2.1 Personal Information

• Identity Data: Name, date of birth, gender, photographs
• Contact Data: Address, phone numbers, email addresses
• Financial Data: Income details, investment history, bank account information
• Identity Documents: PAN, Aadhaar, passport, driving license copies

2.2 Investment Information

• Risk profile and investment preferences
• Portfolio holdings and transaction history
• Tax information and compliance documents
• Insurance policy details and claims history

2.3 Technical Information

• Website Usage: IP address, browser type, device information
• Cookies: Website preferences and session management
• Analytics: Page views, click patterns, time spent on site

2.4 Communication Records

• Email correspondence and chat logs
• Phone call recordings (with consent)
• Meeting notes and consultation records

3.1 Service Delivery

• Process investment transactions and insurance applications
• Provide personalized financial advice and recommendations
• Conduct risk assessment and suitability analysis
• Facilitate KYC compliance and regulatory requirements

3.2 Communication

• Send transaction confirmations and account statements
• Provide market updates and investment insights
• Respond to inquiries and provide customer support
• Send service-related notifications and alerts

3.3 Legal and Compliance

• Comply with regulatory requirements (SEBI, IRDAI, etc.)
• Prevent fraud and money laundering
• Maintain audit trails and regulatory reporting
• Resolve disputes and legal proceedings

3.4 Business Improvement

• Analyze website usage to improve user experience
• Develop new products and services
• Conduct market research and client surveys
• Enhance security measures and risk management

4.1 Authorized Disclosures

• Regulatory Bodies: SEBI, IRDAI, RBI, and other authorities as required
• Service Providers: Fund houses, insurance companies, registrars, and depositories
• Technology Partners: Platform providers, payment processors (under strict confidentiality)
• Professional Advisors: Auditors, lawyers, and consultants bound by confidentiality

4.2 Legal Requirements

• Court orders, subpoenas, or legal process
• Regulatory investigations and compliance audits
• Prevention of fraud and illegal activities
• Protection of our rights and property

4.3 Business Transfers

Information may be transferred in case of merger, acquisition, or sale of business assets, subject to confidentiality obligations.

5.1 Technical Safeguards

• Encryption: SSL/TLS encryption for data transmission
• Access Controls: Multi-factor authentication and role-based access
• Firewall Protection: Network security and intrusion detection
• Regular Backups: Secure data backup and recovery procedures

5.2 Administrative Safeguards

• Staff Training: Regular privacy and security training
• Access Limitation: Need-to-know basis for information access
• Vendor Management: Due diligence on third-party service providers
• Incident Response: Procedures for data breach management

5.3 Physical Safeguards

• Secure office premises with access controls
• Locked storage for physical documents
• Secure disposal of sensitive documents
• CCTV monitoring of critical areas

6.1 Types of Cookies Used

• Essential Cookies: Required for website functionality
• Performance Cookies: Analytics and website optimization
• Functional Cookies: Enhanced user experience features
• Marketing Cookies: Targeted advertising (with consent)

6.2 Cookie Management

• Users can manage cookie preferences through browser settings
• Disabling cookies may affect website functionality
• Third-party cookies are governed by respective privacy policies

7.1 Fund Houses and AMCs

• Data sharing for investment processing and reporting
• Subject to fund houses' privacy policies
• Limited to transaction-related information

7.2 Insurance Companies

• Policy processing and claims management
• Underwriting and risk assessment
• Governed by insurance companies' privacy terms

7.3 Technology Providers

• Payment Gateways: Secure transaction processing
• Analytics Tools: Website performance monitoring
• CRM Systems: Client relationship management
• All providers bound by data protection agreements

8.1 Access and Correction

• Request access to your personal information
• Correct inaccurate or incomplete information
• Update your contact preferences and communication settings

8.2 Data Portability

• Request transfer of your data to another service provider
• Receive data in structured, commonly used format
• Subject to technical feasibility and regulatory requirements

8.3 Deletion and Retention

• Request deletion of personal information (subject to legal requirements)
• Data retained as required by regulations and business needs
• Secure disposal after retention period expires

9.1 Regulatory Compliance

• Compliance with Information Technology Act, 2000
• Adherence to SEBI and IRDAI data protection guidelines
• Following RBI data localization requirements

9.2 International Standards

• Implementation of globally recognized security standards
• Regular security audits and assessments
• Continuous improvement of privacy practices