1. Purpose and Scope

1.1   Agya Technologies Private Limited (operating with the brand name 'Setu AA'), a company incorporated under the Companies Act, 2013 and having its registered office at Third Floor, No. 2/1, Embassy Icon Annexe, Infantry Road, Bangalore Urban - 560001. (“Agya”, “we”) is a Non-Banking Financial Company Account Aggregator (“NBFC-AA”), licensed by the Reserve Bank of India (“RBI”). We are licensed to perform financial aggregation services (“Services”) on the request of a registered user (“you”) accessing this website (“the Website”) and our application, Setu AA. (“Application”) (operated by Agya Technologies).

1.2  Agya is licensed to fetch, aggregate and process data received from one or more Financial Information Providers (“FIPs”) with your explicit consent and share this data with Financial Information Users (“FIUs”).

1.3  This Citizen’s Charter (hereafter referred to as “Charter”) maintains transparency with its Users. The Charter provides for the rights of Users and ensures that Company shall provide Services in consonance with guidelines laid down by the RBI from time to time. This Charter represents our ongoing efforts to focus on the commitment of the Company towards our Users in respect of service standard, non-discrimination, accessibility, grievance redressal etc.

1.4   This Charter is published in accordance with the provisions of the Non-Banking Financial Company - Account Aggregator (Reserve Bank) Directions, 2016 that require publishing a Citizen’s Charter on the Website and Application of the Company. Agya is committed to the protection of the rights of its Users and will on a best efforts basis endeavour to address any and all grievances at the earliest possible juncture.

2. Our Principles

2.1  Agya shall provide Services to a User based on the User’s explicit consent.

2.2  Agya shall ensure that it has entered into appropriate User agreements with Agya, the User and the FIPs and FIUs to provide Services to the Users.

2.3  Agya shall undertake business as per the guidelines issued by the RBI and other applicable from time to time.

2.4  Agya shall not retain any financial information of the User.

2.5  Agya shall not use the services of a third-party service provider for undertaking the business of account aggregator.

2.6  Agya shall ensure that User credentials (like passwords, PINs, private keys), which may be used for authenticating Users by the FIPs shall not be stored, accessed or requested by us.

2.7  Agya shall not access, transfer, share or retrieve information or User data that it may come to acquire from/ on behalf of a User without the explicit consent of the User.

2.8  Agya shall ensure that User’s consent is undertaken in line with the guidelines issued by the RBI from time to time.

2.9  Agya shall provide a functionality available to the Users to revoke their consent for accessing information that is rendered accessible by a consent artefact.

2.10  Agya shall ensure that in the event of any difference in the position of financial information in the statement generated by/from Agya and the records of the FIP, the position as reflected in the records of the FIP shall be considered as correct.

2.11  Agya shall ensure that the Users are treated fairly at all times. Agya shall ensure that the Information Technology (“IT”) infrastructure of the Company adheres to relevant laws and regulations in letter and spirit. The Company shall adopt the required IT framework and interfaces to ensure encrypted data flows from the FIPs to our own systems and onwards to the FIUs. Further, we shall adopt adequate safeguards in the IT systems to ensure that the information provided and stored is protected against unauthorised access, alteration, destruction, disclosure or dissemination of records and data.

2.12  Agya shall ensure that complaints raised by Users will be dealt with courtesy and in a timely manner.

2.13  The Company shall ensure appropriate measures to be taken to prevent loss of data due to disasters or any such natural calamities, and thereby strive to adopt an effective disaster risk management/business continuity plan.

2.14  The Company shall ensure that information system audit of the internal systems and processes to be in place and to be conducted at least once every two years by CISA certified external auditors.

3. Citizen's Rights

3.1   Provision of Services: Agya undertakes that the Services will be provided in compliance with applicable laws as amended from time to time. Agya will at all times comply with applicable laws in relation to consumer protection, data protection, intermediary guidelines, and all regulations as may be notified by the RBI.

3.2   Collection of Information: Your personal information will be collected, processed and transferred with your explicit consent as recorded in the consent artefact (as detailed in the Privacy Policy).

3.3   Non-use of information: Agya will never sell, rent, trade or otherwise commercialise your personal information. Your financial information is not stored by us or decrypted by us at any time.

3.4   Rights in relation to Sensitive Personal Information: Please refer to our Privacy Policy for details on exercising your rights in relation to your sensitive personal information.

3.5  Consent: Agya will at all times honour your requests to revoke, pause and cancel your consent. You will have the right to modify the contents, duration and classes of data contained in your consent. Agya will ensure that such requests are addressed in real time and without undue delay.

3.6  Security: We use industry leading solutions around anti-virus, anti-malware, intrusion prevention systems, intrusion detection systems, file integrity monitoring, application control, application and audit log aggregation, and automated patching. We also implement robust security procedures to protect customer information. In the event you may notice any breach of security in relation to your information, you have the right to report this to us at support@agya.co, and appeal to the Reserve Bank of India in the event such support is unsatisfactory.

3.7  Logs: You will have the right to review the logs of requests, consent and revocations made by you through the Application.

3.8  Feedback or Queries: We are always open to feedback on the improvement of the Services and customer experience. Please reach out to us at support@agya.co for any suggestions or queries regarding the rights specified under this charter.

3.9   Rights against FIPs or FIUs: Please refer to the terms and conditions or the respective policies of your approved FIPs and FIUs prior to sharing your consent for transfer of information between them. Any rights against FIPs or FIUs must be exercised against these entities. Agya will provide reasonable assistance to you on a case to case basis, in the event any assistance is required from us.

3.10   Right to fair treatment: Agya shall not discriminate between Users on the basis of gender, age, religion, caste, and physical ability while providing its Services.

3.11   Right of transparent, fair and honest dealing: Agya shall provide Users with clear information about its Services, terms and conditions, and service charges in simple and easily understandable language, and with sufficient information so that the User could be reasonably expected to make an appropriate choice to register with the Company.

3.12   Right to privacy: Any and all personal information provided by the Users to the Agya shall be kept confidential. The Company shall disclose only such information, that is required by the law or only after the User has given explicit consent for disclosing such information.

3.13   Right to grievance redressal and compensation: Agya is responsible for all the Services offered by it and Users shall have the right to easy and simple grievance redressal systems.

4. User's Obligations

4.1   The User must ensure that all the information submitted to Agya is true and authentic.

4.2   The User must carefully read all the terms and conditions of Agya for obtaining any Service, with the necessity to identify any fees or any other liabilities or obligations laid down on the User.

4.3   The User must provide correct information as and when required by the law.

4.4   The User must immediately inform Agya of any unauthorized transaction/activity made on his/her account.

4.5  The User must comply with the procedures for submitting a complaint, including the grievance redressal measures.

4.6  The User must be cautious and vigilant in maintaining the confidentiality of the information provided to the Company and must ensure the data security and privacy of his/her any information relevant to transactions/activities with the Company. Further, the User shall not disclose such information to any third party in order to safeguard the User’s own interest.

5. Availability of the Charter

5.1 The Charter is placed on Agya’s Website.

5.2 The User can ask for a copy of the Charter by placing a request at legal@agya.co