(A Digital Management Solution for the Employee Credit Cooperative Society)
This Privacy Policy describes how the [Software Name] (referred to as "the Software") processes, collects, uses, discloses, and protects the personal data of the members and users of the [Name of Employee Credit Cooperative Society] (referred to as "the Society").
The Society, as the owner and data fiduciary for the information entered into the Software, is committed to protecting the privacy of its members in compliance with applicable Indian laws, including the Information Technology Act, 2000, the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and the Digital Personal Data Protection Act, 2023 (as and when it comes into effect), in addition to the rules and bye-laws of the Society.
This policy applies to all Personal Data and Sensitive Personal Data or Information (SPDI) collected and processed through the Software for the functioning of the Employee Credit Cooperative Society, which is registered under the West Bengal Co-operative Societies Act, 2006.
We collect and process personal data that is necessary for the proper functioning of the Society, including the management of share capital, deposits, loans, and other schemes as mandated by the Society’s bye-laws and relevant Co-operative laws.
The data is processed solely for the following specific and lawful purposes:
By becoming a member of the Society and/or using the Software, the member/user acknowledges and consents to the collection, storage, and processing of their Personal Data and SPDI for the purposes outlined in this Policy, as a necessity for availing of the Society's services. Where required by law, especially for processing SPDI, the Society shall obtain specific, clear, and informed consent. Members have the right to withdraw their consent at any time by contacting the designated Grievance Officer, provided such withdrawal does not prevent the Society from fulfilling its legal obligations or the terms of any contract (e.g., loan agreements).
We will not sell, trade, or rent your Personal Data or SPDI to third parties for commercial purposes. Data may be shared only under the following limited circumstances:
| Recipient | Purpose of Disclosure | Legal Basis |
| Employer/DDO | To generate and submit recovery sheets for the monthly deduction of loan instalments, share capital, or other dues from the member's salary as per the authorisation/agreement with the member (Section 59 of the West Bengal Co-operative Societies Act, 2006). | Lawful Contract/Legal Obligation |
| Financing Bank | To share financial health and member eligibility details with the financing bank (e.g., West Bengal State Co-operative Bank Ltd.) for credit facility or audit purposes. | Legal/Statutory Compliance |
| Statutory Authorities | Disclosure to the Registrar of Cooperative Societies, auditors, courts, government agencies, or law enforcement as mandated by law or a valid legal process. | Legal Obligation |
| Software Service Provider | The software vendor (developer) may have limited, controlled access to the data for the sole purpose of maintenance, technical support, and system upgrades. They are bound by strict confidentiality and data processing agreements. | Contractual Obligation |
The Society, as the data fiduciary, implements "reasonable security practices and procedures" as required under the IT SPDI Rules, 2011, to protect Personal Data and SPDI from unauthorised access, disclosure, alteration, or destruction.
We will retain your Personal Data and SPDI only for as long as necessary to fulfil the purposes for which it was collected, including for the purpose of satisfying any legal, accounting, or reporting requirements under the Co-operative Act and other financial regulations. Upon cessation of membership and after all legal and contractual obligations are met, the data will be securely disposed of or anonymised, subject to the Society’s data retention policy.
As a data principal, you have the right to: