Terms and Conditions of LSP
✆ Customer Helpline - 080-68455777   📧 Existing Customer - [email protected]   📧 New Sales Enquiries - [email protected]

Terms and Conditions of LSP

Varthana Terms and Conditions & Privacy Policy

The web-based application, operating under the proprietary brand name “Sparsh” (including all subsequent versions, updates, and releases), is owned and operated exclusively by Varthana Finance Private Limited (“Varthana”). Varthana is a Non-Banking Financial Company (NBFC) duly registered with the Reserve Bank of India (RBI) as a Non-Deposit taking entity. The registered office of Varthana is situated at No. 5BC – 110, Varasiddhi, 3rd Floor, Service Road, Outer Ring Road, 3rd Block, HRBR Layout, Bengaluru, Karnataka – 560043.

Scope of Service and Platform Access Varthana utilizes "Sparsh" as a specialized digital interface to facilitate financial assistance to Educational Institutions and eligible Borrowers on behalf of Lending Partners.The services offered through Sparsh encompass the processing, disbursement, and management of both Secured and Unsecured Credit Facilities. This platform is made available for use via web browsers on mobile and desktop devices, subject to the terms and conditions set forth in this instrument.

Definition of Parties For the purposes of these Terms of Service, any individual or entity accessing or utilizing the Sparsh application shall be collectively referred to as the “User,” “Applicant,” “Co-applicant,” or “Customer.” By accessing the platform, the User acknowledges Varthana’s sole and absolute ownership of the Sparsh software and agrees to be bound by the regulatory frameworks governing NBFC operations in India.

To access the Services, users must adhere to and comply with the Guidelines available on the Company's website, www.varthana.com ("Website"). By using "Sparsh," you, the user, confirm your acceptance of these Terms of Use ("Sparsh Terms"). If you do not agree to these "Sparsh Terms," you must cease its use immediately. These "Sparsh Terms" must be reviewed in conjunction with our Privacy Policy.

General Terms:

To use the Varthana web application, you must be at least 18 years old and a resident of India. The purpose of the web application is to enable users to obtain a Student Loan credit facility ("Credit Facility") from Varthana. It functions by automatically tracking, organizing, and analyzing your transaction information (as defined in these Terms) to present various credit products.

By using the web application, you consent to Varthana and/or the web application sharing your transaction Information with its Affiliates and the Company. Varthana grants you a non-exclusive, non-transferable, revocable license to use the web application solely for your personal use. All other rights in the “Sparsh” are reserved by Varthana. This license will be revoked in the event of your breach of these web application Terms.

Consent for Data Collection and Confidentiality Protocols

1. Authorization for Data Collection The User hereby grants explicit and irrevocable consent to Varthana to collect, aggregate, and process Personal and Financial Information deemed necessary for assessing the creditworthiness and risk profile of the Applicant or Co-Applicant. Such collection is strictly limited to data relevant to the conduct of Varthana’s business operations and the facilitation of credit facilities on behalf of the designated Lending Partner.

2. Principles of Confidentiality and Non-Disclosure Varthana warrants that all Personal Information, financial records, and demographic data pertaining to the User/Customer shall be treated as strictly private and confidential. Varthana covenants that it shall not divulge, sell, or trade such information to any unauthorized third party or organization, except under the following circumstances:

  • Lending Partner Integration: The transfer of data to the specific Lending Partner for the purpose of loan appraisal and disbursement.
  • Regulatory Mandate: Disclosure necessitated by law, or as requested by Government Authorities, including but not limited to the Reserve Bank of India (RBI) or statutory regulators.
  • Credit Reporting: Submission of data to Credit Information Companies (CICs) as mandated under the Credit Information Companies (Regulation) Act, 2005.
  • Explicit Authorization: Where the User has provided specific, informed consent for information sharing to evaluate eligibility for ancillary financial products.

3. Third-Party Service Standards In the event Varthana engages third-party vendors for specialized support services, such engagement shall be subject to stringent Data Protection Agreements. Varthana shall ensure that all such third parties are contractually bound to maintain a degree of confidentiality and data security equivalent to the standards upheld by Varthana and as required under the Information Technology Act, 2000.

To align this with the RBI Digital Lending Guidelines (2022/2025), it is essential to clarify that while Varthana may own the "Sparsh" platform, the data is often processed to facilitate loans from a Regulated Entity (RE) or "Lending Partner."

Here is the refined, legalized version that explicitly mentions the Lending Partner as the primary recipient and beneficiary of the consent.

Purpose-Linked Consent for Lending Partners

1. Primary Consent for Credit Facilitation The User(s) hereby acknowledge and agree that the collection of Personal and Financial Data is undertaken primarily for the benefit of the Lending Partner (the Regulated Entity or Bank/NBFC providing the capital). The User(s) grant explicit consent to Varthana to:

  • Data Transmission: Securely transfer all collected Data, including KYC documents and financial statements, to the Lending Partner for the purpose of credit appraisal, underwriting, and loan sanctioning.
  • Verification on behalf of Partner: Conduct due diligence, residency checks, and employment verifications as an authorized agent/Lending Service Provider (LSP) acting on behalf of the Lending Partner.

2. Direct Authorization for Lending Partner Operations The User(s) specifically authorize the Lending Partner and its authorized representatives to:

  • Independent Assessment: Use the shared Data to conduct independent risk analysis, fraud detection, and anti-money laundering (AML) checks.
  • Credit Bureau Reporting: Report the User’s repayment behavior and loan performance to Credit Information Companies (CICs) in the Lending Partner’s capacity as the primary lender.
  • Direct Communication: Contact the User(s) directly or through Varthana for matters concerning the loan agreement, repayment reminders, or regulatory disclosures.

3. Acknowledgement of LSP Role The User(s) understand that Varthana acts as a Lending Service Provider (LSP) or a facilitator. Consequently, the User(s) provide their informed consent for the sharing of Data between Varthana and the Lending Partner as a necessary prerequisite for the performance of the loan contract.

4. Survival of Consent for the Lending Partner This consent shall remain valid and binding for the entire duration of the relationship between the User and the Lending Partner. Even in the event of the termination of the User's access to the "Sparsh" application, the Lending Partner shall retain the right to process Data to the extent required for the recovery of dues, legal proceedings, and statutory reporting.

A comprehensive and updated list of our Regulated Lending Partners is available at https://varthana.com/student/lsp/

Privacy Policy:

1. Scope and Regulatory Framework This Privacy Policy (“Policy”) governs the collection, storage, processing, and protection of Personal Data and Sensitive Personal Data or Information (collectively, “Personal Information”) acquired from users in the course of providing financial services. This Policy is prepared and executed in strict compliance with the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“IT Rules”). Furthermore, this instrument incorporates the mandatory disclosure requirements and data protection standards prescribed under the Reserve Bank of India (RBI) Guidelines on Digital Lending, dated September 2, 2022 (“DLG Guidelines”), as amended from time to time.

2. Acceptance and Informed Consent By accessing this platform, utilizing the services provided, or voluntarily submitting Personal Information, the User hereby acknowledges having read and understood the terms herein. The User provides their explicit and informed consent for the Company to collect, retain, process, and transfer such information. This authorization extends to the sharing of Personal Information with regulated lending entities, strategic partners, and third-party service providers, strictly for the purposes of credit assessment, loan servicing, and regulatory compliance as detailed in this Policy. The User acknowledges that such data processing is a necessary prerequisite for the delivery of the services requested. We reserve the right to change this Policy without prior notice. We encourage you to regularly review this policy to ensure that you are aware of any changes and how your personal data may be used.

3. Regulatory Segregation and Applicability The User acknowledges that the “Sparsh” facilitates diverse service offerings, only a subset of which constitutes "Digital Lending" as defined under the RBI Guidelines on Digital Lending (2022) (“DLG Guidelines”). The specific restrictive covenants and data protection obligations set forth in this Section shall apply exclusively to Digital Lending transactions facilitated by the Company and Varthana. For all non-lending activities, the general provisions of this Privacy Policy shall remain operative.

4. Data Minimization and Storage Restrictions In strict adherence to the DLG Guidelines, the Company and Varthana warrant that they, and any engaged Lending Service Providers (LSPs), shall not store the Personal Information of borrowers beyond the "Basic Minimal Data" essential for operational requirements (e.g., name, verified address, and contact credentials). Comprehensive data harvesting is expressly prohibited; the Company shall maintain only such records as are necessary for loan servicing, statutory audits, and regulatory compliance.

5. Restricted Hardware Access Access to the User’s mobile device hardware—including but not limited to the camera, microphone, and geolocation services—shall be restricted to a "One-Time Access" basis. Such access is permitted solely for the purpose of completing Know Your Customer (KYC) protocols and digital onboarding for services provided by Varthana. The “Sparsh” is prohibited from persistent monitoring or unauthorized access to files, media, or contact lists. Each instance of hardware access is subject to the User’s explicit, granular, and affirmative consent.

Data Collection:

1. Categorization of Information (Rule 3, IT RSP Rules) In accordance with Rule 3 of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, Varthana shall collect and process the following categories of data on behalf of Lending Partner

  • Sensitive Personal Data or Information (SPDI): This includes, but is not limited to, account login credentials (passwords, security questions), financial documents (bank statements, income proof), and biometric data where applicable for KYC.
  • Personal Contact & KYC Information: Full name, verified address, government-issued identifiers, academic records of the borrower, and financial profiles of co-borrowers.
  • Demographic & Geolocation Data: Age, gender, and precise location data (only if enabled by the User). Geolocation processing includes IP address tracking and country-of-access verification.
  • Authentication Data: User imagery (photographs) for identity cross-verification and fraud prevention.

2. Restrictions on Mobile Resource Access In strict compliance with the RBI Digital Lending Directions, 2025, the "Sparsh" platform expressly covenants the following:

  • Prohibited Access: Varthana and the “Sparsh” shall desist from accessing sensitive mobile resources, including contact lists, call logs, telephony functions, and private files/media galleries.
  • Restricted One-Time Access: Access to the camera, microphone, and location services is limited to a "One-Time Basis" solely for the purpose of onboarding and fulfilling Know Your Customer (KYC) requirements. Such access is subject to explicit, granular consent which may be revoked by the User at any time.

3. Data Sovereignty and Localization All Personal and Sensitive Data collected shall be stored exclusively on servers located within the territory of India. Varthana ensures that its data residency protocols comply with all statutory obligations and regulatory instructions issued by the RBI and the Ministry of Electronics and Information Technology (MeitY).

4. Storage of Biometric Data Varthana shall not store or collect biometric data unless such activity is expressly permitted under applicable law (e.g., Aadhaar Act) and is conducted in full compliance with the security standards prescribed under the IT RSP Rules.

5. User Rights: Consent, Deletion, and Revocation The User is vested with the following rights regarding their data:

  • Right to Deny/Revoke: The option to grant or deny consent for specific data points at the time of collection or revoke existing consent.
  • Right to Be Forgotten: The right to request the deletion or "forgetting" of personal data, subject to statutory retention requirements for loan recovery and regulatory audits.
  • Consequences of Withdrawal: If consent is withdrawn or restricted, Varthana reserves the right to modify or terminate the provision of services for which such information was fundamentally required.

Withdrawal of Consent

1. Exercise of the Right to Withdraw The User (Data Principal) maintains the absolute right to withdraw consent for the processing of their Personal Information at any time. To exercise this right, the User must submit a formal request to the Customer Care Team via the contact details mentioned on the website and as well to the “ RE ( regulated entity) whereas the service is already availed.

2. Consequences of Withdrawal Upon receipt and satisfactory verification of a withdrawal request, Varthana shall:

  • Cessation of Processing: Cease all further processing of the User’s data for the purposes for which consent was originally sought.
  • Termination of Service: If the information withdrawn is fundamental to the operation of the "Sparsh" platform or the loan application, Varthana reserves the right to immediately suspend or terminate the provision of such Services.
  • Legacy Processing: The withdrawal of consent shall not affect the legality of any data processing undertaken prior to the date of withdrawal.

Date Deletion:

The user must submit a formal request to the Varthana care team with valid and acceptable reasons for the data deletion. If the loans are active, then such requests shall not be considered.

Engagement of Third-Party Service Providers

1. Purpose and Scope of Engagement The Company may, from time to time, engage reputable third-party entities and specialized individuals (“Service Providers”) to facilitate the seamless delivery of its services. Such engagements are limited to:

  • Operational Facilitation: Enhancing and maintaining the Sparsh’s infrastructure.
  • Service Delegation: Executing specific functions or services on behalf of the Company and Varthana.
  • Ancillary Support: Providing specialized service-related assistance, including but not limited to credit verification and technical support.
  • Analytical Insights: Assisting the Company in the evaluation and optimization of user engagement and service performance.

2. Access to Personal Information and Strict Confidentiality Users are hereby informed that these Service Providers may be granted access to Personal Information solely to the extent necessary to perform the specific tasks assigned to them under a formal mandate. Such access is governed by strict Confidentiality Agreements and data processing contracts.

3. Restrictive Covenants In compliance with applicable data protection laws and the DLG Guidelines, all Service Providers are legally and contractually obligated to:

  • Prohibit the disclosure of Personal Information to any unauthorized party.
  • Refrain from utilizing the data for any purpose other than the specific task assigned by the Company.
  • Implement robust security measures to prevent data breaches or unauthorized processing.