A. Introduction

Sadhan Wealth Private Limited (the ‘Company’) is committed to protection and preservation of personal information including sensitive personal data or information (‘Personal Data’) shared by any person and intends to ensure compliance with the provisions of the Information Technology Act, 2000 (‘Act’) and Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011. (‘Rules’). This Policy for protection, preservation and sharing Personal Data (‘Policy’) is an initiative by the Company in that direction. 

The Company has a zero-tolerance policy towards unauthorized sharing of Personal Data and any incident of unauthorized sharing of Personal Data shall be viewed as extremely serious misconduct under every policy/rule/regulation applicable, whether included in any Company policy/rules/regulations or by operation/implication of any contract or statute (“Service Rules”). No act of unauthorized sharing of Personal Data by any person, whether employed or not by the Company, even if engaged by clients or by suppliers or any other business associates and visitors shall be tolerated. Any complaint of unauthorized Personal Data sharing will be immediately investigated, and appropriate action will be initiated against whom the complaint is made. Such action depending on the nature and seriousness of the offence shall include strict disciplinary action and may also result in termination of service.

All employees including those on deputation, training, contract or temporary, part time or working as consultants or vendors or having any relations with the Company in any manner (“Authorised Person”) have a personal responsibility to ensure that their conduct is not contrary to this Policy. 

B. Applicability

This Policy is applicable to every Authorised Person who shares/receives Personal Data with/from the Company or any Authorised Person. All terms and conditions of this Policy including collection, disclosure/sharing, storage, etc of Personal Data are governed by the Act and Rules and or any replacements/additions that may become applicable/effective. In case any portion of this Policy becomes redundant or requires amendments due to any change in laws, then this Policy shall be interpreted in terms of the applicable laws until necessary amendments are made to it. 

C. Collection and sharing of Personal Data

For the purposes of this Policy, Personal Data of a person, besides other data/information deemed to be personal data/information also includes such personal information which consists of information relating to: 
(i) password; 
(ii) financial information such as Bank account or credit card or debit card or other payment instrument details;
(iii) physical, physiological and mental health condition; 
(iv) sexual orientation; 
(v) medical records and history; 
(vi) Biometric information; 
(vii) any detail relating to the above clauses as provided to body corporate for providing service; and 
(viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.

Since the Company is in the business of facilitating finance/financial products through its network of Authorised Persons duly authorized in this regard (“Network Partners”), the Company’s Authorised Persons may with the owner’s prior consent, collect any of the aforesaid Personal Data as required. The purpose is purely official for the purposes of the business of the Company, either for identification of the owner and/or also for compliances that may be mandatory such a KYC, etc. The owner’s Personal Data is collected, stored and shared only with concerned Network Partners that provide products/service that the owner is seeking. You may choose not to disclose or permit sharing of Personal Data with Network Partners, but this may impact your ability to make the best use of the Company’s services. 

D. Use of Personal Data

The Company and its Authorised Persons may use the Personal Data of its owner for:

1.    Maintenance of the owner’s profile with the Company;
2.    Identification of the owner as and when legally mandated;
3.    Legal compliances as mandated; and
4.    Disclosure to Network Partners for evaluation of the owner’s requirements for any products/services being offered.

Authorised Persons and Network Partners are permitted to use Personal Data disclosed by an owner only for the requisite business purposes. For the aforesaid purposes disclosure of Personal Data shall be strictly on a “need to know” basis. 

Any disclosure/sharing/use of personal data other than the purpose for which it has been disclosed is prohibited unless prior written consent of the owner has been procured. Breach of this strict condition shall render the offender personally liable and subject to disciplinary proceeding.

E. Storage & Retention of Personal Data

The Company stores/retains Personal Data only as long as an owner continues to have a profile/account with the Company and until such time that is mandatory under any legal obligations. The Company also applies “Reasonable Security Practices and Procedures” prescribed under the Rules for ensuring safety of all data stored including against data theft, hacking, etc. Every Network Partner relationship is established subject to a pre-condition that the Network Partner is also compliant in this regard. However, the Company relies on a representation/warranty/assurance given by the concerned Network and is not in a position to ensure compliance by such Network Partners. 
Despite every such effort by the Company, should anyone become aware of any unauthorized data access or theft, the Company upon being notified shall immediately take necessary action in rectification.

F. Grievance Redressal Officer

All grievances may be addressed to:
Rashmi Gokhale
Director, Sadhan Wealth Pvt. Ltd.
Email - rashmi@sadhanwealth.com

G. Construction of Policy Terms

The terms of this Policy are in addition to the Service Rules and any other terms and conditions that may be applicable to individual Authorised Persons. In case of any conflict of any term of this Policy with any other applicable Service Rules, the Company reserves the right at its sole discretion to resolve the conflict as it may deem fit. The Company shall periodically review the provisions of this Policy and its implementation (taking into account practical problems, if any, faced in the implementation of this Policy). 

The Company reserves the right to amend the provisions of this Policy, from time to time, as it deems fit, subject to the applicable laws.