 (“Triotech”), which issues the pre-paid payment instruments

(“Wallet(s)”) to you (which you can use through the Platform) (being referred to as “Data

Controller”). This Policy is a binding agreement. Throughout this document, we use the terms

“we”, “us” and “our” to refer to the Data Controller and the terms “you” and “your” to refer

to you, the user of the Platform.

2. WHAT DATA DO WE COLLECT:

2.1 We collect the information and data you provide only to ensure that we can provide you our

services in the best manner possible. We wish to keep such collection and usage of data as

transparent as possible. We have detailed the types of data we collect for your perusal below.

2.2 In order to create and maintain the Wallet Accounts, the following types of data may be

collected by the Data Controller and/or affiliate entities and the same constitutes “Wallet

Account Data”. The Data Controller will have the right to use the Account Data in accordance

with the terms of this Policy; it may share parts of this data with any third party from time to

time.

Sr. No.

Means of

Gathering Data

Data Collected

Data you input

while signing up

and using our

services.

User profile data: This includes your name, phone

number, login name, profile picture (if any), and

birthdate, email address, nick name etc.

Demographic data: This includes your age, gender,

income, occupation, school/ college details and address

(including city), country of origin etc.

Address Book Contacts: This includes the names and

contact information from your address book to facilitate

invitations, social interactions and payments/transfers

to your contacts through our Platform and for other

purposes described in this Policy.

SMS data: This includes your messages/ SMS details.

Feedback data and other data: This includes the data that

you actively put into the Platform including without

limitation:

a. User feedback;

b. If you call our call centres, we may record calls

for quality and training purposes;

c. Details of customer support chat;

d. Documents and details shared in the customer

support chat;

e. Data you input when you participate in our

referral programs. For example, when a user

refers another person, we receive the referred

person’s personal data from that user;

f. Account users who request services for, or on

behalf of other users, or who enable such users

to request or receive services through their

accounts.

g. Other documents and details like PAN card

details etc.

Data we collect

from your usage

of our services

a. Geolocation data: We collect the location data

from your mobile device if enabled by you to

do so. We may also collect this data when our

Platform is running in the background of your

mobile device. You will not be able to use

critical and essential features of the Platform if

you disable the location services.

b. Usage data: The Data Controller collects data

about how you interact with our services. This

includes data such as access dates and times,

Platform features or pages viewed, Platform

crashes and other system activity, type of

browser, and third-party sites or services used

before interacting with our services.

c. Device data: We may collect data about the

devices used to access our services, including

the hardware models, device IP address,

operating systems and versions, software,

preferred languages, unique device identifiers,

advertising identifiers, serial numbers, device

motion data, and mobile network data.

d. Cookies: We also collect information through

the use of “cookies”, tracking pixels, and

similar technologies to understand how you

navigate through the Platform to learn your

preferences. Cookies are small text files that

web servers place on your device; they are

designed to store basic information and to help

websites and apps recognize your browser. We

may use both session cookies and persistent

cookies. A session cookie disappears after you

close your browser. A persistent cookie remains

after you close your browser and may be

accessed every time you use the Platform.

Information we

receive from other

sources

We may also be working closely with third

parties (including, for example, business

partners, technical sub-contractors, analytics

providers, search information providers) and

may receive information about you from such

sources. Such data may be shared internally and

combined with data collected on this Platform.

2.3 We may collect from you, data associated with your usage of your Wallet, such as your Wallet

transaction history, data in relation to you applying for and/or availing any services in relation

to the Wallet, loads, transfers and spends made using the Wallet, KYC data (including your

Passport, Visa, PAN, Aadhaar data etc.,), balances, payment details, for effecting transfer of

funds through various payment channels provided by us. Collectively this data will be referred

to as “Wallet Data”. We will have the right to use the Wallet Data in accordance with the terms

of this Policy.

2.4 In addition to the above, we may also ask you to provide certain additional information about

yourself on a case-to-case basis including your live photo which may be utilised by us for the

purpose of completing your KYC.

3. HOW AND WHY DO WE USE YOUR DATA?

3.1 Your data will be used for the fulfilment of the services and developing and enabling new

features. We have detailed the manner in which we use the collected data below:

3.2

Sr. No.

Reason of Use

Manner of Use

Enabling our

services and

updating our

Platform features

We use the data collected to personalize, maintain, and

improve our services. This includes using the data to:

a. Create and update Wallet Accounts.

b. Enable Wallet and other services.

c. Enable features to personalize your Wallet Account.

d. Enable social features.

e. Perform internal operations necessary to provide our

services, including to troubleshoot software bugs

and operational problems; to conduct data analysis,

testing, and research; and to monitor and analyze

usage and activity trends

For enabling

customer support

We use the information to provide customer support,

including to resolve your concerns arising from the use

of the services, and train our customer service

executives.

For research and

development

We may use the data collected for research, analysis,

and product development to improve the UI/UX

experience, all of which will ultimately improve how

you experience the Platform. This also helps us develop

automated actions to be triggered in certain events, such

as when we need to implement dynamic pricing,

detecting fraud, account termination, amongst other

things.

Enabling

communication

between users

We may allow you to share your Wallet transactions

with your friends (other Platform users in your phone

contact list) through the Platform.

For marketing and

outreach

We may use the data we collect to market the Platform

and our services. This includes sharing your feedback,

ratings, screen names and photograph (if any) for purely

promotional and marketing purposes. Such promotion

and marketing may be done via hoardings, banners,

pamphlets, online advertising etc.

Automated

decisions

We may use the data so collected to develop automated

decision-making capabilities.

Legal compliance

and requirements

We may use the data we collect to investigate or address

claims or disputes relating to the use of our services, or

as otherwise allowed by Applicable Law, or as

requested by regulators, government entities, and

official inquiries

4. HOW DO WE SHARE THE COLLECTED INFORMATION?

4.1 The information we collect is shared only on a need basis, i.e., we do not sell your data to any

third parties for profit. However, we may enter into data-sharing agreements or disclose the

collected data to third parties in order to provide the services to you. We have detailed the

manner in which we share the collected data below:

4.2

Sr. No.

Person Shared

With

Purpose for Sharing

Sharing with third

parties.

a. API and integration partners: If your connection to

the Platform is enabled through an integration with a

third-party service, we may share information about

your use of the Platform with that third-party. We

may share your information with our third-party

partners in order to receive additional information

about you. We may also share your information with

third-party partners to create offers that may be of

interest to you.

b. Service Providers: We work with third-party service

providers to perform services on our behalf, and we

may share your information with such service

providers to help us provide our Services through the

Platform.

c. Third-party services: The Platform may allow you to

connect with other websites, products, or services

that we do not have any control over. However,

usage of such third-party services is subject to their

privacy policies and not within our control. We

recommend that you have a look at their privacy

policies before agreeing to use their services.

d. Subsidiaries and holding companies: We share your

data with our subsidiaries and affiliates to help us

provide our services or conduct data processing on

our behalf.

e. Change in control: While negotiating or in relation

to a change of corporate control such as a

restructuring, merger, or sale of our assets, we may

have to disclose our databases and information we

have stored in the course of our operations.

f. Where appropriate to the context, the third parties

that we share or make available your personal data

are bound by contractual obligations to keep such

personal data confidential and use it only for the

purposes for which we disclose it to them and also

maintain at minimum the same level of data

protection that is adhered to by us.

Sharing with law

enforcement

when needed

If any governmental authority or law enforcement

officers request or require any information and we

think disclosure is required or appropriate in order to

comply with laws, regulations, or a legal process.

5. HOW IS PAYMENT DATA HANDLED?

5.1 We may provide the functionality to load your Wallet through debit card, credit card or any

other payment mode and collect data in relation to such loading of your Wallet through these

payment modes (“Payment Data”) in accordance with applicable law. The information

regarding your Payment Data may be stored once you make the first payment by the card/other

payment mode and is protected against unauthorized access. For this purpose, a certified

payment provider is used whose systems meet the applicable security standards, such as for

example PCI-DSS (Payment Card Industry – Data Security Standard). The Payment Data is

stored by the contracted PCI-DSS-certified payment provider for recurring transactions. We do

not, ourselves, store your Payment Data and if we ever do, it will be only in abbreviated form

for analysis purposes or to prevent fraud and will be stored in accordance with the Applicable

Laws

5.2 In order to ensure that the debit/credit card/other payment mode is used by the legitimate owner

and to prevent cases of fraud, the Payment Data and card information is transferred to one or

more external payment security services. This transfer may also include additional personal

data. The external payment security services may process personal data on our behalf.

6. WHAT ARE YOUR RIGHTS TO CONTROL THE DATA?

6.1 It is important for us that you remain in control of your data. You alone are the owner and

manipulator of your data, and you shall have the right to restrict our usage of the data in the

manner provided below. You should also remain informed of your rights with regards to the

use of your data and information by us. Your rights with regards to your data are listed below.

Sr. No.

Your Right

Scope of Right

Right to confirmation

You have the right to obtain a confirmation from

us as to whether your personal data (your name,

housing address, age, credit card information,

amongst other data) is being processed.

Right to rectification

In the event that any personal data provided by

you is inaccurate, you shall have the right to

provide us with the accurate data and have us

rectify such data at our end immediately.

Right to erasure

You have the right to demand us to erase your

personal data without undue delay and we will

do so without undue delay, provided that the

data is no longer required by us.

However, rest assured that we will delete your

personal data from our databases as soon as the

legal basis for processing such personal data

lapses. Do note that multiple legal basis for

processing your personal data may exist in

parallel and we may still have to retain some of

your personal data at any time

We may, however, reserve the right to retain and

store your personal information for our business

purposes, whether such personal information

has been deleted or not. After a period of time,

your data may be anonymised and aggregated

and then may be held by us as long as necessary,

to enable purchases of products and provision of

services or for analytics purposes.

Right to the restriction of

data processing

You have the right to require us to restrict the

usage of data when the use of such data may be

illegal or when such data is inaccurate.

Right to withdraw consent

You have the option, at any time while availing

our Services or otherwise, to withdraw your

consent given to us for processing your data. In

case of withdrawal of your consent, we reserve

the option not to provide the Services for which

such information was sought. For withdrawing

your consent, you may send an email to us at

[email protected]. Your withdrawal will

become effective upon the receipt of an

acknowledgment by you from us

Right to opt-out

Marketing opt-outs: You may opt out of

receiving promotional emails from us by

writing to us at [email protected]. You

may also opt out of receiving emails and other

messages from us by following the unsubscribe

instructions in those messages. However, even

if you have opted out of receiving information

from us, we will still send non-promotional

communications.

Push notifications: You can opt out of receiving

push notifications through your device settings.

Please note that opting out of receiving push

notifications may impact your use of the

Platform.

Location Information: While you can prevent

your device from sharing location information

at any time through its operating system

settings, sharing such location is core to how the

Platform works and without it we cannot

provide our services accurately to you.

7. WHAT ARE OUR DATA SECURITY PRACTICES?

7.1 We process your Personal Information with consent. By using our Platform or services and/or

by providing your Personal Information, you consent to the processing of your Personal

Information by the Data Controller in accordance with this Privacy Policy. If you disclose to us

any Personal Information relating to other people, you represent that you have the authority to

do so and permit us to use the information in accordance with this Privacy Policy

7.2 We use appropriate technical and organizational security measures to ensure a level of

protection to your personal data which is commensurate to the risk, taking into account state of

the art technologies, implementation costs and the nature, scope, context and purposes of

processing as well as the risk of likelihood and the degree of risk. The transfer of personal data

between your end device and us is generally carried out in an encrypted form (TLS encryption).

You can identify an encrypted connection by the lock symbol in the address line of your

browser. If you communicate with us by email, access by third parties cannot be ruled out. In

the case of confidential information, we recommend using encrypted email communication

(PGP).

7.3 This Policy and the security measures and practices implemented by us to protect your

information shall be the reasonable security practices and procedures under section 43A of the

Information Technology Act, 2000.

8. CHILDREN’S PRIVACY:

8.1 We take the privacy of minors very seriously. Please make sure that you as the parent who

accepts these terms of this Policy on behalf of the minor, supervise the types of data that the

minor shares with us. To make sure data shared by minors is safe, we may (from time to time)

integrate new mechanisms and safeguards on our Platform.

9. COMMUNICATIONS FROM US:

We may from time to time send you service-related announcements when we consider it

necessary to do so (such as when we temporarily suspend the Platform for maintenance, or

security, privacy, or administrative-related communications). We send these to you via SMS or

email, as we deem fit.

10. LINKS TO OTHER THIRD – PARTY SITES AND COLLECTION OF

INFORMATION:

10.1 Our Platform may provide links to other third - party Platforms (“Third – Party Sites”) that

may collect your personal information including your IP address, browser specification, or

operating system. We are not in any manner responsible for the security of such information or

their privacy practices or content of those Third – Party Sites. Additionally, you may also

encounter “cookies” or other similar devices on certain pages of the Third – Party Sites and it

is hereby clarified that we do not control the use of cookies by these Third – Party Sites. These

third-party service providers and Third-Party Sites may have their own privacy policies

governing the storage and retention of your information that you may be subject to. This Policy

does not govern any information provided to, stored on, or used by these third-party providers

and Third-Party Sites. We recommend that when you enter a Third-Party Site, you review the

Third-Party Site’s privacy policy as it relates to safeguarding of your information. You agree

and acknowledge that we are not liable for the information published in search results or by any

Third-Party Sites.

11. PUBLIC POSTS:

11.1 You may provide your feedback, reviews, testimonials, etc. on the Platform on your use of the

services provided by us (“Posts”). Any content or information and Posts that you share or

upload on the publicly viewable portion of the Platform (on discussion boards, in messages and

chat areas, etc.) will be publicly available, and can be viewed by other users. Your Posts shall

have to comply with the conditions as mentioned in the Terms. Data Controller retains an

unconditional right to remove and delete any Post or such part of the Post that, in its opinion,

does not comply with the conditions in the Terms. Data Controller reserves the right to use,

reproduce and share your Posts for any purpose. If you delete your Posts from the Platform,

copies of such Posts may remain viewable in archived pages, or such Posts may have been

copied or stored by other users.

12. UPDATES TO THIS POLICY:

12.1 We may occasionally update this Policy. Use of our services after an update constitutes consent

to the updated Policy to the extent permitted by law. If we make significant changes, we will

notify you of such changes in advance. Please take the time to periodically review this Policy

for the latest information on our privacy practices.

13. GRIEVANCE OFFICER:

13.1 We have appointed a grievance officer to address your concerns regarding data safety, privacy

with regard to your Wallet Account. You may contact the Grievance Officer at:

Name: Ritwick Bhaduri

Office hours: 12 noon to 7 PM.

Email address: support@triotech.co.in

13.2 If your grievance is not resolved to your satisfaction, you may escalate the grievance to -

Name: Saransh Agarwal

Office hours: 12 noon to 7 PM.

Email address: grievanceofficer@triotech.co.in