How we use your Personal Data

Information voluntarily provided by the Subscriber

We collect and process the Personal Data provided by You when You enter information through the , such as chat, posting messages in comment sections or in our forums, liking posts, sending feedback, responding to surveys, submitting queries and blogs, accept the terms of use of the Website, contact us for help or otherwise enter information on the Website before or during its use. When entering information on the Website, as appropriate.

As an Authorized Dealer II regulated by the Reserve Bank of India (RBI), we are committed to ensuring the highest standards of customer data protection, privacy, and regulatory compliance. In accordance with applicable RBI guidelines, we have established clear policy guidelines governing the collection, storage, usage, retention, and protection of customer data. These guidelines are outlined below and are made prominently available on our website to promote transparency and enable customers to make informed decisions regarding their personal data.

Type of Data Collected and Stored

We collect and store only such customer data as is necessary for the purpose of fulfilling our legal, regulatory, and operational obligations. This may include, but is not limited to:

• Personal identification details (e.g., name, address, date of birth, PAN/ Aadhaar/ Passport)
• Contact information (e.g., phone number, email address)
• Financial and transactional data
• KYC and AML-related documentation
• Communication and correspondence records

The types of data collected are clearly defined at the point of data capture and are strictly limited to what is necessary for the services being provided and for compliance with applicable laws.

By voluntarily providing us with your Personal Data, You hereby give us your consent to use such Personal Data in accordance with this Privacy Policy. You can always choose not to provide the Personal Data, even though it might be needed to access the Website. In such cases, if any information required is classified as mandatory, you may not be able to avail part or whole of the Website services.

Purpose Limitation and Usage Restrictions

Customer data is collected for specified, lawful purposes and is used solely for:

• Provision of our financial products and services
• Compliance with regulatory and legal obligations (including KYC/ AML requirements)
• Customer support and communication
• Internal audit and risk management
• Fraud prevention and security monitoring

We do not use customer data for any purpose that is not explicitly disclosed or permitted under applicable law. We do not sell or share customer data with third parties for marketing or unrelated commercial purposes without explicit consent, unless required by law.

Data Retention Policy

Customer data is retained only for as long as is necessary to fulfil the purposes outlined above or as mandated under applicable legal or regulatory requirements. Upon the expiry of the retention period, or when the data is no longer required, it is securely disposed of in accordance with our data destruction protocols.

Data Destruction Protocol

We follow standardized, secure data destruction practices to ensure that personal data is permanently and irreversibly deleted or anonymized, as applicable. This applies to both physical and electronic records and is conducted in compliance with RBI norms and industry best practices.

Data Security and Breach Handling

We have implemented robust administrative, technical, and physical safeguards to protect customer data from unauthorized access, alteration, disclosure, or destruction. These include:

• Encryption and secure storage protocols
• Role-based access controls
• Regular security audits and assessments
• Incident detection and response systems

In the event of a data breach, we follow a defined incident management framework which includes immediate containment, impact assessment, mitigation, notification to affected individuals (where required), and regulatory reporting in line with RBI directives.

Public Disclosure and Policy Availability

These data protection and storage policy guidelines are made prominently available on our official website to ensure complete transparency. We encourage all customers to review this section periodically to stay informed about how their data is managed and protected.

Automatically Collected Information

We may also process certain other data, such as device ID, device make/model, IP address, browser type, operating system, page views, website navigation, timing and frequency of use of the Website, marketing preferences, etc. when you use the Website. We use this information purely for analytics and research purposes, in order to improve the visibility of our Website, and to ensure the security of the Website.

Cookies

Cookies are small files transferred to the hard drive of your device that enable us to recognize your browser and capture and remember certain information. They are also used to help us understand your preferences based on previous or current activity on the Website, which allows us to improve our Website. We also use cookies to help us compile aggregated and anonymized data about the traffic on the Website so that we can offer better experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

How do we Protect your Information

We take the safety of your Personal Data and its confidentiality very seriously and we provide reasonable security safeguards commensurate to the sensitivity of the Personal Data being handled and have implemented security practices including but not limited to technical, operational and physical safeguards to protect your information. We implement a variety of security measures when a User enters, submits, or accesses their information to maintain the safety of your Personal Data.

The Website is scanned on a regular basis for any known vulnerabilities in order to make your use as safe as possible.

We endeavour to ensure to the best of our ability that all third-party service providers whose services which we may use, maintain security standards that are equivalent to our security standards and commensurate with market practices, in the context of the kind and nature of Personal Data being stored or handled.

Disclosures to third parties

We do not sell/ trade/ publish or otherwise transfer your Personal Data to outside parties, unless we provide you with advance notice and obtain your prior consent to do so.

This abovesaid does not include our trusted service providers, including without limitation, our hosting partners, who assist us in operating the Website, conducting our business, or serving our clients; so long as they agree to keep this information confidential and do not have any independent use of the information that is being shared with them strictly for business purposes. You hereby give us your consent to transfer your Personal Data to our trusted service providers.

We may share your information with our affiliates, in which case those affiliates would be required to honour this Privacy Policy.

Though we endeavor to provide secured and robust security for your Personal Data, no security system can prevent all potential security breaches which can happen inadvertently.

We may also release certain limited information when it is required to be released in order to comply with the law, enforce our policies, or protect ours or others' rights, property or safety, investigate fraud or respond to a government/ law enforcement agency request.

We may share your information in connection with a substantial corporate transaction, such as mergers, acquisition, the sale of our business, a divestiture, consolidation, or asset sale, or in the unlikely event of bankruptcy.

Limitation of Liability

Notwithstanding anything contained in this Privacy Policy or elsewhere, we shall not be held responsible and indemnified for any loss, damage or misuse of the information provided or collected from the User.

The Website may include links to other websites (other than the websites of our affiliates) whose privacy practices/ policies may differ from ours. We do not provide any Personal Data to such third-party websites. If you submit your Personal Data to any of those sites, your information will be governed by their privacy policies/ statements. We encourage you to read the privacy statement of any website you visit before sharing your personal details. We shall not be liable for any loss, damage, claim or expenses suffered by you as a result of accessing these third-party sites and features.

Policy Review

We reserve the right to change or update this policy with immediate effect, at any time, by replacing this policy with the revised policy on our Website.

Governing Law and Jurisdiction

The terms of this Privacy Policy are governed by and shall be interpreted in accordance with the laws of India, without regard to the choice or conflicts of law provisions of any jurisdiction. In the event of any dispute arising between us on one hand and the User and/ or any third party on the other hand, in relation to the terms of this Privacy Policy, whether in contract or tort or otherwise, such User and/ or third party hereby agrees to submit to the jurisdiction of the courts located at , India for the resolution of all such disputes.